[bblost]

The govt has watered down the plan to ban phones without the IMEI number.
They are now setting up centers to implant this number in phones without it.

Techtree.com India > News > Consumer Electronics > Phones with No or Fake IMEI Code to Die

Is it possible do so?

What happens to phones that have a valid IMEI number, but were purchased in some other country?

[Su-47]

IMEI = International Mobile Equipment Identity. So, valid IMEI purchased in some other country should still work (unless there are thousands of handsets with same IMEI like it is in case of some chinese ones).

[Rotorhead]

Quote:

Originally Posted by bblost

The govt has watered down the plan to ban phones without the IMEI number.
They are now setting up centers to implant this number in phones without it.

Techtree.com India > News > Consumer Electronics > Phones with No or Fake IMEI Code to Die

Is it possible do so?


What happens to phones that have a valid IMEI number, but were purchased in some other country?

Detection of fake IMEI's can be simple as far as my knowledge on the GSM goes . At the time of registering to the network or during a call/SMS operation, the status of the imei can be checked against the EIR (equipment identity register). Though i am pretty much sure that currently most operator dont have this checking right now, but post the regulation i suppose this check will be made mandatory. The catch for the operator is that they have to keep the EIR database constantly updated with the IMEI provided by the handset manufacturers.

The tough part is though to catch cloned handsets with multiple handsets using same IMEI. I am also keen on seeing how the operators are going to handle this. Even though within the same operator the usage of cloned handset can be easily detected by analysing the location updates but wonder how it is possible to detect this fraud in a scenario that such handsets can be used across other networks unless there is some kind of data sharing by all the operators which i am sure is going to be a tedious job.

Any other GSM experts who can throw some light on the possible solution for this tricky issue ?

[anujmishra]

Yes you can do that with you old died phone's IMEI. But to insert IMEI you need a real Hardware Expert with the knowledge of phone software and above all T-32 debugger.

T-32 debugger is very costly and it is not available with general road side hardware experts.

[Technocrat]

Quote:

Originally Posted by bblost

The govt has watered down the plan to ban phones without the IMEI number.
They are now setting up centers to implant this number in phones without it.

So Instead of stopping fake phones they are trying to make them genuine, wow.

[anujmishra]

Quote:

Originally Posted by Technocrat

So Instead of stopping fake phones they are trying to make them genuine, wow.

When some government agency implant IMEI he will keep track of phones by the name of owner. So I do not see any problem in this.

[Technocrat]

Well the success of this exercise lies in the capacity of the govt to actually identify all such phones(I read the procedure but how successful they would be is yet to be seen) & make them not usable on non compliance.

[issigonis]

Quote:

Originally Posted by Rotorhead

Detection of fake IMEI's can be simple as far as my knowledge on the GSM goes .
========================
Any other GSM experts who can throw some light on the possible solution for this tricky issue ?

Lads,

The crosscheck of IMEI with the EIR has to be done further by checking the mapping of the MSISDN with the IMEI. The MSISDN ( your mobile no.) will be unique. This three link check will be required ( subject to confirmation from our telecom experts and TRAI) for MNP ( mobile number portability) which is going to be introduced in possibly the next six odd months. It is imperative that when you or I change operators ( viz. migrate from say Airtel to MTNL while retaining the mobile no., the MNAC ( a type of mobile no. clearinghouse) will check all the three.

That will help crack down on (illegal) handsets with cloned IMEIs or handsets with no IMEIs. Trust the government to bow down before powerful telecom lobbies! A GSM network is one of the safest with rugged checks to prevent illegal intrusion ( an oxymoron that!) and consumption of the network.
I bet our Chinese friends are upto something here - it is their handsets which don't have such neccessities as IMEI nos. Plus their telecom equipment suppliers win business by offering their products dirt cheap (initial cost).
After all as the Chinese say- we can copy everything except your mothers.

This abject government submission is playing with safe telecom practice and it might well have an impact on the misuse of our networks by anti-nationals. But who cares as long as personal needs are taken care of.

[bigman]

Quote:

Originally Posted by issigonis

Lads,

I bet our Chinese friends are upto something here - it is their handsets which don't have such neccessities as IMEI nos. Plus their telecom equipment suppliers win business by offering their products dirt cheap (initial cost).
After all as the Chinese say- we can copy everything except your mothers.

Of cause the Chinese are upto no good, has anyone checked the SAR ratings for these chinese phones? I bet they are off the scale. No doubt with all those excessive radio waves hitting hundreds of thousands of Indian heads there will be a rise in related illnesses.

These Chinese phones should have been banned a long time ago. I hear you can even set the IMEI number yourself on some of these mobiles through their setup menus.

[amitk26]

If there is was a political will this would have been implemented long long ago. IMEI is globally unique 16 digit number and it does not create a lot of effort to put in a look up database at the backend.
Just that operator lobby was differing it for too long.

