Everyone knows that OTA (over the air) access to SIM cards exists for decades, and that somehow authenticated APDUs can be sent via SMS.
But let's look at the OTA architecture in more detail:
* OTA transport (SCP80) over SMS, USSD, CellBroadcast, CAT-TP, BIP
* The *new* SCP81 transport (HTTPS via TLS-PSK)
* how to address individal applications on the card via their TAR
* common applications like RFM and RAM
* custom applications on the card
* OTA in the world of eUICCs
* talking to the ECASD
* talking to the ISD-R
* talking to the ISD-P/MNO-SD or applications therein