Embed Size (px)
DESCRIPTION
Mobile Phone Cloning
Citation preview
1.INTRODUCTION
1.1.Cell phone cloning
Cell phone cloning is copying the identity of one mobile telephone to another mobile telephone.
Usually this is done for the purpose of making fraudulent telephone calls. The bills for the calls
go to the legitimate subscriber. The cloner is also able to make effectively anonymous calls,
which attracts another group of interested users.
1.2 Cloning
Cloning is the process of taking the programmed information that is stored in a legitimate
mobile phone and illegally programming the identical information into another mobile phone.
The result is that the "cloned" phone can make and receive calls and the charges for those calls
are billed to the legitimate subscriber. The service provider network does not have a way to
differentiate between the legitimate phone and the "cloned" phone.
While mobile cloning is an emerging threat for Indian subscribers, it has been happening in other
telecom markets since the 1990s, though mostly with regard to CDMA phones. Pleas in an US
District Court in 1997 effectively ended West Texas authorities' first case of `phone cloning.'
Authorities in the case estimated the loss at $3,000 to $4,000 for each number used.
Southwestern Bell claims wireless fraud costs the industry $650 million each year in the US.
Some federal agents in the US have called phone cloning an especially `popular' crime because it
is hard to trace.
Back home, police officers say the Yasin case is just the tip of the iceberg and have asked
operators to improve their technology. But the operators claim they can't do much for now. "It's
like stealing cars or duplicating credit card numbers. The service providers cannot do much
except keep track of the billing pattern of the users. But since the billing cycle is monthly, the
damage is done by the time we can detect the mischief," says a Reliance executive.
Are your mobile phone bills unexpectedly high? There’s a chance you are the victim of ‘‘mobile
cloning’’. It is also known as cell phone piracy and has been taking place throughout the world
since decades. Recently this crime has come to India.
1
Mobile phones have become a major part of our everyday life. On the one hand, India’s mobile
phone market has grown rapidly in the last few years on the back of falling phone tariffs and
handset prices, making it one of the fastest growing markets globally. On the other the number of
mobile phone subscribers is exceeding that of fixed-line users. The mobile phone subscriber base
has already crossed the 50-mn mark.
Today millions of mobile phones users, be it Global System for Mobile communication (GSM)
or Code Division Multiple Access (CDMA), run the risk of having their phones cloned. And the
worst part is that there isn’t much that you can do to prevent this.
Such crime first came to light in January 2005 when the Delhi police arrested a person with 20
cell phones, a laptop, a SIM scanner, and a writer. The accused was running an exchange
illegally wherein he cloned CDMA-based mobile phones. He used software for the cloning and
provided cheap international calls to Indian immigrants in West Asia. A similar racket came to
light in Mumbai resulting in the arrest of four mobile dealer.
Mobile communication has been readily available for several years, and is major business today.
It provides a valuable service to its users who are willing to pay a considerable premium over a
fixed line phone, to be able to walk and talk freely. Because of its usefulness and the money
involved in the business, it is subject to fraud. Unfortunately, the advance of security standards
has not kept pace with the dissemination of mobile communication.
Some of the features of mobile communication make it an alluring target for criminals. It is a
relatively new invention, so not all people are quite familiar with its possibilities, in good or in
bad. Its newness also means intense competition among mobile phone service providers as they
are attracting customers. The major threat to mobile phone is from cloning.
Cloning is the process of taking the programmed information that is stored in a legitimate mobile
phone and illegally programming the identical information into another mobile phone. The result
is that the "cloned" phone can make and receive calls and the charges for those calls are billed to
the legitimate subscriber. The service provider network does not have a way to differentiate
between the legitimate phone and the "cloned" phone.
2
' Authorities in the case estimated the loss at $3,000 to $4,000 for each number used.
Southwestern Bell claims wireless fraud costs the industry $650 million each year in the US.
Some federal agents in the US have called phone cloning an especially `popular' crime because it
is hard to trace. Back home, police officers say the Yasin case is just the tip of the iceberg and
have asked operators to improve their technology. But the operators claim they can't do much for
now. "It's like stealing cars or duplicating credit card numbers. The service providers cannot do
much except keep track of the billing pattern of the users. But since the billing cycle is monthly,
the damage is done by the time we can detect the mischief," says a Reliance executive.
