mobile cloning technology report

Mobile Cloning Technology

CHAPTER - 1

INTRODUCTION

The Economic Crimes Policy Team was chartered to advance the Commission’s

work in several areas including the development of options for implementing the

directives contained in the Wireless Telephone Protection Act (WTPA).13 This Act

effectuated amendments to 18 U.S.C. § 1029 (Fraud and related activity in connection

with access devices) related to the cloning of cellular telephones. The “cloning” of a

cellular telephone occurs when the account number of a victim telephone user is stolen

and reprogrammed into another cellular telephone. This report details the mission,

background, analysis, and policy options of the Team.

While mobile cloning is an emerging threat for Indian subscribers, it has been

happening in other telecom markets since the 1990s, though mostly with regard to CDMA

phones. Pleas in an US District Court in 1997 effectively ended West Texas authorities'

first case of `phone cloning.' Authorities in the case estimated the loss at $3,000 to $4,000

for each number used. According to media reports, recently the Delhi (India) police

arrested a person with 20 cell- phones, a laptop, a SIM scanner, and a writer. The accused

was running an exchange illegally wherein he cloned CDMA based cell phones. He used

software named Patagonia for the cloning and provided cheap international calls to Indian

immigrants in West Asia.

Southwestern Bell claims wireless fraud costs the industry $650 million each year

in the US. Some federal agents in the US have called phone cloning an especially

`popular' crime because it is hard to trace. Back home, police officers say the Yasin case

is just the tip of the iceberg and have asked operators to improve their technology. But the

operators claim they can't do much for now. "It's like stealing cars or duplicating credit

card numbers.

The service providers cannot do much except keep track of the billing pattern of

the users. But since the billing cycle is monthly, the damage is done by the time we can

detect the mischief," says a Reliance executive. Qualcomm, which develops CDMA

technology globally, says each instance of mobile hacking is different and therefore there

Department of Computer Science & Engineering

K.C.T Engineering College, Kalaburagi-04


is very little an operator can do to prevent hacking. "It's like a virus hitting the computer.

Each software used to hack into the network is different, so operators can only keep

upgrading their security firewall as and when the hackers strike," says a Qualcomm

executive

.

Figure1.Phone Cloning




1.1 WHAT IS CELL PHONE CLONING?

Cell phone cloning can be defined by the following definitions

Cell phone cloning is copying the identity of one mobile telephone to another mobile

telephone.

Usually this is done for the purpose of making fraudulent telephone calls. The bills for

the calls go to the legitimate subscriber.

The cloner is also able to make effectively anonymous calls, which attracts another

group of interested users.

Cloning is the process of taking the programmed information that is stored in a

legitimate mobile phone and illegally programming the identical information into

another mobile phone.

The result is that the "cloned" phone can make and receive calls and the charges for

those calls are billed to the legitimate subscriber. The service provider network does

not have a way to differentiate between the legitimate phone and the "cloned" phone.

Cloning occurs most frequently in areas of high cell phone usage -- valet parking lots,

airports, shopping malls, concert halls, sports stadiums, and high-congestion traffic

areas in metropolitan cities.

Figure 1.1 : Cellular phone Cloning




Age

Figure1.1.2:

CLONING

STATISTICS

1.2 HOW WIRELESS TECHNOLOGY WORKS?




Each cellular phone has a unique pair of identifying numbers:

1. The Electronic Serial Number (“ESN”) and

2. The Mobile Identification Number (“MIN”).

The ESN is programmed into the wireless phone’s microchip by the manufacturer at

the time of production.

The MIN is a ten-digit phone number that is assigned by the wireless carrier to a

customer when an account is opened.

The MIN can be changed by the carrier, but the ESN, by law, cannot be altered. When

a cellular phone is first turned on, it emits a radio signal that broadcasts these numbers

to the nearest cellular tower.

The phone will continue to emit these signals at regular intervals, remaining in contact

with the nearest cellular tower.

These emissions (called autonomous registration) allow computers at the cellular

carrier to know how to route incoming calls to that phone, to verify that the account is

valid so that outgoing calls can be made, and to provide the foundation for proper

billing of calls.

This autonomous registration occurs whenever the phone is on, regardless of whether

a call is actually in progress.




