A SIM card can initiate some communication with a mobile device with so called "proactive commands" (chapter 6 of http://www.etsi.org/deliver/etsi_gts/11/1114/05.04.00_60/gsmts_1114v050400p.pdf). Using these commands, SIM card applet can request the OS for current system time or sending SMS to a specified number and much more.
Question:
Is there any OS protection in Android or iOS of these proactive commands? Is it possible for an attacker to create an application, which hijacks the SIM-Phone communication and provides the SIM card with incorrect data? Is there any "firewall" that ensures that the OS is the only entity allowed to communicate with SIM over proactive commands?
EDIT : I have found a patent for secure proactive commands (http://www.google.com/patents/US8744406), but I do not have a clue if some UICC vendor uses it in the real world.
UPDATE: Could I use Android Access Control Enforcer as such a firewall for Android (https://code.google.com/p/seek-for-android/wiki/AccessControlIntroduction)?