Seminar Report

On
MOBILE PHONE CLONING

Submitted by

Shelar Puja Ashok

Submitted in partial fullfillment for the degree

ofBachelor of Technology

(Computer Science and Engineering)

Department of Computer Science and Engineering

Hi-Tech Institute of Technology,
Chh.Sambhajinagar
Dr. Babasaheb Ambedkar Technological University, Lonere.
(2023-2024)
 Seminar Report
On
MOBILE PHONE CLONING

Submitted by

Shelar Puja Ashok

Submitted in partial fulfilment for the degree of

Bachelor of Technology

(Computer Science and Engineering)

Guided by

Prof. K.S.Pinnalwar

Department of Computer Science and Engineering

Hi-Tech Institute of Technology,
Chh.Sambhajinagar
Dr. Babasaheb Ambedkar Technological University, Lonere.
(2023-2024)
 CERTIFICATE

This is to certify that, the seminar "Mobile Phone Cloning" submitted by Shelar Puja Ashok is
a bonafide work completed under my supervision and guidance in partial fulfilment for award of
B.Tech (Computer Science of Engineering) Degree of Dr. Babasaheb Ambedkar Technological
University, Lonere.

Place :Chh.Sambhajinagar
Date: / /2023

Prof .K. S. Pinnalwar Pprof. P. M. Mohite

Guide Head of Department

External Singnature Prof .G. S. Dhage

Principal
Hi-Tech Institude Of Technology
Chh. Sambhajinagar

Academic Year
(2023-2024)
 INDEX

Sr.No. Contents Page No.

LIST OF ABBREVATION i
LIST OF FIGURE ii
ABSTRACT
1. INTRODUCTION MOBILE PHONE CLONING 1

1.1 INTRODUCTION 1

1.2 History 3

2. LITERATURES REVIEW 4

3. SYSTEM DEVELOPMENT 6

3.1 How Mobile Phone Works 6

3.2 Electronic Serial Number (ESN) 8

3.3 Mobile Identification Number (MIN) 9

3.4 How ESN/MIN Are Detected 10

3.5 How ESN/MIN Are Programmed on another Phone 11

3.6 Is My Phone Authentication Capable? 14

3.7 What Can Be Done? 15

4. FUTURE SCOPE 16

5. CONCLUSION

REFERANCES

ACKNOWLEDGEMENT
 LIST OF ABBREVIATION

Sr. No. Definition Abbreviation

1 Global System for Mobile Communications GSM

2 Code Division Multiple Access CDMA

3 Electronic Security Number ESN

4 Mobile Identification Number MIN

5 International Mobile Station Equipment IMEI

Identity

i
 LIST OF FIGURE

Sr.No. Name of Figure Page.No.

1.1 Architecture of mobile phone cloning 2

2.4 ESN/MIN are Detection 5

ii
 ABSTRACT
Mobile communication has been readily available for several years, and is major business
today. It provides a valuable service to its users who are willing to pay a considerable premium
over a fixed line phone, to be able to walk and talk freely. Because of its usefulness and the
money involved in the business, it is subject to fraud. Unfortunately, the advance of security
standards has not kept pace with the dissemination of mobile communication. Some of the
features of mobile communication make it an alluring target for criminals. It is a relatively new
invention, so not all people are quite familiar with its possibilities, in good or in bad. Its
newness also means intense competition among mobile phone service providers as they are
attracting customers. The major threat to mobile phone is from cloning. Mobile phone cloning
is a technique where the unique identification number (IMEI) of a legitimate mobile phone is
illegally obtained and duplicated onto another device, allowing it to make unauthorized calls
and send text messages. This practice is illegal in most countries and can result in financial
losses and legal repercussions for both the individual whose phone has been cloned and the
mobile phone service provider. It is important to take steps to protect your mobile phone from
being cloned by keeping it locked and not sharing the IMEI number with anyone. It is a
relatively new invention, so not all people are quite familiar with its possibilities, in good or in
bad. Its newness also means intense competition among mobile phone service providers as they
are attracting customers. The major threat to mobile phone is from cloning. Mobile phone
cloning is a technique where the unique identification number (IMEI) of a legitimate mobile
phone is illegally obtained and duplicated onto another device, allowing it to make
unauthorized calls and send text messages Some of the features of mobile communication make
it an alluring target for criminals. It is a relatively new invention, so not all people are quite
familiar with its possibilities, in good or in bad. Its newness also means intense competition
among mobile phone service providers as they are attracting customers. The major threat to
mobile phone is from cloning.
1. INTRODUCTION

Mobile phone cloning is the process of transferring the identity of one phone to the
other, the intent most of the times is to commit fraud. Mobile phone cloning also known as cell
phone piracy has been taking place throughout the world since decades(Manjula & Rajanna
2015). Mobile phones are essential parts of human life. The year easy to use, efficient and
economical. One can hardly do without phones these days. It has also become an area of interest
since a lot of revenue can be generated from it since a lot of businesses depend on it.

In mobile phone cloning, the subscriber information taken from one phone is copied
onto the other with the intention of obtaining free calls. The other mobile
phone becomes the exact replica of the original mobile phone like a clone. As a result,while
calls can be made from both phones, only the original phone is billed.

