At begining all was in eeprom, so one could read eeprom with eeprom programmer, change one byte (ulualy was 01 locked, 00 sim unlocked). Then they started to add some realy easy algos so it was like just one XOR or switch nibles, example: locked state: 452398 , unlocked state:543289 (nibles swithced on every byte!). Then they have started to use more and more complicated algos linked to IMEI, Provider code ect. Other method was to directly patch rom image and flash back to phone. Actulay wioth this you just NOP the jmp in flash so skip sim security checks, nothjing more. But then again in nokias you hade to fix the cheskum of flash and update the OTP area. How time past thisng get complicated, and not New Motorola phones V series you can only unlock by codes sending IMEI number to unlock server. So if you tries to do some research this days it will be realy hard to track on now days protections inside new gsm models. Good luck anyway )
Ps. I used to write some of gsm crack sw in past