CHAPTER - 2

WHEN DID CELL CLONING START?

The early 1990s were boom times for eavesdroppers. Any curious teenager with a

£100 Tandy Scanner could listen in to nearly any analogue mobile phone call.

As a result, Cabinet Ministers, company chiefs and celebrities routinely found

their most intimate conversations published in the next day's tabloids

Cell phone cloning started with Motorola "bag" phones and reached its peak in the

mid 90's with a commonly available modification for the Motorola "brick" phones, such

as the Classic, the Ultra Classic, and the Model 8000.

Figure 2.Cloning a phone in a network




CHAPTER - 3

WHAT ARE CDMA AND GSM MOBILE PHONE

SETS?

CDMA is one of the newer digital technologies used in Canada, the US,

Australia, and some South-eastern Asian countries (e.g. Hong Kong and South Korea).

CDMA differs from GSM and TDMA (Time Division Multiple Access) by its use of

spread spectrum techniques for transmitting voice or data over the air. Rather than

dividing the radio frequency spectrum into separate user channels by frequency slices or

time slots, spread spectrum technology separates users by assigning them digital codes

within the same broad spectrum. Advantages of CDMA include higher user capacity and

immunity from interference by other signals.

GSM is a digital mobile telephone system that is widely used in Europe and other

parts of the world. GSM uses a variation of TDMA and is the most widely used of the

three digital wireless telephone technologies. GSM digitizes and compresses data, then

sends it down a channel with two other streams of user data, each in its own time slot. It

operates at either the 900 MHz or 1,800 MHz frequency band.

Figure3: CDMA Phone




Figure3.1 : GSM Phone

Some other important terms whose knowledge is necessary are:-

1. IMEI

2. SIM

3. ESN

4. MIN

So, first things first, the IMEI is an abbreviation for International Mobile

Equipment Identifier, this is a 10 digit universally unique number of our GSM handset. I

use the term Universally Unique because there cannot be 2 mobile phones having the

same IMEI no. This is a very valuable number and used in tracking mobile phones.

Second comes SIM, which stands for Subscriber Identification Module. Basically

the SIM provides storage of subscriber related information of three types:




1. Fixed data stored before the subscription is sold

2. Temporary network data

3. Service related data

Next is the ESN, which stands for Electronic Serial Number. It is same as the

IMEI but is used in CDMA handsets. The ESN is transmitted to the cell site and used in

conjunction with the NAM to verify that you are a legitimate user of the cellular system.

MIN stands for Mobile Identification Number, which is the same as the SIM of

GSM. It is simply the phone number of the cellular telephone.

The basic difference between a CDMA handset and a GSM handset is that a

CDMA handset has no sim i.e. the CDMA handset uses MIN as its Sim, which cannot be

replaced as in GSM. The MIN chip is embedded in the CDMA hand set.

3.1 SECURITY FUNCTIONS OF THE GSM AND CDMA

As background to a better understanding of the attacks on the GSM and CDMA

network the following gives a brief introduction to the Security functions available in

GSM. The following functions exist:

a. Access control by means of a personal smart card (called

subscriber Identity module, SIM) and PIN (personal identification

number)

b. Authentication of the users towards the network carrier and generation of a

session key in order to prevent abuse.

c. Encryption of communication on the radio interface, i.e. between mobile

Station and base station,

d. Concealing the user’s identity on the radio interface, i.e. a

temporary valid Identity code (TMSI) is used for the

identification of a mobile user instead Of the IMSI.




CHAPTER - 4

MOBILE PHONE CLONING SOFTWARE

Cloning involved modifying or replacing the EPROM in the phone with a new

chip which would allow you to configure an ESN (Electronic serial number) via software.

You would also have to change the MIN (Mobile Identification Number). When you had

successfully changed the ESN/MIN pair, your phone was an effective clone of the other

phone. Cloning required access to ESN and MIN pairs. ESN/MIN pairs were discovered

in several ways:

Sniffing the cellular phones.

Trashing cellular companies or cellular resellers.

Hacking cellular companies or cellular resellers.