2.GSM AND CDMA MOBILE PHONES
2.1 CDMA( Code Division Multiple Access).
A method for transmitting simultaneous signals over a shared portion of the spectrum. There is
no Subscriber Identity Module (SIM) card. Operators who provides CDMA service in India are
Reliance and Tata Indicom.
CDMA use a Mobile Identification Number (MIN) card that contains user account
information.Rather than dividing the radio spectrum into separate users channel by frequency
slices or time slots ,spread spectrum technology separate users by assigning them digital codes
within the same broad spectrum .Advantages of CDMA include higher capacity and immunity
from interference by other signals.. A method for transmitting simultaneous signals over a shared
portion of the spectrum. There is no Subscriber Identity Module (SIM) card unlike in GSM.
Operators who provides CDMA service in India are Reliance and Tata Indicom.
2.2 GSM (Global System for Mobile Communications)
A digital cellular phone technology based on TDMA GSM phones MHz frequency band.
There is a Subscriber Identity Module (SIM) card. Any GSM phone becomes immediately
programmed after plugging in the SIM card, thus allowing GSM phones to be easily rented or
borrowed.Operators who provide GSM service are Airtel,Hutch etc. with GSM system for
mobile communication reached a global scale .In the western world ,it seems every one has their
own mobile phone,and GSM has taken more and more of the market.
3
The network element which provides all the control functions and physical link between the
MSC and BTS.The BSC provides function such as handover,cell configuration data,and control
of radio frequency power levels in Base Transceiver stations.The network element which handles
the radio interface to the mobile station.The BTS is the radio equipment needed to service each
cell in the network.A network element which provide short messages service voice mail, fax
mail, email, and paging is called Message Center (MXE).A network element used to interconnect
two GSM.CDMA is one of the newer digital technologies used in Canada, the US, Australia, and
some South-eastern Asian countries. CDMA differs from GSM and TDMA (Time Division
Multiple Access) by its use of spread spectrum techniques for transmitting voice or data over the
air. Rather than dividing the radio frequency spectrum into separate user channels by frequency
slices or time slots, spread spectrum technology separates users by assigning them digital codes
within the same broad spectrum. Advantages of CDMA include higher user capacity and
immunity from interference by other signal.
3.COMPONENT OF GSM NETWORK
3.1 The Switching System (SS)
Home Location Register (HLR) - A database which stores data about GSM
subscribers, including the Individual Subscriber Authentication Key (Ki) for each
Mobile Services Switching Center (MSC) - The network element which performs the telephony
switching functions of the GSM network
Visitor Location Register (VLR) - A database which stores temporary information
about roaming GSM subscribers.
Authentication Center (AUC) - A database which contains the International Mobile
Subscriber Identity (IMSI) the Subscriber Authentication key (Ki), and the defined
algorithms for encryption.
Equipment Identity Register (EIR) - A database which contains information about
the identity of mobile equipment in order to prevent calls from stolen, unauthorized,
or defective mobile stations.
4
3.2 The Base Station System (BSS)
Base Station Controller (BSC) - The network element which provides all the control
functions and physical links between the MSC and BTS. The BSC provides
functions such as handover, cell configuration data, and control of radio frequency
(RF) power levels in Base Transceiver Stations.
Base Transceiver Station (BTS) - The network element which handles
the radio interface to the mobile station. The BTS is the radio
equipment (transceivers and antennas) needed to service each cell in the
network.
3.3 The Operation and Support System (OSS)
Message Center (MXE) - A network element which provides Short Message
Service (SMS), voice mail, fax mail, email, and paging.
Gateway Mobile Services Switching Center (GMSC) - A network element used to
interconnect two GSM networks.
4. IMPORTANT TERMS
4.1 ESN
,which stands for Electronic Serial Number. It is same as the IMEI but is used in CDMA handsets.
