Week 3 - Mobile Device Components - IMEI & Other Handset Codes Flashcards
What does IMEI stand for & what is it?
International Mobile Equipment Identity
It is the ‘serial number’ of a mobile device handset.
Is an IMEI unique?
It is intended to be, but it can be reprogrammed with specialist equipment - illegal in most countries
Who allocates IMEI?
Since April 2000 they are allocated by the GSMA - the Global System for Mobile technology Association at the request of the manufacturers.
They appoint regaional reporting bodies to allocate IMEI & TAC s on their behalf. These include the BABT (British Approval Board for Telecommunications), CTIA (Cellular Telecommunications Industry Association), TAF (Telecomunications Testing & Approval Forum) & MSAI (Mobile Standards Alliance India)
What is the IMEI used for?
- Used by the network operator to ensure the device is a valid piece of equipment to be allowed on the mobile network.
- Identifes the device make, model, date & country of origin
Where / how can you obtain the IMEI of a device?
- May be printed on it (e.g under the battery)
- May be on a sticker on the device
- May be electronically stored - found in the device settings (e.g ‘about phone’)
- May be electronically stored - displayed by typing *#06#
- May be found on device packaging
- remember in some instances the IMEI on sticker, packaging or electronically stored may be different. This could be due to a replacement cover being fitted, the main circuit board could have been replaced or the IMEI could have been changed using software. If an IMEI is reported stolen then the network operator can block network access for that device - can be overcome by programming a new known IMEI - not usually possible with high end devices who restrict IMEI reprogramming.
What else might the IMEI label / device sticker on packaging tell us?
- Service Proivder (e.g O2).
- Make & model
- The frequency band it operates on
- Country of manufacturer
Describe the structure of the IMEI
Applies to IMEIs issued after April2004 when structure changed
- 15 digit number, if including a check digit
- May be 16 digits if indicating software version.
- Sometimes presented in groups using / or - to serparate the groups
Structure of IMEI - What is a TAC?
TAC is a Type Allocation Code.
- Unique identifier that represents the first 8 digits of the device’s IMEI number.
- Identifies the make, model, and country of origin - agency that issued the IMEI e.g Britsh Approvals Board for Telecommunications (BABT) - not necessarily where it was manufactured.
- The first 2 digits are the reporting body identifier (e.g 35 = BABT)
35 = BABT
01 = CTIA
86 = TAF
91 = MSAI
00 = Test
98 = Reserved for future use
99 = GHA
- Digits 3 to 8 are the Mobile Equipment Model Identifier - allocated to the device manufacturer for a specific model (e.g 195000 = Siemens MC60)
Structure of IMEI - What are the meanings of the remaining digits
- Digits 9 to 14 are a ‘serial number’ uniquely assigned to that device. Assigned by the manufacturer.
- 15th digit is a check digit (CD). Used to check the validity of the IMEI.
- Check digit is calculated with the ‘Luhn’ formula (open source. This is a checksum formula used to check the first 14 digits of the IMEI
- Early handsets this was always a value of zero. Now can be anything up from 0 to 9
- The CD is NOT transmitted on the network so WILL NOT have a value on call / charge data records (CDR) obtained. On CDR it will always show a zero.
How to you use Luhn’s calculation to get the check digit on a 15 digit IMEI?
- Write out the 14 digits of the IMEI ignoring the CD.
- Start from left hand side & assign each digit a label starting at D14 down to D1 (left to right).
- Double the value in all the odd D numbers (D1, D3, D5 etc)
- Add together all these individual digits (remember 18 = 1+8, 12 = 1+2 etc).
- Add up the sum of all the even D numbers.
- Add the figure obtained in step 4 and 5 together.
- If this number ends in zero then zero is the CD value.
- If it does not end in zero then subtract the number from the next highest number that does end in zero. E.g if your figure from step 6 is 42 then 50 - 42 = the CD value which is 8.
16 digit IMEI numbers
- Less common
- No check digit
- As before the first 8 digits are the TAC and digits 9 to 14 are the unique ‘serial number’ assigned to that handset.
- 15th and 16th digits indicate the software version on that device at the time of manufacture (Software Version Number SVN)
-
Other types of handset identification codes
US market has FCC-ID (Federal Communications Commission Identification).
First 3 or 5 characters represent the manufacturer (called grantee code)
Remaining characters are known as the equipment product code. Manufacturer specific. Can contain series of hyphens or dashes.
e.g P P I RM-94
Grantee code is PPI
Equipment Product Code is RM-94
Where can we find info re IMEI numbers?
GSMA device check / IMEI Database
https://www.gsma.com/solutions-and-impact/industry-services/device-services/gsma-device-check
American FCC-ID search
https://www.fcc.gov/general/fcc-id-search-page#helpSection
Has useful info such as reports and images – helps to ID components and technical info.
Various analysis tools incl IMEI analysis.
http://www.numberingplans.com/?page=analysis&sub=imeinr
The IMEI validity assessment is an indicator of the accuracy of the info given. Useful to ID a device based on IMEI.
http://www.imei.info/ - alternative to the above
** remember that these sites may not be accurate / may have incorrect data / no results - information only do NOT rely on as evidence.
GSMA have a master datatbase that LE can access. Have a page tyo chevck if IMEI has been blacklisted and by what network operator.
Some forensic tools contain a TAC data base