Your SlideShare is downloading. ×
Mobile cloning
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Mobile cloning

1,591
views

Published on

Published in: Mobile, Business

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,591
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
193
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. 1 1. ABSTRACT Mobile communication has been readily available for several years, and is major business today. It provides a valuable service to its users who are willing to pay a considerable premium over a fixed line phone, to be able to walk and talk freely. Because of its usefulness and the money involved in the business, it is subject to fraud. Unfortunately, the advance of security standards has not kept pace with the dissemination of mobile communication. Some of the features of mobile communication make it an alluring target for criminals. It is a relatively new invention, so not all people are quite familiar with its possibilities, in good or in bad. Its newness also means intense competition among mobile phone service providers as they are attracting customers. The major threat to mobile phone is from cloning. Today millions of mobile phones users, be it Global System for Mobile communication (GSM) or Code Division Multiple Access (CDMA), run the risk of having their phones cloned. And the worst part is that there isn’t much that you can do to prevent this. Such crime first came to light in January 2005 when the Delhi police arrested a person with 20 cell phones, a laptop, a SIM scanner, and a writer. The accused was running an exchange illegally wherein he cloned CDMA-based mobile phones. He used software for the cloning and provided cheap international calls to Indian immigrants in West Asia. A similar racket came to light in Mumbai resulting in the arrest of four mobile dealers. Cloning is the process of taking the programmed information that is stored in a legitimate mobile phone and illegally programming the identical information into another mobile phone. The result is that the "cloned" phone can make and receive calls and the charges for those calls are billed to the legitimate subscriber. The service provider network does not have a way to differentiate between the legitimate phone and the "cloned" phone.
  • 2. 2 Index Terms: Cell phone cloning, GSM, CDMA, EMIE and PIN,Patagonia Introduction : This is the Final Report of the Economic Crimes Policy Team (hereafter, the “Team”) regarding the directives contained in the Wireless Telephone Protection Act (Pub.L. 105-172; April 24, 1998). The Economic Crimes Policy Team was chartered to advance the Commission’s work in several areas including the development of options for implementing the directives contained in the Wireless Telephone Protection Act (WTPA).13 This Act effectuated amendments to 18 U.S.C. § 1029 (Fraud and related activity in connection with access devices) related to the cloning of cellular telephones. The “cloning” of a cellular telephone occurs when the account number of a victim telephone user is stolen and reprogrammed into another cellular telephone. This report details the mission, background, analysis, and policy options of the Team. While mobile cloning is an emerging threat for Indian subscribers, it has been happening in other telecom markets since the 1990s, though mostly with regard to CDMA phones. Pleas in an US District Court in 1997 effectively ended West Texas authorities' first case of `phone cloning.' Authorities in the case estimated the loss at $3,000 to $4,000 for each number used. Southwestern Bell claims wireless fraud costs the industry $650 million each year in the US. Some federal agents in the US have called phone cloning an especially `popular' crime because it is hard to trace. Back home, police officers say the Yasin case is just the tip of the iceberg and have asked operators to improve their technology. But the operators claim they can't do much for now. "It's like stealing cars or duplicating credit card numbers. The service providers cannot do much except keep track of the billing pattern of the users. But since the billing cycle is monthly, the damage is done by the time we can detect the mischief," says a Reliance executive. Qualcomm, which develops CDMA technology globally, says each instance of mobile hacking is different and therefore there is very little an operator can do to prevent hacking. "It's like a virus hitting the computer. Each software used to hack into the network is different, so operators can only keep upgrading their security firewall as and when the hackers strike," says a Qualcomm executive.
  • 3. 3 What is mobile phone cloning? When we look up the dictionary meaning of cloning it states, “ to create the exact replica or a mirror image of an subject understudy. The subject can be any thing living or non-living so here we take into consideration the cellular or mobile phones. So Mobile cloning is copying the identity of one mobile telephone to another mobile telephone. Every electronic device has a working frequency, which plays a crucial role in its operation this we shall discuss later. Now the question that arises is how is a mobile phone cloned. I shall be discussing How Wireless Technology Works Each cellular phone has a unique pair of identifying numbers: the electronic serial number(“ESN”) and the mobile identification number (“MIN”). The ESN is programmed into the wireless phone’s microchip by the manufacturer at the time of production. The MIN is a ten-digit phone number that is assigned by the wireless carrier to a customer when an account is opened. The MIN can be changed by the carrier, but the ESN, by law, cannot be altered. When a cellular phone is first turned on, it emits a radio signal that broadcasts these numbers to the nearest cellular tower. The phone will continue to emit these signals at regular intervals, remaining in contact with the nearest cellular tower. These emissions (called autonomous registration) allow computers at the cellular carrier to know how to route incoming calls to that phone, to verify that the account is valid so that outgoing calls can be made, and to provide the foundation for proper billing of calls. This autonomous registration occurs whenever the phone is on, regardless of whether a call is actually in progress.