Integrated circuit card identifier
Corresponds to the number printed on surface of SIM
File Purpose Size
ICCID Serial Number 10 bytes
5
4.2 IMEI
It stands for International Mobile Equipment Identifier, this is a 10 digit universally unique number of our
GSM handset. I use the term Universally Unique because there cannot be 2 mobile phones having the
same IMEI no. This is very valuable number and used in tracking mobile phones
4.3 SIM
It stands for subscriber identity module.Basically SIM Provides storage of subscriber related
information of three types:
1. Fixed data storage
2. Temporary data storage
3. Service related data
File Purpose Size
IMSI Subscriber ID 9 bytes
4.4 International Mobile Subscriber Identity
As stored in the HLR/VLR’S on network Unique ID for every subscriptions on the operator
network.
a. Every SIM can be protected by a Personal Identification Number (PIN)
b. Set at point of manufacture
c. Can be changed by the Subscriber
d. Four digit code
e. Usually 3 attempts before phone is blocked
4.5 Bypassing the PIN requires the Pin Unblocking Key (PUK)
6
a. 8 digit code
b. Set by manufacturer
c. Maximum 10 attempts before phone is permanently blockedProcessor is used for
providing access to the data and security
d. To access the data we need;
e. Standard smart card reader
f. SIM access Software
g. As SIM is a smart card it has
h. A processor
i. Non-volatile memory
j. Data stored in binary files
Knowledgeable criminals will be aware of the properties of the SIM and thus manipulate
them.
Greater threat is that of cloning SIM data for illicit use
a. Directly from the SIM using a scanning software
b. Eaves-dropping on the networks for unencrypted transmission of the IMSI
it cannot normally be obtained directly as it is derived from an encryption algorithm stored on
the SIM
However, if the encryption algorithm is weak then it is possible to feed numbers .
4. HOW IS PHONE CLONED
7
Cellular thieves can capture ESN and MIN using devices such as cell phone reader or digital data
interpreters (DDI).The ESN and MIN pair can be cloned in a number of way without the
knowledge of
Carriers or subscriber through o Electronic Scanningdevices.After ESN/MIN pair is
captured ,the cloner reprogrammed or alter the micro chip of any wireless phone to create clone
of any wireless phone from
Which ESN/MIN pair was stolen.cellular thieves can capture ESN/MINs using devices such as
cell phone
ESN reader or digital data interpreters .By simply sitting near busy roads where the volume of
cellular phone is high,cellular thieves monitoring the radio waves transmission from the cell
phone of legitimate
Subscriber can capture ESN/MIN pair.
Number can be recorded by hand, one by one ,or stored in the box and later downloaded to a
computer.ESN/MIN reader can also be used from inside an offender’s home ,office or hotel
room, increasing the difficulty of detection.The entire programming process takes 10-15 minutes
Per phone .Any call made with cloned phone are billed to a legitimate phone account.Innocent
citizens
Ends up with unexplained monthly phone bills.
5.1 Obtaining blank SIMs
a. These cards can be ordered from the same source where network providers get their cards.
b. The card must then be programmed with a special tool for programming of fresh cards. Such
a tool is distributed together with the Sim-Scan package.
c. An attacker could also get hold of a generic smart card and smart card programmer, and then
program the card to act as a SIM.
Cloning involved modifying or replacing the EPROM in the phone with a new chip which would
allow you to configure an ESN (Electronic serial number) via software. You would also have to
change the MIN (Mobile Identification Number). When you had successfully changed the
8
ESN/MIN pair, your phone was an effective clone of the other phone. Cloning required access to
ESN and MIN pairs. ESN/MIN pairs were discovered in several ways:
d. Sniffing the cellular
e. Trashing cellular companies or cellular resellers
f. Hacking cellular companies or cellular resellers
g. Cloning still works under the AMPS/NAMPS system, but has fallen in popularity as older
clone able phones are more difficult to find and newer phones have not been successfully
reverse-engineered.
h. Cloning has been successfully demonstrated under GSM, but the process is not easy and it
currently remains in the realm of serious hobbyists and researchers
6. CELLULAR PHONE COUNTEREITING
9
GSM provides authentication of users and encryption of the traffic across the air interface. This
is accomplished by giving the user and network a shared secret, called Ki. This 128-bit number is
stored on the SIM-card, and is not directly accessible to the user. Each time the mobile connects
to the network, the network authenticates the user by sending a random number (challenge) to
the mobile.
