diff --git a/telephony/common/com/android/internal/telephony/TelephonyPermissions.java b/telephony/common/com/android/internal/telephony/TelephonyPermissions.java
index 515d329adf2e7..48a5ab6d204b1 100644
--- a/telephony/common/com/android/internal/telephony/TelephonyPermissions.java
+++ b/telephony/common/com/android/internal/telephony/TelephonyPermissions.java
@@ -405,6 +405,10 @@ public final class TelephonyPermissions {
      */
     public static boolean checkCallingOrSelfUseIccAuthWithDeviceIdentifier(Context context,
             String callingPackage, String callingFeatureId, String message) {
+        // The implementation follows PermissionChecker.checkAppOpPermission, but it cannot be
+        // used directly: because it uses noteProxyOpNoThrow which requires the phone process
+        // having the permission, which doesn't make sense since phone process is the ower of
+        // data/action.
         // Cannot perform appop check if the calling package is null
         if (callingPackage == null) {
             return false;
@@ -413,7 +417,17 @@ public final class TelephonyPermissions {
         AppOpsManager appOps = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE);
         int opMode = appOps.noteOpNoThrow(AppOpsManager.OPSTR_USE_ICC_AUTH_WITH_DEVICE_IDENTIFIER,
                 callingUid, callingPackage, callingFeatureId, message);
-        return opMode == AppOpsManager.MODE_ALLOWED;
+        switch (opMode) {
+            case AppOpsManager.MODE_ALLOWED:
+            case AppOpsManager.MODE_FOREGROUND:
+                return true;
+            case AppOpsManager.MODE_DEFAULT:
+                return context.checkCallingOrSelfPermission(
+                            Manifest.permission.USE_ICC_AUTH_WITH_DEVICE_IDENTIFIER)
+                        == PERMISSION_GRANTED;
+            default:
+                return false;
+        }
     }
 
     /**