  • 4. 4 CLONING STATISTICS this in detail, because it is a very complex procedure in which we have to be familiar with the following terms. Age
  • 5. 5 MEASURES TO BE TAKEN  Service providers have adopted certain measures to prevent cellular fraud.  These include:  Blacklisting of stolen phones is another mechanism to prevent unauthorized use.   User verification using Personal Identification Number (PIN) codes is one method for customer protection against cellular phone fraud  Encryption: Encryption is regarded as the effective way to prevent cellular fraud   Traffic analysis detects cellular fraud by using artificial intelligence software to detect suspicious calling patterns, such as a sudden increase in the length of calls or a sudden increase in the number of international calls.   Blocking: Blocking is used by service providers to protect themselves from high risk callers.
  • 6. 6 What are GSM and CDMS mobile phone sets? CDMA is one of the newer digital technologies used in Canada, the US, Australia, and some South-eastern Asian countries (e.g. Hong Kong and South Korea). CDMA differs from GSM and TDMA (Time Division Multiple Access) by its use of spread spectrum techniques for transmitting voice or data over the air. Rather than dividing the radio frequency spectrum into separate user channels by frequency slices or time slots, spread spectrum technology separates users by assigning them digital codes within the same broad spectrum. Advantages of CDMA include higher user capacity and immunity from interference by other signals. GSM is a digital mobile telephone system that is widely used in Europe and other parts of the world. GSM uses a variation of TDMA and is the most widely used of the three digital wireless telephone technologies. GSM digitizes and compresses data, then sends it down a channel with two other streams of user data, each in its own time slot. It operates at either the 900 MHz or 1,800 MHz frequency band. Rise of Cell Cloning: The early 1990s were boom times for eavesdroppers. Any curious teenager with a £100 Tandy Scanner could listen in to nearly any analogue mobile phone call. As a result, Cabinet Ministers, company chiefs and celebrities routinely found their most intimate conversations published in the next day's tabloids Cell phone cloning started with Motorola "bag" phones and reached its peak in the mid 90's with a commonly available modification for the Motorola "brick" phones, such as the Classic, the Ultra Classic, and the Model 8000.
  • 7. 7 GSM: Global System for Mobile Communications. A digital cellular phone technology based on TDMA GSM phones use a Subscriber Identity Module (SIM) card that contains user account information. Any GSM phone becomes immediately programmed after plugging in the SIM card, thus allowing GSM phones to be easily rented or borrowed. Operators who provide GSM service are Airtel , Hutch etc.
  • 8. 8 CDMA: Code Division Multiple Access. A method for transmitting simultaneous signals over a shared portion of the spectrum. There is no Subscriber Identity Module (SIM) card unlike in GSM.Operators who provides CDMA service in India are Reliance and Tata Indicom. Mobile Phone Cloning Software: Cloning involved modifying or replacing the EPROM in the phone with a new chip which would allow you to configure an ESN (Electronic serial number) via software. You would also have to change the MIN (Mobile Identification Number). When you had successfully changed the ESN/MIN pair, your phone was an effective clone of the other phone. Cloning required access to ESN and MIN pairs. ESN/MIN pairs were discovered in several ways:  Sniffing the cellular  Trashing cellular companies or cellular resellers  Hacking cellular companies or cellular resellers Cloning still works under the AMPS/NAMPS system, but has fallen in popularity as older clone able phones are more difficult to find and newer phones have not been successfully reverse-engineered.Cloning has been successfully demonstrated under GSM, but the process is not easy and it currently remains in the realm of serious hobbyists and researchers. How is a phone cloned? Cellular thieves can capture ESN/MINs using devices such as cell phone ESN reader or digital data interpreters (DDI). DDIs are devices specially manufactured to intercept ESN/MINs. By simply sitting near busy roads where the volume of cellular traffic is high, cellular thieves monitoring the radio wave transmissions from the cell phones of legitimate subscribers can capture ESN/MIN pair. Numbers can be recorded by hand, one-by-one, or stored in the box and later downloaded to a computer. ESN/MIN readers can also be used from inside an offender’s home, office, or hotel room, increasing the difficulty of detection.
  • 9. 9 The ESN/MIN pair can be cloned in a number of ways without the knowledge of the carrier or subscriber through the use of electronic scanning devices. After the ESN/MIN pair is captured, the cloner reprograms or alters the microchip of any wireless phone to create a clone of the wireless phone from which the ESN/MIN pair was stolen. The entire programming process takes 10-15 minutes per phone. Any call made with cloned phone are billed to and traced to a legitimate phone account. Innocent citizens end up with unexplained monthly phone bills. To reprogram a phone, the ESN/MINs are transferred using a computer loaded with specialized software, or a “copycat” box, a device whose sole purpose is to clone phones. The devices are connected to the cellular handsets and the new identifying information is entered into the phone. There are also more discreet, concealable devices used to clone cellular phones. Plugs and ES-Pros, which are about the size of a pager or small calculator, do not require computers or copycat boxes for cloning. The entire programming process takes ten-15 minutes per phone. This was how CDMA handsets are cloned but now we face a question that being: - Do GSM sets run the risk of‘’cloning’? Looking at the recent case, it is quite possible to clone both GSM and CDMA sets. The accused in the Delhi case used software called Patagonia to clone only CDMA phones (Reliance and Tata Indicom). However, there are software packages that can be used to clone even GSM phones (e.g. Airtel, BSNL, Hutch, Idea). In order to clone a GSM phone, knowledge of the International Mobile Equipment Identity (IMEI) or instrument number is sufficient.
