I have a S23 Ultra (SM-S918W) with a one SIM tray. I am currently using a physical SIM card.
I have been fortifying all of my accounts, etc against identity theft. Not getting crazy on it, but if it costs nothing and is not very hard to do, then I do it. For example, sign into my phone is an unguessable password that nobody would possibly guess in 20 attempts, and it is set to reset the phone after 20 failed attempts. Easy to do and costs nothing.
In the news I see more and more frequent stories about SIM card swaps resulting in stolen accounts. I can swap to an eSIM for free with my carrier so it is easy to do and costs nothing which fits my criteria.
As I understand it, eSIM is not transferable to another device, and must be re-issued each time you want to swap devices. So far the eSIM option meets my criteria of reducing identity theft risk, being easy to do, and is not costly.
My question is what happens if the locked phone is stolen with the eSIM. So my questions are:
After 20 attempts it wipes the phone - but does it erase the eSIM also, or after wiping is it still connected to my phone number and phone account?
If they decide to wipe the phone manually by powering up with the correct buttons pressed, will it also wipe the eSIM or give the option to keep it? So what is to stop the thief from stealing phone, wiping the locked phone, and then has access to my phone number for two step verifications?
If the phone is stolen and I go online into my Samsung account and send the command to wipe the phone, will it also wipe the eSIM? This does seem to be the best option if it allows me to erase the eSIM as part of erasing the phone.
Obviously, if my phone is stolen, the first thing I would do is contact my provider to remove it from my account. But that option might be difficult to do in some circumstances.
Thank you. I look forward to the knowledgable replies to my 3 questions, and any other information you think I should know.
Thank you for reaching out with your security concerns regarding eSIM on your Galaxy S23 Ultra. We appreciate your proactive approach to protecting your data and accounts.
Yes, if your device is set to automatically factory reset after 20 failed unlock attempts, this will completely erase all data, including your eSIM profile. After the reset, the eSIM will need to be reactivated through your carrier before it can be used again.
A manual factory reset via Recovery Mode (Power + Volume Up) will not automatically erase the eSIM profile unless your carrier or Samsung security settings require reactivation. However, after a reset:
If Factory Reset Protection (FRP) is enabled, the device will still require your Google account login to be set up again, preventing unauthorized access.
The thief cannot simply use your eSIM on another device without your carrier credentials.
If you use Find My Mobile > Erase Device, it completely wipes the phone, including the eSIM profile. This is the best option in case of theft, as it ensures the phone is no longer connected to your number.
Additional Recommendations:
Enable "Reactivation Lock" in Find My Mobile to prevent unauthorized setup after a reset. Use a carrier PIN for eSIM activation (if your carrier supports it) to prevent unauthorized SIM swaps. Set up "Remote Lock" and "Track Location" via Find My Mobile to secure your device in case of loss or theft.
If your device is ever stolen, we strongly recommend contacting your carrier immediately to disable your eSIM and prevent unauthorized access to your phone number.
Thank you for reaching out with your security concerns regarding eSIM on your Galaxy S23 Ultra. We appreciate your proactive approach to protecting your data and accounts.
Yes, if your device is set to automatically factory reset after 20 failed unlock attempts, this will completely erase all data, including your eSIM profile. After the reset, the eSIM will need to be reactivated through your carrier before it can be used again.
A manual factory reset via Recovery Mode (Power + Volume Up) will not automatically erase the eSIM profile unless your carrier or Samsung security settings require reactivation. However, after a reset:
If Factory Reset Protection (FRP) is enabled, the device will still require your Google account login to be set up again, preventing unauthorized access.
The thief cannot simply use your eSIM on another device without your carrier credentials.
If you use Find My Mobile > Erase Device, it completely wipes the phone, including the eSIM profile. This is the best option in case of theft, as it ensures the phone is no longer connected to your number.
Additional Recommendations:
Enable "Reactivation Lock" in Find My Mobile to prevent unauthorized setup after a reset. Use a carrier PIN for eSIM activation (if your carrier supports it) to prevent unauthorized SIM swaps. Set up "Remote Lock" and "Track Location" via Find My Mobile to secure your device in case of loss or theft.
If your device is ever stolen, we strongly recommend contacting your carrier immediately to disable your eSIM and prevent unauthorized access to your phone number.
Glad this question was asked and throughly answered.
This now moves me to make an official request as I've started using eSIM on my Galaxy S23 since january!
Please has the bootloader NOT wipe the eSIM for security tracking purposes or the option to password protect the bootloader by the end user or even better secure the eSIM in KNOX so that it remains present and available until devic is unlocked ans by end user removed OR removed via FindMy Device from Samsungs servers.
Relying on other similar model Galaxy devices within Bluetooth or wifi range for locating a stolen device isn't always the best or most hopefully solution ans in North ans South America and in thr UK, mobile networks can locate devices within 5 meters!