Cloning still works under the AMPS/NAMPS system, but has fallen in

popularity as older clone able phones are more difficult to find and newer phones

have not been successful. Reverse-engineered Cloning has been successfully

demonstrated under GSM, but the process is not easy and it currently remains in

the realm of serious hobbyists and researchers.




CHAPTER - 5

HOW IS A PHONE CLONED?

Cellular thieves can capture ESN/MINs using devices such as cell phone

ESN reader or digital data interpreters (DDI). DDIs are devices specially

manufactured to intercept ESN/MINs. By simply sitting near busy roads where

the volume of cellular traffic is high, cellular thieves monitoring the radio wave

transmissions from the cell phones of legitimate subscribers can capture

ESN/MIN pair. Numbers can be recorded by hand, one-by-one, or stored in the

box and later downloaded to a computer. ESN/MIN readers can also be used

from inside an offender’s home, office, or hotel room, increasing the difficulty of

detection.

Figure5: Cloning a phone

The ESN/MIN pair can be cloned in a number of ways without the knowledge of

the carrier or subscriber through the use of electronic scanning devices. After the

ESN/MIN pair is captured, the cloner reprograms or alters the microchip of any wireless

phone to create a clone of the wireless phone from which the ESN/MIN pair was stolen.

The entire programming process takes 10-15 minutes per phone.




Any call made with cloned phone are billed to and traced to a legitimate phone

account. Innocent citizens end up with unexplained monthly phone bills. To reprogram a

phone, the ESN/MINs are transferred using a computer loaded with specialized software,

or a “copycat” box, a device whose sole purpose is to clone phones.

The devices are connected to the cellular handsets and the new identifying

information is entered into the phone. There are also more discreet, concealable devices

used to clone cellular phones. Plugs and ES-Pros, which are about the size of a pager or

small calculator, do not require computers or copycat boxes for cloning. The entire

programming process takes 10-15 minutes per phone. Figure5.shows cellular cloning

fraud.




Figure5. Cellular Cloning Fraud Procedure




This was how CDMA handsets are cloned but now we face a question that being:

5.1 DO GSM SETS RUN THE RISK OF ‘CLONING’?

Looking at the recent case, it is quite possible to clone both GSM and CDMA

sets. The accused in the Delhi case used software called Patagonia to clone only CDMA

phones (Reliance and Tata Indicom). However, there are software packages that can be

used to clone even GSM phones (e.g. Airtel, BSNL, Hutch ,Idea). In order to clone a

GSM phone, knowledge sof the International Mobile Equipment Identity (IMEI) or

instrument number is sufficient.

But the GSM-based operators maintain that the fraud is happening on CDMA,

for now, and so their subscribers wouldn't need to worry. Operators in other countries

have deployed various technologies to tackle this menace. They are: -

1. There's the duplicate detection method where the network sees the same phone in

several places at the same time. Reactions include shutting them all off, so that the real

customer will contact the operator because he has lost the service he is paying for.

2. Velocity trap is another test to check the situation, whereby the mobile phone seems

to be moving at impossible, or most unlikely speeds.




For example, if a call is first made in Delhi,and five minutes later, another call is made

but this time in Chennai, there must be two phones with the same identity on the network.

3. Some operators also use Radio Frequency fingerprinting, originally a military

technology. Even identical radio equipment has a distinguishing `fingerprint', so the

network software stores and compares fingerprints for all the phones that it sees. This

way, it will spot the clones with the same identity, but different fingerprints.

4. Usage profiling is another way wherein profiles of customers' phone usage are kept,

and when discrepancies are noticed, the customer is contacted. For example, if a customer

normally makes only local network calls but is suddenly placing calls to foreign countries

for hours of airtime, it indicates a possible clone.

5.2 WHAT IS PATAGONIA?

Patagonia is a software available in the market which is used to clone CDMA

phone. Using this software a cloner can take over the control of a CDMA phone i.e.

cloning of phone. There are other Softwares available in the market to clone GSM phone.

This software’s are easily available in the market. A SIM can be cloned again and again

and they can be used at different places. Messages and calls sent by cloned phones can be

tracked. However, if the accuses manages to also clone the IMEI number of the handset,

for which software’s are available, there is no way he can be traced.