It is surprising that Indian operators were functoning with out EIR for so long and government never raised the issue.

Inserting IMEI in phones without them is not too difficult. Most of the OEM vendors like Qualcom , EMP etc. have an OTP area ( One time programmable memory) where IMEI need to be written.

All you need is board detail that is the memory address of OTP area and a hardware debugger like Lauterbach Trace 32 to write the OTP.

Manufacturers should do this as a factory process.

IMHO all these chinese phones should be discarded ASAP apart from IMEI the radiation level is never tested.

Enforcement level is really weak for example emergency call ( without SIM inserted) is supported by GSM specification (112 as per GSMA) but here operators do not even provide toll free access to 100 which is police number.

[anujmishra]

I have one question: If Chinese making (imitating) phones then why not they insert IMEI number into it? Wht they send to maket without IMEI? Is buying a IMEI is that costly?

Can anybody throw light on this?

[amitk26]

Quote:

Originally Posted by anujmishra

I have one question: If Chinese making (imitating) phones then why not they insert IMEI number into it? Wht they send to maket without IMEI? Is buying a IMEI is that costly?

Can anybody throw light on this?

Anuj it is not about the individual cost it is about standardization and amalgamated cost. India and China are two biggest markets by volume.

All valid IMEI numbers are maintained in GSMA registry and even though the cost of a single IMEI may be nominal as a whole China needs to pay millions of euros to GSMA so they came up with Idea of their own IMEI registry.

Chinese IMEI are 14 digit but problem is that India can not maintain a security registry ( EIR) with Chinese IMEI.
Further to this some chinese manufacturers don't bother about putting avalid Chinese IMEI itself as there seems to be no mandate for the same.

This is similar to China's own standard for almost every thing be is SCDMA or Audio Video / Codecs to prevent royalty outflow to west.

EDIT : Just now i searched and as per latest news GSMA agreed to provide IMEI and type certification to chinese handsets that is handsets type certified by Chinese authorities instead of GCF in EU or equivalent US body.. I think impending ban on Chinese made mobile in biggest market pushed chinese government to take this step. As I have heard there is not a lot of difference between corporates and Chinese government in real sense most of the companies are promoted and heavily subsidised by government itself.

[Rotorhead]

Quote:

Originally Posted by issigonis

Lads,

The crosscheck of IMEI with the EIR has to be done further by checking the mapping of the MSISDN with the IMEI. The MSISDN ( your mobile no.) will be unique. This three link check will be required ( subject to confirmation from our telecom experts and TRAI) for MNP ( mobile number portability) which is going to be introduced in possibly the next six odd months. It is imperative that when you or I change operators ( viz. migrate from say Airtel to MTNL while retaining the mobile no., the MNAC ( a type of mobile no. clearinghouse) will check all the three.

That will help crack down on (illegal) handsets with cloned IMEIs or handsets with no IMEIs. Trust the government to bow down before powerful telecom lobbies! A GSM network is one of the safest with rugged checks to prevent illegal intrusion ( an oxymoron that!) and consumption of the network.
I bet our Chinese friends are upto something here - it is their handsets which don't have such neccessities as IMEI nos. Plus their telecom equipment suppliers win business by offering their products dirt cheap (initial cost).
After all as the Chinese say- we can copy everything except your mothers.

This abject government submission is playing with safe telecom practice and it might well have an impact on the misuse of our networks by anti-nationals. But who cares as long as personal needs are taken care of.

Just a question here though, why is the MSISDN check required to verify IMEI cloning? The SIM can be used with any handset(read IMEI). So are u suggesting that the one SIM be bound only to one Handset. I dont think that would be a proper approach. Or are you talking about identifying SIM/IMSI cloning? And when you say that the GSM network has one of the most rugged checks for illegal intrusion, can you explain what checks are you specifically talking about. If you look at the fraud data sheets across the network operator, SIM cloning, handset cloning, roaming frauds top the list where annually operators lose millions of dollars. If you are talking about authentication procedures while mobile registration procedure, the key to checking invalid imeis, imsis etc is done mainly at the EIR and not many operator currently have the check eventhough the EIR might be very much present in the setup.

The security IMO is much more advanced in packet swithched networks with technolgies such as security key based authentication authorization and encryption level security such as IPSEC, SSL etc.

amitk26 : The updation of EIR is not such a simple procedure. Millions of handsets are manufactured by handset manufactures every day and its not an easy task for the operator to keep updating the list on a regular basis. Also the problem here is that even if it is done, the main issue that there might be a fake handset with a valid IMEI imposed on to it , in which case the EIR check will return successful . So i suppose the identification of cloned IMEI is not that simple, but yes if it is a false/null imei then it is defenitely possible, for example a handset with less than 16 digit or no imei number is very much possible using the EIR check. As far i can see it cloned IMEI's is going to be tough nut to crack.