7. CLONING GSM PHONES
Every GSM phone has 15 digit of electronic serial number reffered as IMEI.It is not
particularly secret bit of information and you don’t need to take any care to keep it
private.The important is the IMSI ,which is stored in removeable SIM card that carry all
your subscriber information.
GSM network that are considerd to be impregnable can also be haked.The process is
simple : a SIM card is inserted in to a reader,after connecting to a computer using data
cables, the card information is transferred in to PC.Then using free available encryption
10
software on the Net, the card detail can be easily transferred to a blank Smart card .The
result cloned phone is ready to misuse. He can do numerous call after cloning and the has
to be payed by innocent subscriber.
8. METHOD TO DETECT CLONED PHONES
8.1 DUPLICATE DETECTION
The network sees same phone in several place at same time.The reaction include shutting
them all of so that the real customer will contact the operator because he lost the service
he is paying for,or tearing down the connection so that clone user will switch to another
clone but the real user will contact the operator.
8.2 VELOCITY TRAP
The mobile phone seems to be moving at impossible or most unlikely speed.
Forexample ,if a call first made in Helsinki ,and five minute later another is made but this
time in Tampere, there must be two phone with same identity on the network.
11
Cloning involved modifying or replacing the EPROM in the phone with a new chip which would
allow you to configure an ESN (Electronic serial number) via software. You would also have to
change the MIN (Mobile Identification Number). When you had successfully changed the
ESN/MSN pair, your phone was an effective clone of the other phone. Cloning required access
to ESN and MIN pairs. ESN/MIN pairs were discovered in several ways:
Sniffing the cellular
Trashing cellular companies or cellular resellers
Hacking cellular companies or cellular resellers
Cloning still works under the AMPS/NAMPS system, but has fallen in popularity as older clone
able phones are more difficult to find and newer phones have not been successfully reverse-
engineered.
Cloning has been successfully demonstrated under GSM, but the process is not easy and it
currently remains in the realm of serious hobbyists and researchers.
With technically sophisticated thieves, customers are relatively helpless against cellular phone
fraud. Usually they became aware of the fraud only once receiving their phone bill.
Service providers have adopted certain measures to prevent cellular fraud. These include
encryption, blocking, blacklisting, user verification and traffic analysis: Encryption is regarded
as the most effective way to prevent cellular fraud as it prevents eavesdropping on cellular calls
and makes it nearly impossible for thieves to steal Electronic Serial Number (ESN) and Personal
Identification Number (PIN) pairs. Blocking is used by service providers to protect themselves
from high risk callers. For example, international calls can be made only with prior approval. In
some countries only users with major credit cards and good credit ratings are allowed to make
long distance calls. • Blacklisting of stolen phones is another mechanism to prevent
unauthorized use. An Equipment Identity Register (EIR) enables network operators to disable
stolen cellular phones on networks around the world. • User verification using Personal
Identification Number (PIN) codes is one method for customer protection against cellular phone
fraud. •
12
Tests conducted have proved that United States found that having a PIN code reduced fraud by
more than 80%. • Traffic analysis detects cellular fraud by using artificial intelligence software
to detect suspicious calling patterns, such as a sudden increase in the length of calls or a sudden
increase in the number of international calls. • The software also determines whether it is
physically possible for the subscriber to be making a call from a current location, based on the
location and time of the previous call. Currently, South Africa's two service providers, MTN and
Vodacom, use traffic analysis with the International Mobile Equipment Identity (IMEI) — a 15
digit number which acts as a unique identifier and is usually printed on the back of the phone
underneath the battery — to trace stolen phones.
9. ARE OUR CELL PHONES SECURED?
Too many users treat their mobile phones as gadgets rather than as business assets covered by
corporate security policy. Did you realize there's a lucrative black market in stolen and "cloned"
Sim cards? This is possible because Sims are not network specific and, though tamper-proof,
their security is flawed. In fact, a Sim can be cloned many times and the resulting cards used in
numerous phones, each feeding illegally off the same bill.
But there are locking mechanisms on the cellular phones that require a PIN to access the phone.
This would dissuade some attackers, foil others, but might not work against a well financed and
equipped attacker. An 8-digit PIN requires approximately 50,000,000 guesses, but there may be
ways for sophisticated attackers to bypass it.