  • 10. 10 But the GSM-based operators maintain that the fraud is happening on CDMA, for now, and so their subscribers wouldn't need to worry. Operators in other countries have deployed various technologies to tackle this menace. They are: - 1) There's the duplicate detection method where the network sees the same phone in several places at the same time. Reactions include shutting them all off, so that the real customer will contact the operator because he has lost the service he is paying for. 2) Velocity trap is another test to check the situation, whereby the mobile phone seems to be moving at impossible, or most unlikely speeds. For example, if a call is first made in Delhi, and five minutes later, another call is made but this time in Chennai, there must be two phones with the same identity on the network. 3) Some operators also use Radio Frequency fingerprinting, originally a military technology. Even identical radio equipment has a distinguishing `fingerprint', so the network software stores and compares fingerprints for all the phones that it sees. This way, it will spot the clones with the same identity, but different fingerprints. 4) Usage profiling is another way wherein profiles of customers' phone usage are kept, and when discrepancies are noticed, the customer is contacted. For example, if a customer normally makes only local network calls but is suddenly placing calls to foreign countries for hours of airtime, it indicates a possible clone. What is Patagonia? Patagonia is a software available in the market which is used to clone CDMA phone.Using this software a cloner can take over the control of a CDMA phone i.e. cloning of phone.There are other Software’s avai;able in the market to clone GSM phone.This software’s are easily available in the market.A SIM can be cloned again and again and they can be used at different places.Messages and calls sent by cloned phones can be
  • 11. 11 tracked.However,if the accuses manages to also clone the IMEI number of the handset,for which software’s are available,there is no way he can be traced. Impact of cloning: Each year, the mobile phone industry loses millions of dollars in revenue because of the criminal actions of persons who are able to reconfigure mobile phones so that their calls are billed to other phones owned by innocent third persons. Often these cloned phones are used to place hundreds of calls, often long distance, even to foreign countries, resulting in thousands of dollars in airtime and long distance charges. Cellular telephone companies do not require their customers to pay for any charges illegally made to their account, no matter
  • 12. 12 how great the cost. But some portion of the cost of these illegal telephone calls is passed along to cellular telephone consumers as a whole. Many criminals use cloned cellular telephones for illegal activities, because their calls are not billed to them, and are therefore much more difficult to trace. His phenomenon is especially prevalent in drug crimes. Drug dealers need to be in constant contact with their sources of supply and their confederates on the streets. Traffickers acquire cloned phones at a minimum cost, make dozens of calls, and then throw the phone away after as little as a days' use. In the same way, criminals who pose a threat to our national security, such as terrorists, have been known to use cloned phones to thwart law enforcement efforts aimed at tracking their whereabouts. Methods To Detect Cloned Phones In A Network: Several countermeasures were taken with varying success. Here are various methods to detect cloned phones on the network: Duplicate detection - The network sees the same phone in several places at the same time. Reactions include shutting them all off so that the real customer will contact the operator because he lost the service he is paying for, or tearing down connections so that the clone users will switch to another clone but the real user will contact the operator. Velocity trap - The mobile phone seems to be moving at impossible , or most unlikely speeds. For example, if a call is first made in Helsinki, and five minutes later, another call is made but this time in Tampere, there must be two phones with the same identity on the network. RF (Radio Frequency) - fingerprinting is originally a military technology. Even nominally identical radio equipment has a distinguishing ``fingerprint'', so the network software stores and compares fingerprints for all the phones that it sees. This way, it will spot the clones with the same identity but different fingerprints. Usage profiling - Profiles of customers' phone usage are kept, and when discrepancies are noticed, the customer is contacted. Credit card companies use the same method. For example, if a customer normally makes only local network calls but is suddenly placing calls to foreign countries for hours of airtime, it indicates a possible clone. Call counting - Both the phone and the network keep track of calls made with the phone, and should they differ more than the usually allowed one call, service is denied.