Figure5.2: ESN on CDMA phone




CHAPTER - 6

IMPACT OF CLONING

Each year, the mobile phone industry loses millions of dollars in revenue because

of the criminal actions of persons who are able to reconfigure mobile phones so that their

calls are billed to other phones owned by innocent third persons. Often these cloned

phones are used to place hundreds of calls, often long distance, even to foreign countries,

resulting in thousands of dollars in airtime and long distance charges. Cellular telephone

companies do not require their customers to pay for any charges illegally made to their

account, no matter how great the cost. But some portion of the cost of these illegal

telephone calls is passed along to cellular telephone consumers as a whole.

Many criminals use cloned cellular telephones for illegal activities, because their

calls are not billed to them, and are therefore much more difficult to trace. His

phenomenon is especially prevalent in drug crimes. Drug dealers need to be in constant

contact with their sources of supply and their confederates on the streets. Traffickers

acquire cloned phones at a minimum cost, make dozens of calls, and then throw the

phone away after as little as a days' use. In the same way, criminals who pose a threat to

our national security, such as terrorists, have been known to use cloned phones to thwart

law enforcement efforts aimed at tracking their whereabouts.

6.1 HOW TO KNOW THAT THE CELL HAS BEEN CLONED?

1. Frequent wrong number phone calls to your phone, or hang-ups.

2. Difficulty in placing outgoing calls.

3. Difficulty in retrieving voice mail messages.

4. Incoming calls constantly receiving busy signals or wrong numbers.

5. Unusual calls appearing on your phone bills.




6.2 CAN CALLS ON CLONED PHONE BE TRACKED?

Yes. A SIM can be cloned again and again and they can be used at different

places. Messages and calls can track sent by cloned phones. However, if the accused

manages to also clone the IMEI number of the handset, for which software’s are

available, there is no way the cell can be traced.

6.3 IS FIXED TELEPHONE NETWORK SAFER THAN MOBILE

PHONE?

The answer is yes. In spite of this, the security functions which prevent

eavesdropping and unauthorized uses are emphasized by the mobile phone companies.

The existing mobile communication networks are not safer than the fixed Telephone

networks. They only offer protection against the new forms of abuse.




CHAPTER - 7

METHODS TO DETECT CLONED PHONES IN A

NETWORK

Several countermeasures were taken with varying success. Here are various

methods to detect cloned phones on the network:

Duplicate detection: - The network sees the same phone in several places at the

same time. Reactions include shutting them all off so that the real customer will contact

the operator because he lost the service he is paying for, or tearing down connections so

that the clone users will switch to another clone but the real user will contact the operator.

Figure7: Duplicate Detection




Velocity trap: - The mobile phone seems to be moving at impossible, or most unlikely

speeds. For example, if a call is first made in Helsinki, and five minutes later, another call

is made but this time in Tampere, there must be two phones with the same identity on the

network.

RF (Radio Frequency): - Fingerprinting is originally a military technology. Even

nominally identical radio equipment has a distinguishing ``fingerprint'', so the network

software stores and compares fingerprints for all the phones that it sees. This way, it will

spot the clones with the same identity but different fingerprints.

Usage profiling :- Profiles of customers' phone usage are kept, and when discrepancies

are noticed, the customer is contacted. Credit card companies use the same method. For

example, if a customer normally makes only local network calls but is suddenly placing

calls to foreign countries for hours of airtime, it indicates a possible clone.

Call counting: - Both the phone and the network keep track of calls made with the

phone, and should they differ more than the usually allowed one call, service is denied.

PIN codes: - Prior to placing a call, the caller unlocks the phone by entering a PIN code

and then calls as usual. After the call has been completed, the user locks the phone by

entering the PIN code again. Operators may share PIN information to enable safer

roaming.




Figure7: Duplicate Detection in a network




CHAPTER - 8

ADVANTAGES AND DISADVANTAGES OF PHONE

CLONING

The advantages and disadvantages of mobile phone cloning are

8.1 ADVANTAGES

1. If your phone has been lost, you can use your cloned cell phone.

2. If your phone got damaged or if you forgot your phone at home or any other

place. Cloned phone can be helpful.