With the shift to GSM digital - which now covers almost the entire UK mobile sector - the phone
companies assure us that the bad old days are over. Mobile phones, they say, are secure and
privacy friendly.
This is not entirely true. While the amateur scanner menace has been largely exterminated, there
is now more potential than ever before for privacy invasion.
The alleged security of GSM relies on the myth that encryption - the mathematical scrambling of
our conversations - makes it impossible for anyone to intercept and understand our words. And
while this claim looks good on paper, it does not stand up to scrutiny.
13
The reality is that the encryption has deliberately been made insecure. Many encrypted calls can
therefore be intercepted and decrypted with a laptop computer.
9.1 CAN DIGITAL PHONES BE CLONED?
Yes. Digital phones can be cloned however; the mobile phones employing digital TDMA and
CDMA technology are equipped with a feature known as "Authentication." Some newer model
analog phones also have this feature. Authentication allows the mobile service provider network
to determine the legitimacy of a mobile phone. Phones determined to be "clones" can be instantly
denied access to service before any calls are made or received.
9.2 HOW TO KNOW THAT THE CELL HAS BEEN CLONED?
Frequent wrong number phone calls to your phone, or hang-ups.
Difficulty in placing outgoing calls.
Difficulty in retrieving voice mail messages.
Incoming calls constantly receiving busy signals or wrong numbers. Unusual calls appearing on
your phone bills
9.3 CAN CALLS ON CLONED PHONE BE TRACKED?
Yes. A SIM can be cloned again and again and they can be used at different places. Messages
and calls can track sent by cloned phones. However, if the accused manages to also clone the
IMEI number of the handset, for which softwareâ„¢s are available, there is no way the cell can
be traced.
14
9.4 WHAT EXACTLY IS AUTHENTICATION?
Authentication is a mathematical process by which identical calculations are performed in both
the network and the mobile phone. These calculations use secret information (known as a "key")
preprogrammed into both the mobile phone and the network before service is activated. Cloners
typically have no access to this secret information (i.e., the key), and therefore cannot obtain the
same results to the calculations.
A legitimate mobile phone will produce the same calculated result as the network. The mobile
phone's result is sent to the network and compared with the network's results. If they match, the
phone is not a "clone."
9.5 ARE THESE METHODS EFFECTIVE?
Yes, for the most part. However, Authentication is the most robust and reliable method for
preventing cloning fraud and it is the only industry "standard" method for eliminating cloning.
The fact that it is standardized means that all mobile telecommunications networks using IS-41
can support Authentication. There is no need to add proprietary equipment, software, or
communications protocols to the networks to prevent cloning fraud.
9.6 IS MY PHONE AUTHENTICATION CAPABLE?
If the phone supports TDMA or CDMA digital radio, then yes. Otherwise, it depends on how old
the phone is and the make and model. Almost all phones manufactured since the beginning of
1996 support the Authentication function. The best bet is to check with your service.
15
9.7 WHAT IS IS-41?
IS-41(Interim Standard No. 41) is a document prescribing standards for communications between
mobile networks. The standard was developed by the Telecommunications Industry Association
(TIA) and is used primarily throughout North America as well as many Latin American countries and
Asia.
The IS-41 network communications standard supports AMPS, NAMPS, TDMA, and CDMA radio
technologies. IS-41 is the standard that defines the methods for automatic roaming, handoff between
systems, and for performing Authentication.
10. IMPACT OF CLONING
Each year mobile phone industry losses million of dollars in revenue because of criminal action
of person ,who are able to reconfigure mobile phones, so that their called are bill to another
phone owned by innocent third persons. Many people use cloned cellular telephone,for irregular
activities, because their call are not billed to them. moreover cloned phone are difficult to trace.
