MOBILE PHONE CLONING
Mobile communication has been readily available for several years, and is major business today. It provides a valuable service to its users who are willing to pay a considerable premium over a fixed line phone, to be able to walk and talk freely. Because of its usefulness and the money involved in the business, it is subject to fraud. Unfortunately, the advance of security standards has not kept pace with the dissemination of mobile communication.
Some of the features of mobile communication make it an alluring target for criminals. It is a relatively new invention, so not all people are quite familiar with its possibilities, in good or in bad. Its newness also means intense competition among mobile phone service providers as they are attracting customers. The major threat to mobile phone is from cloning.
WHAT IS CELL PHONE CLONING?
Cell phone cloning is copying the identity of one mobile telephone to another mobile telephone. Usually this is done for the purpose of making fraudulent telephone calls. The bills for the calls go to the legitimate subscriber. The cloner is also able to make effectively anonymous calls, which attracts another group of interested users. Cloning is the process of taking the programmed information that is stored in a legitimate mobile phone and illegally programming the identical information into another mobile phone.
The result is that the “cloned” phone can make and receive calls and the charges for those calls are billed to the legitimate subscriber. The service provider network does not have a way to differentiate between the legitimate phone and the “cloned” phone.
From where it started?
Cell phone cloning started with Motorola “bag” phones and reached its peak in the mid 90’s with a commonly available modification for Motorola “brick” phones such as the Classic, the Ultra Classic, and the Model 8000.
Cloning involved modifying or replacing the EPROM in the phone with a new chip, which would allow one to configure an ESN (Electronic Serial Number) via software. The MIN (Mobile Identification Number) would also have to be changed.
Cloning still works under the AMPS/NAMPS system, but has fallen in popularity as older phones that can be cloned are more difficult to find and newer phones have not been successfully reverse engineered.
Cloning has been successfully demonstrated under GSM, but the process is not easy and currently remains in the realm of serious hobbyists and researchers.
HOW BIG OF A PROBLEM IS CLONING FRAUD?
The Cellular Telecommunications Industry Association (CTIA) estimates that financial losses in due to cloning fraud are between $600 million and $900 million in the United States.
Some subscribers of Reliance had to suffer because their phone was cloned. Mobile Cloning Is in initial stages in India so preventive steps should be taken by the network provider and the Government.
HOW TO KNOW THAT THE CELL HAS BEEN CLONED?
• Frequent wrong number phone calls to your phone, or hang-ups.
• Difficulty in placing outgoing calls.
• Difficulty in retrieving voice mail messages.
• Incoming calls constantly receiving busy signals or wrong numbers. Unusual calls appearing on your phone bills
Types of cloning
Code Division Multiple Access (CDMA) mobile telephone cloning involves gaining access to the device’s embedded file system /nvm/num directory via specialized software or placing a modified EEPROM into the target mobile telephone, allowing the Electronic serial number(ESN) and/or Mobile Equipment Identifier (MEID) of the mobile phone to be changed. To obtain the MEID of your phone, simply open your phone’s dialler and type *#06# to get its MEID number.1
The ESN or MEID is typically transmitted to the cellular company’s Mobile Telephone Switching Office (MTSO) in order to authenticate a device onto the mobile network. Modifying these, as well as the phone’s Preferred Roaming List (PRL) and the mobile identification number, or MIN, can pave the way for fraudulent calls, as the target telephone is now a clone of the telephone from which the original ESN and MIN data were obtained.
Cloning has been shown to be successful on CDMA, but rare on GSM. However, cloning of a GSM phone is achieved by cloning the SIM card contained within, but not necessarily any of the phone’s internal data. GSM phones do not have ESN or MIN, only an International Mobile Station Equipment Identity (IMEI) number. There are various methods used to obtain the IMEI. The most common methods are to hack into the cellular company, or to eavesdrop on the cellular network.
A GSM SIM card is copied by removing the SIM card and placing a device between the handset and the SIM card and allowing it to operate for a few minutes and extracting the Ki, or secret code.2 This is normally done with handsets that have the option of an “extended battery” by placing the normal size battery in the handset and the Ki in the now vacant extra space. This is done by allowing the device to log the interaction between the mobile telephone switching office and the handset.
Real Life Case
Recently the Delhi (India) police arrested a person with 20 cell- phones, a laptop, a SIM scanner, and a writer. The accused was running an exchange illegally wherein he cloned CDMA based cell phones. He used software named Patagonia for the cloning and provided cheap international calls to Indian immigrants in West Asia. So its illegal to clone phone!
Presently the cellular phone industry relies on common law (fraud and theft) and in-house counter measures to address cellular phone fraud. Mobile Cloning is in initial stages in India so preventive steps should be taken by the network provider and the Government the enactment of legislation to prosecute crimes related to cellular phones is not viewed as a priority, however. It is essential that intended mobile crime legislation be comprehensive enough to incorporate cellular phone fraud, in particular “cloning fraud” as a specific crime.