8.2 DISADVANTAGES

1. It can be used by the terrorists for criminal activities.

2. It can be used by the cloner for fraud calls.

3. It can be used for illegal money transfer.




CHAPTER – 9

SOLUTION OF THE PROBLEM

Cloning, as the crime branch detectives divulge, starts when someone, working for

a mobile phone service provider, agrees to sell the security numbers to grey market

operators. Every mobile handset has a unique factory-coded electronic serial number and

a mobile identification number. The buyer can then program these security numbers into

new handsets. The onus to check the misuse of mobile cloning phenomenon falls on the

subscriber himself. The subscribers, according to the officials, should be on the alert and

inform the police on suspecting any foul play. It would be advisable for them to ask for

the list of outgoing calls, as soon as they realize that they've been overcharged.

Meanwhile, the crime branch is hopeful to find out a way to stop the mobile cloning

phenomenon.

For example

The Central Forensic Laboratory at Hyderabad has reportedly developed software

that would detect cloned mobile phones. Called the Speaker Identification Technique,

the software enables one to recognize the voice of a person by acoustics analysis. These

methods are only good at detecting cloning, not preventing damage. A better solution is to

add authentication to the system. But this means upgrading the software of the operators'

network, and renewing the SIM-cards, which is not an easy or a cheap task. This initiative

by the Forensic Laboratory had to be taken up in the wake of more and more reports of

misuse of cloned mobiles.




CHAPTER-10

HOW TO PREVENT CELL CLONING?

Uniquely identifies a mobile unit within a wireless carrier's network. The MIN

often can be dialed from other wireless or wire line networks. The number differs from

the electronic serial number (ESN), which is the unit number assigned by a phone

manufacturer. MINs and ESNs can be checked electronically to help prevent fraud.

Mobiles should never be trusted for communicating/storing confidential information.

Always set a Pin that's required before the phone can be used. Check that all

mobile devices are covered by a corporate security policy. Ensure one person is

responsible for keeping tabs on who has what equipment and that they update the central

register.

10.1 WHAT EXACTLY IS AUTHENTICATION?

Authentication is a mathematical process by which identical calculations are

performed in both the network and the mobile phone. These calculations use secret

information (known as a "key") pre-programmed into both the mobile phone and the

network before service is activated. Cloners typically have no access to this secret

information (i.e., the key), and therefore cannot obtain the same results to the

calculations. A legitimate mobile phone will produce the same calculated result as the

network. The mobile phone's result is sent to the network and compared with the

network's results. If they match, the phone is not a "clone."

10.2 ARE THESE METHODS EFFECTIVE?

Yes, for the most part. However, Authentication is the most robust and reliable

method for preventing cloning fraud and it is the only industry "standard" method for

eliminating cloning. The fact that it is standardized means that all mobile

telecommunications networks using IS-41 can support Authentication. There is no need

to add proprietary equipment, software, or communications protocols to the networks to

prevent cloning fraud.




10.3 IS MY PHONE AUTHENTICATION CAPABLE?

If the phone supports TDMA or CDMA digital radio, then yes. Otherwise, it

depends on how old the phone is and the make and model. Almost all phones

manufactured since the beginning of 1996 support the Authentication function. The best

bet is to check with your service.

10.4 WIRELESS TELEPHONE PROTECTION ACT

Because of increasing financial losses to the telecommunications industry and the

growing use of cloned phones in connection with other criminal activity, Congress passed

the Wireless Telephone Protection Act (WTPA) in April 1998. The legislative history

indicates that, in amending 18 U.S.C. § 1029, Congress was attempting to address two

primary concerns presented by law enforcement and the wireless telecommunications

industry.

10.4.1 MANUFACTURING AND DISTRIBUTING

Section 1029 covers cloning behavior that ranges from mere possession of a

cloned phone to using, producing, or trafficking in cloning equipment. The statutory

maximum for these offenses is ten or 15 years, depending upon the conduct, and are

sentenced under §2F1.1. This guideline provides different punishment levels based on

whether any or all of the following three factors are applicable: the amount of “loss”

involved in the offense the offense involved “more than minimal planning” and the

offense involved “sophisticated means.” However, the current guideline does not provide

distinctions in sentence severity based on whether the defendant was involved in

manufacturing or distributing cloned phones. It is possible that without a separate

enhancement for manufacturing or distributing, the current fraud guideline does not

adequately distinguish between possessing a clone.