[amitk26]

Quote:

Originally Posted by Rotorhead

Just a question here though, why is the MSISDN check required to verify IMEI cloning? The SIM can be used with any handset(read IMEI). So are u suggesting that the one SIM be bound only to one Handset. I dont think that would be a proper approach. Or are you talking about identifying SIM/IMSI cloning? And when you say that the GSM network has one of the most rugged checks for illegal intrusion, can you explain what checks are you specifically talking about. If you look at the fraud data sheets across the network operator, SIM cloning, handset cloning, roaming frauds top the list where annually operators lose millions of dollars. If you are talking about authentication procedures while mobile registration procedure, the key to checking invalid imeis, imsis etc is done mainly at the EIR and not many operator currently have the check eventhough the EIR might be very much present in the setup.

Operators are running in to millions of dollers of fraud related losses because the opted not to install EIR to save fewer millions.

Quote:

Originally Posted by Rotorhead

The security IMO is much more advanced in packet swithched networks with technolgies such as security key based authentication authorization and encryption level security such as IPSEC, SSL etc.

Not exactly in my experience LAU and PDP procedures are quite robust in 3GPP spec , In fact most of the operators and handset vendors in EU and US ( 3GPP ) do not even implement IPSEC in 3G / GPRS packet network from UE to GGSN. Can't name the networks or vendors here because I am posting from work.

Quote:

Originally Posted by Rotorhead

J
amitk26 : The updation of EIR is not such a simple procedure. Millions of handsets are manufactured by handset manufactures every day and its not an easy task for the operator to keep updating the list on a regular basis. Also the problem here is that even if it is done, the main issue that there might be a fake handset with a valid IMEI imposed on to it , in which case the EIR check will return successful . So i suppose the identification of cloned IMEI is not that simple, but yes if it is a false/null imei then it is defenitely possible, for example a handset with less than 16 digit or no imei number is very much possible using the EIR check. As far i can see it cloned IMEI's is going to be tough nut to crack.

All the valid handsets from major manufacturer have IMEI provided by GSMA , Operators need not preprare a list of valid IMEI on their own the EIR runs a query to the GSMA database so yes some $$$ needs to be spent.

Another alternative is to create an Indian IMEI database and Indian Government Type certification / test houses to conduct type certification to save on royalty / service fee. ( Chinese approach ) but any way $$$ and effort is required for this as well.

It is not that difficult either , The problem started because EIR was not mandated to start with, It is fault of operators , TRAI and DOT combined to allow operations with out EIR for more then a decade.

In UK and EU possessing an equipment which can embed IMEI post manufacturing is an offense.
The handset is does not receive GCF type certification if it does not store IMEI in OTP ( One time programmable) memory area. Indian government never defined it's own type certification procedure nor did it rely on GCF type certification so un-certified chinese handsets made their way.

Normally operator activates a SIM after verifying the credentials of customer, In India the verfication is just finencial and address verification at takes 24 - 48 hours but important step of IMEI verification is omitted.

IMHO allowing IMEI embedding for existing handsets is not a good step as it will create menace of fake IMEIs best is to let the 10% of subscribers take a hit and let operatoers business suffer for a while because they are primarily responsible for not validating IMEI in first place.

[Rotorhead]

Quote:

Originally Posted by amitk26

All the valid handsets from major manufacturer have IMEI provided by GSMA , Operators need not preprare a list of valid IMEI on their own the EIR runs a query to the GSMA database so yes some $$$ needs to be spent.

Another alternative is to create an Indian IMEI database and Indian Government Type certification / test houses to conduct type certification to save on royalty / service fee. ( Chinese approach ) but any way $$$ and effort is required for this as well.

.

This solution was thought of but technically it proves a major overhead. Currently the lookup into the EIR is done using the SS7 MAP based messages and the query response is much faster since it being a SS7 message and that the EIR is co-located with the MSC. But considering a case where the query had to be run to a remotely located database, what protocol do you suggest for a faster query response. Lets say the GSMA database is located in the US then i am sure if any other protocol such as http or SOAP, or LDAP will have a performance overload and end result will that the user will face excessive delays while registering with the network, especially since location updates are not treated any differently than between a visiting VLR and if within the same network the subscriber is latching on to a different MSC while on move. And the delayed lookup will defenitely be not so appealing to the end user.

one solution could be that there is some kind of sync up mechanism between the EIR and the GSMA database which will offline keep the data updated.

and when u talk about PDP , GPRS procedures etc being robust, then its exactly the same when i mentioned the packet switched technology has better security mechanism than the circuit switched (aka GSM) networks. Also as of my last update IPSEC/IKE still remain one of the preferred methods of securing the UE to access point communication. Since i worked on this technolgy almost 2 years back, my info might be outdated. Can you let me know what is the latest technology currently?