While mobile phone cloning is an emerging threat for Indian subscribers, it has been happening
in other telecom market since 1990’s,though mostly with regard to CDMA phones.some federal
agents in us have called cell phone cloning an especially a ‘crime’ because it is hard to trace.It is
like stealing cars or duplicating credit card numbers.The service providers can not do much
except keep track of the billing pattern of the users.But since the billing cycle is monthly , the
damage is done by the time we can detect the mischief . Cellular telephone companies do not
require their customers, to pay for any charge illegally made to their account no matter how great
the cost.But some portion of the cost of these illegal telephone calls is passed along to cellular
telephone consumers as a whole.This phenomena is especially prevalent in drug crimes. Drug
dealers need to be in constant contact with their source of supply and their confederates on the
16
streets. Traffickers acquire cloned phones at a minimum cost , make dozens of calls, and then
throw the phone away after as little as a days use.In the same way, criminals who pose a threat to
our national security, such as terrorists,have been known to use cloned phones to thwart law
enforcement efforts aimed at tracking their where about. There are also more discreet,
concealable devices used to clone cellular phones. Plugs and ES-Pros, which are about the size
of the pager or small calculator, do not require computers or copycat boxes for cloning. The
entire programming process takes ten-15 minutes per phone. Innocent citizens end up with
unexplained monthly phone bills. It is initial stages in India so preventive step should be taken
by the network Mobile Cloning Is in initial stages in India so preventive steps should be taken
by the network provider and the Government the enactment of legislation to prosecute crimes
related to cellular phones is not viewed as a priority, however. It is essential that intended mobile
crime legislation be comprehensive enough to incorporate cellular phone fraud, in particular
"cloning fraud" as a specific crime.
11. HOW TO PREVENT CELL PHONE CLONING
Service provider have adopted certain measures to prevent cellular fraud.These include
encryption,blocking,blacklisting,user verification and traffic analysis.Blacklisting of stolen
phones is another mechanism to prevent unauthorized use.An Equipment Identity Register(EIR)
enable network operators to disable stolen cellular phone on network around the world.User
verification using PERSONEL IDENTIFICATION NUMBER(PIN) is one method against
cellular fraud. Cloning as the crime branch detectives divulge,starts when some one,working for
mobile phone service provider,agrees to see the security number to gray market operators.Every
mobile handset has a unique factory coded electronic serial number and a mobile
identificatonnumber.The buyer can then program these security number in to new handsets.To
check the misuse of mobile phone cloning phenomena falls on subscriber himself. The
subscriber, according to the officials, should be on the alert and inform the police on suspecting
any foul play.It would be advisable for them to ask for the list of outgoing calls, as soon as they
realize that they have been overcharged. Modification of current definition of ‘’scanning
17
receiver’’ to ensure that the term is understood to include a device that can be used to intercept
an electronic serial number.correction of an error in the current penalty provision of 18 U.S.C
that provide two different statutory maximum penalty (10-15 years) for the same offence.with
respect to cell phone cloning act , the Act makes clear that a person convicted of such a offence
without o prior section 1029 conviction is subject to a statutory maximum of 20 years.In addition
to amendment to section 1029, the wireless Telephone Protection Act directs the commission to
‘’review and amend the federal sentencing guidelines and the policy statements of the
commission , and, if appropriate, to provide an appropriate penalty for offences involving the
cloning wireless telephone ……’’.
The U.S Secret Service and the wireless telecommunication Industry are increasingly concerned
about cloning fraud.consistent with the manufacturing is the predominant function of offender in
these cases.The other type of cloning equipment addressed in the amendment ,specialized
computers software, was present in 32 percent of the cases.The cellular telephone industry does
not charge legitimate, victimized customer for fraudulent call, rather the companies absorb the
losses themselves.
Uniquely identifies a mobile unit within a wireless carrier's network. The MIN often can be
dialed from other wireless or wire line networks. The number differs from the electronic serial
number (ESN), which is the unit number assigned by a phone manufacturer. MINs and ESNs can
be checked electronically to help prevent fraud .Mobiles should never be trusted for
communicating/storing confidential information. Always set a Pin that's required before the
phone can be used. Check that all mobile devices are covered by a corporate security policy.
Ensure one person is responsible for keeping tabs on who has what equipment and that they
update the central register. How do service providers handle reports of cloned phones?
Legitimate subscribers who have their phones cloned will receive bills with charges for calls they
didn't make. Sometimes these charges amount to several thousands of dollars in addition to the
legitimate.
Typically, the service provider will assume the cost of those additional fraudulent calls.