First, law enforcement officials testified at congressional hearings that they

were having difficulty proving the “intent to defraud” element of the pre-amendment

provision regarding some equipment used to clone phones.2 Although there is no

legitimate reason to possess the equipment unless an individual is employed in the




telecommunications industry, the prosecution often could not prove that the equipment

was possessed with the intent to defraud.

Second, law enforcement officials often discovered cloning equipment and

cloned cellular telephones in the course of investigating other criminal activities, such as

drug trafficking and other fraud. The use of cloned phones to facilitate other crimes

increases the ability of offenders to escape detection because of the increased mobility

and anonymity afforded by the phones. Gangs and foreign terrorist groups are also known

to sell or rent cloned phones to finance their illegal activities.

Wireless Telephone Protection Act (Pub. L. No. 105-418, April 24,

1998).Configured for altering or modifying a telecommunications instrument3. C

Modification of the current definition of "scanning receiver" to ensure that the term is

understood to include a device that can be used to intercept an electronic serial number,

mobile identification number, or other identifier of any telecommunications service,

equipment, or instrument; and C Correction of an error in the current penalty provision of

18 U.S.C. § 1029 that provided two different statutory maximum penalties (ten and 15

years) for the same offense. With respect to cellular phone cloning, the Act makes clear

that a person convicted of such an offense without a prior section 1029 conviction is

subject to a statutory maximum of 15 years; a person convicted of such an offense after a

prior section 1029 conviction is subject to a statutory maximum of 20 years.

In addition to the amendments to section 1029, the Wireless Telephone

Protection Act directs the Commission to “review and amend the federal sentencing

guidelines and the policy statements of the Commission, and, if appropriate, to provide an

appropriate penalty for offenses involving the cloning of wireless telephones. The Act

also directs the Commission to consider eight specific factors:

(A) The range of conduct covered by the offenses.

(B) The existing sentences for the offense.

(C) The extent to which the value of the loss caused by the offenses (as defined in the

federal sentencing guidelines) is an adequate measure for establishing penalties under the

federal sentencing guidelines.




(D) The extent to which sentencing enhancements within the federal sentencing

guidelines and the court’s authority to sentence above the applicable guideline range are

adequate to ensure punishment at or near the maximum penalty for the most egregious

conduct covered by the offenses.

(E) The extent to which the federal sentencing guideline sentences for the offenses have

been constrained by statutory maximum penalties.

(F) The extent to which federal sentencing guidelines for the offense(s) adequately

achieve the purposes of sentencing set forth in 18 U.S.C. § 3553(a)(2)

(G) The relationship of the federal sentencing guidelines for these offenses to offenses of

comparable seriousness; and

(H) Any other factor the Commission considers to be appropriate.

10.5 WHAT IS IS-41?

IS-41(Interim Standard No. 41) is a document prescribing standards for

communications between mobile networks. The standard was developed by the

Telecommunications Industry Association (TIA) and is used primarily throughout North

America as well as many Latin American countries and Asia.

The IS-41 network communications standard supports AMPS, NAMPS, TDMA,

and CDMA radio technologies. IS-41 is the standard that defines the methods for

automatic roaming, handoff between systems, and for performing Authentication.




CHAPTER - 11

ROLE OF SERVICE PROVIDER TO COMBAT

CLONING FRAUD?

They are using many methods such as RF Fingerprinting, subscriber behaviour

profiling, and Authentication. RF Fingerprinting is a method to uniquely identify mobile

phones based on certain unique radio frequency transmission characteristics that are

essentially "fingerprints" of the radio being used. Subscriber behaviour profiling is used

to predict possible fraudulent use of mobile service based on the types of calls previously

made by the subscriber. Calls that are not typical of the subscriber's past usage are

flagged as potentially fraudulent and appropriate actions can be taken.

Authentication has advantages over these technologies in that it is the only

industry standardized procedure that is transparent to the user, a technology that can

effectively combat roamer fraud, and is a prevention system as opposed to a detection

system.

11.1 HOW CAN ORGANIZATIONS HELP THEMSELVES?

1. Mobiles should never be trusted for communicating/storing confidential

information.