  • 13. 13 PIN codes - Prior to placing a call, the caller unlocks the phone by entering a PIN code and then calls as usual. After the call has been completed, the user locks the phone by entering the PIN code again. Operators may share PIN information to enable safer roaming. How To Know That The Cell Has Been Cloned? 1. Frequent wrong number phone calls to your phone, or hang-ups. 2. Difficulty in placing outgoing calls. 3. Difficulty in retrieving voice mail messages. 4. Incoming calls constantly receiving busy signals or wrong numbers. Unusual calls appearing on your phone bills Duplicate Detection
  • 14. 14 Duplicate Detection Prevention for Cloning? Uniquely identifies a mobile unit within a wireless carrier's network. The MIN often can be dialed from other wireless or wire line networks. The number differs from the electronic serial number (ESN), which is the unit number assigned by a phone manufacturer. MINs and ESNs can be checked electronically to help prevent fraud. Mobiles should never be trusted for communicating/storing confidential information. Always set a Pin that's required before the phone can be used. Check that all mobile devices are covered by a corporate security policy. Ensure one person is responsible for keeping tabs on who has what equipment and that they update the central register. How do service providers handle reports of cloned phones? Legitimate subscribers who have their phones cloned will receive bills with charges for calls they didn't make. Sometimes these charges amount to several thousands of dollars in addition to the legitimate charges. Typically, the service provider will assume the cost of those additional fraudulent calls. However, to keep the cloned phone from continuing to receive service, the service provider will terminate the legitimate phone subscription. The subscriber is then required to activate a new subscription with a different phone number requiring reprogramming of the phone, along with the additional headaches that go along with phone number changes.
  • 15. 15 2. WIRELESS TELEPHONE PROTECTION ACT: Because of increasing financial losses to the telecommunications industry and the growing use of cloned phones in connection with other criminal activity, Congress passed the Wireless Telephone Protection Act (WTPA) in April 1998. The legislative history indicates that, in amending 18 U.S.C. § 1029, Congress was attempting to address two primary concerns presented by law enforcement and the wireless telecommunications industry.1 Manufacturing and Distributing Section 1029 covers cloning behavior that ranges from mere possession of a cloned phone to using, producing, or trafficking in cloning equipment. The statutory maximum for these offenses is ten or 15 years, depending upon the conduct, and are sentenced under §2F1.1. This guideline provides different punishment levels based on whether any or all of the following three factors are applicable: the amount of “loss” involved in the offense the offense involved “more than minimal planning” and the offense involved “sophisticated means.” However, the current guideline does not provide distinctions in sentence severity based on whether the defendant was involved in manufacturing or distributing cloned phones. It is possible that without a separate enhancement for manufacturing or distributing, the current fraud guideline does not adequately distinguish between possessing a clone. First, law enforcement officials testified at congressional hearings that they were having difficulty proving the “intent to defraud” element of the pre-amendment provision regarding some equipment used to clone phones.2 Although there is no legitimate reason to possess the equipment unless an individual is employed in the telecommunications industry, the prosecution often could not prove that the equipment was possessed with the intent to defraud. Second, law enforcement officials often discovered cloning equipment and cloned cellular telephones in the course of investigating other criminal activities, such as drug trafficking and other fraud. The use of cloned phones to facilitate other crimes increases the ability of offenders to escape detection because of the increased mobility and anonymity afforded by the phones. Gangs and foreign terrorist groups are also known to sell or rent cloned phones to finance their illegal activities.
  • 16. 16 With these concerns in mind, Congress amended section 1029 in 1998. The significant changes to the statute include— • Elimination of the intent to defraud element with respect to persons who knowingly use, produce, traffic in, have custody or control of, or possess hardware (a "copycat box") or software which has been . Wireless Telephone Protection Act (Pub. L. No. 105-418, April 24, 1998). Configured for altering or modifying a telecommunications instrument3. C Modification of the current definition of "scanning receiver" to ensure that the term is understood to include a device that can be used to intercept an electronic serial number, mobile identification number, or other identifier of any telecommunications service, equipment, or instrument; and C Correction of an error in the current penalty provision of 18 U.S.C. § 1029 that provided two different statutory maximum penalties (ten and 15 years) for the same offense. With respect to cellular phone cloning, the Act makes clear that a person convicted of such an offense without a prior section 1029 conviction is subject to a statutory maximum of 15 years; a person convicted of such an offense after a prior section 1029 conviction is subject to a statutory maximum of 20 years. In addition to the amendments to section 1029, the Wireless Telephone Protection Act directs the Commission to “review and amend the federal sentencing guidelines and the policy statements of the Commission, and, if appropriate, to provide an appropriate penalty for offenses involving the cloning of wireless telephones. The Act also directs the Commission to consider eight specific factors: (A) The range of conduct covered by the offenses. (B) The existing sentences for the offense. (C) The extent to which the value of the loss caused by the offenses (as defined in the federal sentencing guidelines) is an adequate measure for establishing penalties under the federal sentencing guidelines. (D) The extent to which sentencing enhancements within the federal sentencing guidelines and the court’s authority to sentence above the applicable guideline range are adequate to
  • 17. 17 ensure punishment at or near the maximum penalty for the most egregious conduct covered by the offenses. (E) The extent to which the federal sentencing guideline sentences for the offenses have been constrained by statutory maximum penalties. (F) The extent to which federal sentencing guidelines for the offense(s) adequately achieve the purposes of sentencing set forth in 18 U.S.C. § 3553(a)(2); (G) The relationship of the federal sentencing guidelines for these offenses to offenses of comparable seriousness; and (H) Any other factor the Commission considers to be appropriate. 3. INTRODUCTION While mobile cloning is an emerging threat for Indian subscribers, it has been happening in other telecom markets since the 1990s, though mostly with regard to CDMA phones. Pleas in an US District Court in 1997 effectively ended West Texas authorities' first case of `phone cloning.' Authorities in the case estimated the loss at $3,000 to $4,000 for each number used. Southwestern Bell claims wireless fraud costs the industry $650 million each year in the US. Some federal agents in the US have called phone cloning an especially `popular' crime because it is hard to trace. Back home, police officers say the Yasin case is just the tip of the iceberg and have asked operators to improve their technology. But the operators claim they can't do much for now. "It's like stealing cars or duplicating credit card numbers. The service providers cannot do much except keep track of the billing pattern of the users. But since the billing cycle is monthly, the damage is done by the time we can detect the mischief," says a Reliance executive.