However, to keep the cloned phone from continuing to receive service, the service provider will
terminate the legitimate phone subscription. The subscriber is then required to activate a new
18
subscription with a different phone number requiring reprogramming of the phone, along with
the additional headaches that go along with phone number changes.
12. FACTS AND FIGURE
19
The subscriber attempts to register using the encryption, to the man in middle after that it passes
on the registration request to BTS operator.BTS operator authenticates the call to second person
and it passes authentication to subscriber .when subscriber dials a number it goes to second
person and second person send request to MS switch off encryption .now the man in middle
encrypts then passes on the call request to BTS operator.In the above figure red colour represents
spoofing BTS and blue colour represents spoofing MS.
File Purpose SizeSMS The text messages N*176 bytes
SMSP Message parameters Variable
SMSS Status of the messages Variable
13. SOLUTION OF THIS PROBLEM
Service providers have adopted certain measures to prevent cellular fraud. These include
encryption, blocking, blacklisting, user verification and traffic analysis: Encryption is regarded
as the most effective way to prevent cellular fraud as it prevents eavesdropping on cellular calls
and makes it nearly impossible for thieves to steal Electronic Serial Number (ESN) and Personal
Identification Number (PIN) pairs. Blocking is used by service providers to protect themselves
from high risk callers. For example, international calls can be made only with prior approval. In
20
some countries only users with major credit cards and good credit ratings are allowed to make
long distance calls. Blacklisting of stolen phones is another mechanism to prevent unauthorized
use. An Equipment Identity Register (EIR) enables network operators to disable stolen cellular
phones on networks around the world. User verification using Personal Identification Number
(PIN) codes is one method for customer protection against cellular phone fraud. Tests conducted
have proved that United States found that having a PIN code reduced fraud by more than 80%.
Traffic analysis detects cellular fraud by using artificial intelligence software to detect suspicious
calling patterns, such as a sudden increase in the length of calls or a sudden increase in the
number of international calls.
The software also determines whether it is physically possible for the subscriber to be making a
call from a current location, based on the location and time of the previous call. Currently, South
Africa„¢s two service providers, MTN and Vodacom, use traffic analysis with the International
Mobile Equipment Identity (IMEI) †a 15 digit number which acts as a unique identifier and is �usually printed on the back of the phone underneath the battery †to trace stolen phones.�
Other warning signs that subscriber should watch out for to detect fraudlentactivity include:
Frequent wrong number phone call on your phone, or hang ups.Difficulty in placing outgoing
calls.Difficulty in retrieving voice mail messages. Incoming call receive busy signals. Unusual bill
appearing on yours phone.
14.CONCLUSION
Presently the cellular phone industry relies on common law (fraud and theft) and in-house counter
measures to address cellular phone fraud. Mobile Cloning Is in initial stages in India so preventive
steps should be taken by the network provider and the Government the enactment of legislation to
prosecute crimes related to cellular phones is not viewed as a priority, however. It is essential that
intended mobile crime legislation be comprehensive enough to incorporate cellular phone fraud, in
particular "cloning fraud" as a specific crime
Mobile Cloning Is in initial stages in India so preventive steps should be taken by the
network provider and the Government the enactment of legislation to prosecute crimes
21
related to cellular phones is not viewed as a priority, however. It is essential that intended
mobile crime legislation be comprehensive enough to incorporate cellular phone fraud, in
particular "cloning fraud" as a specific crime.
Existing cellular systems have a number of potential weaknesses that were considered. It
is crucial that businesses and staff take mobile phone security seriously.
Presently the cellular phone industry relies on common law (fraud and theft) and in-house
counter measures to address cellular phone fraud.
Mobile cloning is in initial stages in India so preventive steps should be taken by the
provider and the government the enactment of legislation to prosecute crimes related to
cellular phone is not viewed as a priority, however.
It is essential that intended mobile crime legislation be comprehensive enough to
incorporate cellular phone fraud, in particular “Cloning fraud” as a specific crime.
The sources of evidence
The subscriber
The mobile station
The network
Since GSM is the worlds largest system for mobile communication today and also lay the
foundation for the future UMTS, it is important to recognize the need to study the methods and
tools for forensic analysis of the GSM system.
22