2. Always set a Pin that's required before the phone can be used.

3. Check that all mobile devices are covered by a corporate security policy.

4. Ensure one person is responsible for keeping tabs on who has what equipment and

that they update the central register.

5. Such preventive measures are our only defence till we get a way or a technique to

prevent cloning of mobile phones.




11.2 WHAT CAN BE DONE?

With technically sophisticated thieves, customers are relatively helpless against

cellular phone fraud. Usually they became aware of the fraud only once receiving their

phone bill. Service providers have adopted certain measures to prevent cellular fraud.

These include encryption, blocking, blacklisting, user verification and traffic analysis.

Encryption is regarded as the most effective way to prevent cellular fraud as it

prevents eavesdropping on cellular calls and makes it nearly impossible for thieves to

steal Electronic Serial Number (ESN) and Personal Identification Number (PIN) pairs.

Blocking is used by service providers to protect themselves from high risk callers. For

example, international calls can be made only with prior approval. In some countries only

users with major credit cards and good credit ratings are allowed to make long distance

calls.

1. Blacklisting of stolen phones is another mechanism to prevent unauthorized use.

An Equipment Identity Register (EIR) enables network operators to disable stolen

cellular phones on networks around the world.

2. User verification using Personal Identification Number (PIN) codes is one method

for customer protection against cellular phone fraud.

3. Tests conducted have proved that United States found that having a PIN code

reduced fraud by more than 80%.

4. Traffic analysis detects cellular fraud by using artificial intelligence software to

detect suspicious calling patterns, such as a sudden increase in the length of calls

or a sudden increase in the number of international calls.

11.3 VICTIMS OF PHONE CLONING

Anita Davis, a mobile clone victim. One month, her cell phone bill showed

$3,151 worth of calls in one month, to Pakistan, Israel, Jordan, Africa, and other

countries.

A Louisville woman was shocked when she got her February cell phone bill from

T-Mobile. It was ten times higher than it's ever been before. Equally troubling, she

didn't recognize most of the phone numbers on it.




11.4 FUTURE THREATS

Resolving subscriber fraud can be a long and difficult process for the victim. It

may take time to discover that subscriber fraud has occurred and an even longer time to

prove that you did not incur the debts. As described in this article there are many ways to

abuse telecommunication system, and to prevent abuse from occurring it is absolutely

necessary to check out the weakness and vulnerability of existing telecom systems. If it is

planned to invest in new telecom equipment, a security plan should be made and the

system tested before being implemented. It is therefore mandatory to keep in mind that a

technique which is described as safe today can be the most unsecured technique in the

future.




CHAPTER – 12

CONCLUSION

Presently the cellular phone industry relies on common law (fraud and theft) and

in-house counter measures to address cellular phone fraud.is in initial stages in India so

preventive steps should be taken by the network provider and the Government the

enactment of legislation to prosecute crimes related to cellular phones is not viewed as a

priority, however. It is essential that intended mobile crime legislation be comprehensive

enough to incorporate cellular phone fraud, in particular "cloning fraud" as a specific

crime.

CHAPTER - 13




BIBLOGRAPHY

[1] Google: www.google.com

[2] Mobile phone cloning www.seminarsonly.com

[3] Wikipedia: www.wikipedia.org

[4] http://www.hackinthebox.org/

[5] http://www.slideshare.net

[6] IEEE journal for mobile communication

[7] Mobile communication Govt. of India reports

[8] Fundamentals of Mobile and Pervasive Computing

Frank Adelstein, Sandeep Gupta.

[9] Wireless and Cellular Communication 3rd Edition

William C.Y.Lee.

[10] 3G Networks 1st Edition

Clint Smith, Saniel Collins

[11] Introduction to Telecom Communication Converging Technologies 1st Edition.

Kimberly Massey.

[12] Rehault, F. (2010). Windows mobile advanced forensics: An alternative to existing

tools.Journal of Digital Investigation, 7(1–2).

[13] Mislan, R., Casey, E., & Kessler, G. (2010). The growing need for on-scene triage

of mobile devices. Journal of Digital Investigation, 6.



http://www.slideshare.net/

http://www.hackinthebox.org/

http://www.wikipedia.org/

http://www.seminarsonly.com/

http://www.google.com/