  • 18. 18 Qualcomm, which develops CDMA technology globally, says each instance of mobile hacking is different and therefore there is very little an operator can do to prevent hacking. "It's like a virus hitting the computer. Each software used to hack into the network is different, so operators can only keep upgrading their security firewall as and when the hackers strike," says a Qualcomm executive. 4. WHEN DID CELL CLONING START The early 1990s were boom times for eavesdroppers. Any curious teenager with a £100 Tandy Scanner could listen in to nearly any analogue mobile phone call. As a result, Cabinet Ministers, company chiefs and celebrities routinely found their most intimate conversations published in the next day's tabloids. Cell phone cloning started with Motorola "bag" phones and reached its peak in the
  • 19. 19 mid 90's with a commonly available modification for the Motorola "brick" phones, such as the Classic, the Ultra Classic, and the Model 8000. GSM: Global System for Mobile Communications. A digital cellular phone technology based on TDMA GSM phones use a Subscriber Identity Module (SIM) card that contains user account information. Any GSM phone becomes immediately programmed after plugging in the SIM card, thus allowing GSM phones to be easily rented or borrowed. Operators who provide GSM service are Airtel, Hutch etc. CDMA: Code Division Multiple Access. A method for transmitting simultaneous signals over a shared portion of the spectrum. There is no Subscriber Identity Module (SIM) card unlike in GSM. An operator who provides CDMA service in India are Reliance and Tata Indicom. IS FIXED TELEPHONE NETWORK SAFER THAN MOBILE PHONE? The answer is yes. In spite of this, the security functions which prevent eavesdropping and unauthorized uses are emphasized by the mobile phone companies. The existing mobile communication networks are not safer than the fixed Telephone networks. They only offer protection against the new forms of abuse. SECURITY FUNCTIONS OF THE GSM AND CDMA: As background to a better understanding of the attacks on the GSM and CDMA network the following gives a brief introduction to the Security functions available in GSM. The following functions exist: • Access control by means of a personal smart card (called subscriber Identity module, SIM) and PIN (personal identification number)
  • 20. 20 • Authentication of the users towards the network carrier and generation of a session key in order to prevent abuse. • Encryption of communication on the radio interface, i.e. between mobile Station and base station, • concealing the users’ identity on the radio interface, i.e. a temporary valid Identity code (TMSI) is used for the identification of a mobile user instead Of the IMSI. HOW BIG OF A PROBLEM IS CLONING FRAUD? The Cellular Telecommunications Industry Association (CTIA) estimates that financial losses in due to cloning fraud are between $600 million and $900 million in the United States. Some subscribers of Reliance had to suffer because their phone was cloned. Mobile Cloning Is in initial stages in India so preventive steps should be taken by the network provider and the Government. WHAT IS MOBILE PHONE CLONING? When we look up the dictionary meaning of cloning it states, “To create the exact replica or a mirror image of an subject understudy. The subject can be anything living or non-living so here we take into consideration the cellular or mobile phones. So Mobile cloning is copying the identity of one mobile telephone to another mobile telephone. Every electronic device has a working frequency, which plays a crucial role in its operation this we shall discuss later. Now the question that arises is how a mobile phone is cloned. I shall be discussing this in detail, because it is a very complex procedure in which we have to be familiar with the following terms.
  • 21. 21 What are GSM and CDMS mobile phone sets? CDMA is one of the newer digital technologies used in Canada, the US, Australia, and some South-eastern Asian countries (e.g. Hong Kong and South Korea). CDMA differs from GSM and TDMA (Time Division Multiple Access) by its use of spread spectrum techniques for transmitting voice or data over the air. Rather than dividing the radio frequency spectrum into separate user channels by frequency slices or time slots, spread spectrum technology separates users by assigning them digital codes within the same broad spectrum. Advantages of CDMA include higher user capacity and immunity from interference by other signals. GSM is a digital mobile telephone system that is widely used in Europe and other parts of the world. GSM uses a variation of TDMA and is the most widely used of the three digital wireless telephone technologies. GSM digitizes and compresses data, then sends it down a channel with two other streams of user data, each in its own time slot. It operates at either the 900 MHz or 1,800 MHz frequency band. Some other important terms whose knowledge is necessary are:- 1. IMEI 2. SIM 3. ESN 4. MIN So, first things first, the IMEI is an abbreviation for International Mobile Equipment Identifier, this is a 10 digit universally unique number of our GSM handset. I use the term Universally Unique because there cannot be 2 mobile phones having the same IMEI no. This is a very valuable number and used in tracking mobile phones. Second comes SIM, which stands for Subscriber Identification Module. Basically the SIM provides storage of subscriber related information of three types: 1. Fixed data stored before the subscription is sold 2. Temporary network data 3. Service related data.
  • 22. 22 Next is the ESN, which stands for Electronic Serial Number. It is same as the IMEI but is used in CDMA handsets. MIN stands for Mobile Identification Number, which is the same as the SIM of GSM. The basic difference between a CDMA handset and a GSM handset is that a CDMA handset has no sim i.e. the CDMA handset uses MIN as its Sim, which cannot be replaced as in GSM. The MIN chip is embedded in the CDMA hand set. 5. HOW IS A PHONE CLONED? Cellular thieves can capture ESN/MINs using devices such as cell phone ESN reader or digital data interpreters (DDI). DDIs are devices specially manufactured to intercept ESN/MINs. By simply sitting near busy roads where the volume of cellular traffic is high, cellular thieves monitoring the radio wave transmissions from the cell phones of legitimate subscribers can capture ESN/MIN pair. Numbers can be recorded by hand, one-by-one, or stored in the box and later downloaded to a computer. ESN/MIN readers can also be used from inside an offender’s home, office, or hotel room, increasing the difficulty of detection. The ESN/MIN pair can be cloned in a number of ways without the knowledge of the carrier or subscriber through the use of electronic scanning devices. After the ESN/MIN pair is captured, the cloner reprograms or alters the microchip of any wireless phone to create a clone of the wireless phone from which the ESN/MIN pair was stolen. The entire programming process takes 10-15 minutes per phone. Any call made with cloned phone are billed to and traced to a legitimate phone account. Innocent citizens end up with unexplained monthly phone bills. To reprogram a phone, the ESN/MINs are transferred using a computer loaded with specialized software, or a “copycat” box, a device whose sole purpose is to clone phones. The devices are connected to the cellular handsets and the new identifying information is entered into the phone. There are also more discreet, concealable devices used to clone cellular phones. Plugs and ES-Pros, which are about the size of a pager or small
  • 23. 23 calculator, do not require computers or copycat boxes for cloning. The entire programming process takes ten-15 minutes per phone. Fig. 1 Cellular cloning fraud procedure Do GSM sets run the risk of ‘cloning’? Looking at the recent case, it is quite possible to clone both GSM and CDMA sets. The accused in the Delhi case used software called Patagonia to clone only CDMA phones (Reliance and Tata Indicom). However, there are software packages that can be used to clone even GSM phones (e.g. Airtel, BSNL, Hutch, Idea). In order to clone a GSM phone, knowledge of the International Mobile Equipment Identity (IMEI) or instrument number is sufficient.
  • 24. 24 But the GSM-based operators maintain that the fraud is happening on CDMA, for now, and so their subscribers wouldn't need to worry. Operators in other countries have deployed various technologies to tackle this menace. They are: - 1. There's the duplicate detection method where the network sees the same phone in several places at the same time. Reactions include shutting them all off, so that the real customer will contact the operator because he has lost the service he is paying for. 2. Velocity trap is another test to check the situation, whereby the mobile phone seems to be moving at impossible or most unlikely speeds. For example, if a call is first made in Delhi, and five minutes later, another call is made but this time in Chennai, there must be two phones with the same identity on the network. 3. Some operators also use Radio Frequency fingerprinting, originally a military technology. Even identical radio equipment has a distinguishing `fingerprint', so the network software stores and compares fingerprints for all the phones that it sees. This way, it will spot the clones with the same identity, but different fingerprints. 4. Usage profiling is another way wherein profiles of customers' phone usage are kept, and when discrepancies are noticed, the customer is contacted. For example, if a customer normally makes only local network calls but is suddenly placing calls to foreign countries for hours of airtime, it indicates a possible clone. 6. IMPACT OF CLONING: Each year, the mobile phone industry loses millions of dollars in revenue because of the criminal actions of persons who are able to reconfigure mobile phones so that their calls are billed to other phones owned by innocent third persons. Often these cloned phones are used to place hundreds of calls, often long distance, even to foreign countries, resulting in thousands of dollars in airtime and long distance charges. Cellular telephone companies do not require their customers to pay for any charges illegally made to their account, no matter
  • 25. 25 how great the cost. But some portion of the cost of these illegal telephone calls is passed along to cellular telephone consumers as a whole. Many criminals use cloned cellular telephones for illegal activities, because their calls are not billed to them, and are therefore much more difficult to trace. His phenomenon is especially prevalent in drug crimes. Drug dealers need to be in constant contact with their sources of supply and their confederates on the streets. Traffickers acquire cloned phones at a minimum cost, make dozens of calls, and then throw the phone away after as little as a days' use. In the same way, criminals who pose a threat to our national security, such as terrorists, have been known to use cloned phones to thwart law enforcement efforts aimed at tracking their whereabouts. HOW TO KNOW THAT THE CELL HAS BEEN CLONED? 1. Frequent wrong number phone calls to your phone, or hang-ups. 2. Difficulty in placing outgoing calls. 3. Difficulty in retrieving voice mail messages. 4. Incoming calls constantly receiving busy signals or wrong numbers. Unusual calls appearing on your phone bills 7. METHOD TO DETECT CLONED PHONES: Duplicate detection - The network sees the same phone in several places at the same time. Reactions include shutting them all off so that the real customer will contact the operator because he lost the service he is paying for, or tearing down connections so that the clone users will switch to another clone but the real user will contact the operator. Velocity trap - The mobile phone seems to be moving at impossible or most unlikely speeds. For example, if a call is first made in Helsinki, and five minutes later, another call is made but this time in Tampere, there must be two phones with the same identity on the network.
  • 26. 26 Call counting - Both the phone and the network keep track of calls made with the phone, and should they differ more than the usually allowed one call, service is denied. PIN codes - Prior to placing a call, the caller unlocks the phone by entering a PIN code and then calls as usual. After the call has been completed, the user locks the phone by entering the PIN code again. Operators may share PIN information to enable safer roaming.  Frequent wrong number phone calls to your phone, or hang-ups.  Difficulty in placing outgoing calls.  Difficulty in retrieving voice mail messages.  Incoming calls constantly receiving busy signals or wrong numbers. Unusual calls appearing on your phone bills. 8. SOLUTION OF THE PROBLEM: Cloning, as the crime branch detectives divulge, starts when someone, working for a mobile phone service provider, agrees to sell the security numbers to gray market operators. Every mobile handset has a unique factory-coded electronic serial number and a mobile identification number. The buyer can then program these security numbers into new handsets. The onus to check the misuse of mobile cloning phenomenon falls on the subscriber himself. The subscribers, according to the officials, should be on the alert and inform the police on suspecting any foul play. It would be advisable for them to ask for the list of outgoing calls, as soon as they realize that they've been overcharged. Meanwhile, the crime branch is hopeful to find out a way to stop the mobile cloning phenomenon. For example
  • 27. 27 The Central Forensic Laboratory at Hyderabad has reportedly developed software that would detect cloned mobile phones. Called the Speaker Identification Technique, the software enables one to recognize the voice of a person by acoustics analysis. These methods are only good at detecting cloning, not preventing damage. A better solution is to add authentication to the system. But this means upgrading the software of the operators' network, and renewing the SIM-cards, which is not an easy or a cheap task. This initiative by the Forensic Laboratory had to be taken up in the wake of more and more reports of misuse of cloned mobiles. 9. HOW TO PREVENT CELL CLONING? Uniquely identifies a mobile unit within a wireless carrier's network. The MIN often can be dialed from other wireless or wire line networks. The number differs from the electronic serial number (ESN), which is the unit number assigned by a phone manufacturer. MINs and ESNs can be checked electronically to help prevent fraud. Mobiles should never be trusted for communicating/storing confidential information. Always set a Pin that's required before the phone can be used. Check that all mobile devices are covered by a corporate security policy. Ensure one person is responsible for keeping tabs on who has what equipment and that they update the central register. How do service providers handle reports of cloned phones? Legitimate subscribers who have their phones cloned will receive bills with charges for calls they didn't make. Sometimes these charges amount to several thousands of dollars in addition to the legitimate charges. Typically, the service provider will assume the cost of those additional fraudulent calls. However, to keep the cloned phone from continuing to receive service, the service provider will terminate the legitimate phone subscription. The subscriber is then required to activate a new subscription with a different phone number requiring reprogramming of the phone, along with the additional headaches that go along with phone number changes.
  • 28. 28 How can organizations help themselves? 1. Mobiles should never be trusted for communicating/storing confidential information. 2. Always set a Pin that's required before the phone can be used. 3. Check that all mobile devices are covered by a corporate security policy. 4. Ensure one person is responsible for keeping tabs on who has what equipment and that they update the central register. Such preventive measures are our only defence till we get a way or a technique to prevent cloning of mobile phones.
  • 29. 29 Solution to this problem: Cloning, as the crime branch detectives divulge, starts when some one, working for a mobile phone service provider, agrees to sell the security numbers to gray market operators. Every mobile handset has a unique factory-coded electronic serial number and a mobile identification number. The buyer can then program these security numbers into new handsets. The onus to check the misuse of mobile cloning phenomenon falls on the subscriber himself. The subscribers, according to the officials, should be on the alert and inform the police on suspecting any foul play. It would be advisable for them to ask for the list of outgoing calls, as soon as they realize that they've been overcharged. Meanwhile, the crime branch is hopeful to find out away to stop the mobile cloning phenomenon. For example - The Central Forensic Laboratory at Hyderabad has reportedly developed software that would detect cloned mobile phones. Called the Speaker Identification Technique, the software enables one to recognize the voice of a person by acoustics analysis. These methods are only good at detecting cloning, not preventing damage. A better solution is to add authentication to the system. But this means upgrading the software of the operators' network, and renewing the SIM-cards, which is not an easy or a cheap task. This initiative by the Forensic Laboratory had to be taken up in the wake of more and more reports of misuse of cloned mobiles. FUTURE THREATS: Resolving subscriber fraud can be a long and difficult process for the victim. It may take time to discover that subscriber fraud has occurred and an even longer time to prove that you did not incur the debts. As described in this article there are many ways to abuse telecommunication system, and to prevent abuse from occurring it is absolutely necessary to check out the weakness and vulnerability of existing telecom systems. If it is planned to invest in new telecom equipment, a security plan should be made and the system tested before being implemented. It is therefore mandatory to keep in mind that a technique which is described as safe today can be the most unsecured technique in the future.
  • 30. 30 WHAT CAN BE DONE? With technically sophisticated thieves, customers are relatively helpless against cellular phone fraud. Usually they became aware of the fraud only once receiving their phone bill. Service providers have adopted certain measures to prevent cellular fraud. These include encryption, blocking, blacklisting, user verification and traffic analysis: Encryption is regarded as the most effective way to prevent cellular fraud as it prevents eavesdropping on cellular calls and makes it nearly impossible for thieves to steal Electronic Serial Number (ESN) and Personal Identification Number (PIN) pairs. Blocking is used by service providers to protect themselves from high risk callers. For example, international calls can be made only with prior approval. In some countries only users with major credit cards and good credit ratings are allowed to make long distance calls. 1. Blacklisting of stolen phones is another mechanism to prevent unauthorized use. An Equipment Identity Register (EIR) enables network operators to disable stolen cellular phones on networks around the world. 2. User verification using Personal Identification Number (PIN) codes is one method for customer protection against cellular phone fraud. 3. Tests conducted have proved that United States found that having a PIN code reduced fraud by more than 80%. 4. Traffic analysis detects cellular fraud by using artificial intelligence software to detect suspicious calling patterns, such as a sudden increase in the length of calls or a sudden increase in the number of international calls.
  • 31. 31 VICTIMS OF PHONE CLONING  Anita Davis, a mobile clone victim. One month, her cell phone bill showed $3,151 worth of calls in one month, to Pakistan, Israel, Jordan, Africa, and other countries.  A Louisville woman was shocked when she got her February cell phone bill from T- Mobile. It was ten times higher than it's ever been before. Equally troubling, she didn't recognize most of the phone numbers on it.
  • 32. 32 ADVANTAGES 1. If your phone has been lost , you can use your cloned cell phone. 2. If your phone got damaged or if you forgot your phone at home or any other place . Cloned phone can be helpful. DISADVANTAGES  It can be used by the terrorists for criminal activities.  It can be used by the cloner for fraud calls.  It can be used for illegal money transfer.
  • 33. 33 10.CONCLUSION Presently the cellular phone industry relies on common law (fraud and theft) and in- house counter measures to address cellular phone fraud. Mobile Cloning Is in initial stages in India so preventive steps should be taken by the network provider and the Government the enactment of legislation to prosecute crimes related to cellular phones is not viewed as a priority, however. It is essential that intended mobile crime legislation be comprehensive enough to incorporate cellular phone fraud, in particular "cloning fraud" as a specific crime. Some of the forms of fraud presented here have been possible because of design flaws. The cloning of analogy mobile phones was possible because there was no protection to the identification information and the cloning of GSM SIM-cards is possible because of a leaking authentication algorithm. These problems can be countered with technical means. However, fraud in itself is a social problem. As such, it may be temporarily countered with technological means but they rarely work permanently. Mobile phones are a relatively new phenomenon and social norms to its use have not been formed. Some operators have tried the ``If you can't beat them, join them'' approach and provided services that would otherwise be attained by fraud. As mobile communication matures, both socially and technologically, fraud will settle to some level. Until then, it is a race between the operators, equipment manufacturers and the fraudsters. Mobile Cloning Is in initial stages in India so preventive steps should be taken by the network provider and the Government the enactment of legislation to prosecute crimes related to cellular phones is not viewed as a priority, however. It is essential that intended mobile crime legislation be comprehensive enough to incorporate cellular phone fraud, in particular "cloning fraud" as a specific crime. Existing cellular systems have a number of potential weaknesses that were considered. It is crucial that businesses and staff take mobile phone security seriously
  • 34. 34 11. REFERENCES: 1. IEEE journal for mobile communication 2. Science today magazine 3. Mobile communication Govt. of India reports 4. Mobile phone cloning www.seminarsonly.com 5. Google: www.google.com 6. Wikipedia: www.wikipedia.org 7. Mobile cloning mobiledia.com