Millions of mobile phones users, be it GSM (Global System for Mobile

Communications) or CDMA (Code Division Multiple Access) run at threat of having their
phones cloned. As a mobile phone user if you have been receiving enormously high bills for
calls that you never placed, chances are that your mobile phone is possibly cloned.
Unfortunately, the subscriber may not easily suspect that is/her phone has been cloned. But
actions like call failing or anomalies in monthly bills can act as tickers (Akash et al, 2014). The
cloner can set the options to ring his phone when the victim makes a call and the victim will
have no idea that the cloner is listening from the cloner’s own mobile. The cloner can read text
message, phone book entries, look at pictures etc. Also, the cloner can dial phone numbers
from his phone and a whole lot more. So when one gets huge bills, the chances are
that the phone is being cloned. Cell phone cloning (Eureka, 2017) started with Motorola “bag”
phones and reached its peak in the mid 90′s with a commonly available modification for
Motorola “brick” phones such as the Classic, the Ultra Classic, and the Model 8000. Cloning
involved modifying or replacing the EPROM in the phone with a new
via software. After successfully changing the ESN/MIN pair, the phone would become an
effective clone of the other phone. Cloning only requires access to ESN and MIN pairs. And
ESN/MIN pairs can be discovered in several ways: Sniffing the cellular network, Trashing
cellular companies or cellular resellers and Hacking cellular companies or cellular resellers.
Cell phone cloning refers to the act of copying the identity of one mobile telephone to another.

This is usually done to make fraudulent telephone calls. The bill for the calls go to the
legitimate subscriber. This made cloning very popular in areas with large immigrant

1
populations, where the cost to “call home” was very steep. The cloner is also able to make
effectively anonymous calls, which attracts another group of interested law breakers.

Cell phone cloning started with Motorola “bag” phones and reached its peak in the mid
90’s with a commonly available modification for Motorola “brick” phones such as the Classic,
the Ultra Classic, and the Model 8000.
Cloning involved modifying or replacing the EPROM in the phone with a new chip,
which would allow one to configure an ESN (Electronic Serial Number) via software. The MIN
(Mobile Identification Number) would also have to be changed. The defendant was unlawfully
selling cellular phone based on CDMA [3]. He utilized cloning tools and supported Indian
immigrants in West Asia with cheap international calls. The arrest of four mobile dealers
resulted in a similar scam in Mumbai. The cloner can set the options to ring his phone when
the victim makes a call and the victim will have no idea that the cloner is listening from the cl

Fig1.1Architecture of Mobile Phone Cloning

2
1.1 HISTORY

In the early 1991s, eavesdroppers were booming. A curious teenager with a £100Tandy
scanner can hear almost every phone call from analogy. Smartphone’s replication began with
"bags" phone from Motorola and achieved its height in middle 90's by a regularly accessible
move to the "bricks" phone, including the Standard, Mega-Modern, and 7000. The Wireless
Telephone Security Act of 1997 in the UK bans phone cloning. On 14 April 1997, a failure of
verification code used in numeral GSM smartphones was confirmed by the Smartcard
Developer Association and the ISAAC safety research community. This allows the physically
accessible intruder to make exact replicates (a "clone") and charge the target user's account for
© 2019 JETIR February 2019, Volume 6, Issue 2 www.jetir.org (ISSN-2349-5162)
JETIREV06092 Journal of Emerging Technologies and Innovative Research (JETIR)
www.jetir.org 572 fraudulent calls. Mobile cloning came out in India, in January 2006, when
an individual with 20 cellular phone, the laptops, a SIM electronic scanners and the writer was
detained by Delhi police. The defendant was unlawfully selling cellular phone based on CDMA
[3]. He utilized cloning tools and supported Indian immigrants in West Asia with cheap
international calls. The arrest of four mobile dealers resulted in a similar scam in Mumbai. The
cloner can set the options to ring his phone when the victim makes a call and the victim will
have no idea that the cloner is listening from the cloner’s own mobile. The cloner can read text
message, phone book entries, look at pictures etc. Also, the cloner can dial phone numbers
from his phone and a whole lot more. So when one gets huge bills, the chances are
that the phone is being cloned.

Cell phone cloning (Eureka, 2017) started with Motorola “bag” phones and reached its
peak in the mid 90′s with a commonly available modification for Motorola “brick” phones
such as the Classic, the Ultra Classic, and the Model 8000. Cloning involved modifying or
via software. After successfully changing the ESN/MIN pair, the phone would become an
effective clone of the other phone. Cloning only requires access to ESN and MIN pairs. MIN
and ESN are collectively known as the ‘Pair’ which is used for the cell phone identification.
When the cell site gets the pair signal, it determines if the requester is a valid registered user
requestor's pair to a cellular subscriber list. Once the cellular telephone's pair has beenrecogni
zed, the cell site emits a control signal to permit the subscriber to place calls at will. This
practice, known as Anonymous Registration, is carried out each time the telephone is turned
on or picked up by a new cell site.

3
 2. LITERATURE REVIEW

2.1 How Mobile Phone Works:

According to Akash, et al (2014), mobile phones send radio frequency transmission

through the sky on two distinct channels, one for voice communications and the other for
control signals. When a mobile phone builds a call, it normally transmits its Electronic Security
Number (ESN), Mobile Identification Number (MIN), its Station Class Mark (SCM) and the
number called in a tiny burst of data. This burst is the short buzz you hear after you press the
SEND button and before the tower catches the data. These four things are the components the
cellular supplier uses to ensure that the phone is programmed to be billed and that it also has
the identity of both the customer and the phone. MIN and ESN are collectively known as the
‘Pair’ which is used for the cell phone identification. When the cell site gets the pair signal, it
determines if the requester is a valid registered user by comparing the
requestor's pair to a cellular subscriber list. Once the cellular telephone's pair has beenrecogni
zed, the cell site emits a control signal to permit the subscriber to place calls at will. This
practice, known as Anonymous Registration, is carried out each time the telephone is turned
on or picked up by a new cell site.

2.2 Electronic Serial Number (ESN)

The unique identification number according to Eureka (2017), is embedded in a

wireless phone by the manufacturer. Each time a call is placed, the ESN is automatically
transmitted to the base station so the wireless carrier's mobile switching office can check the
call's validity. The ESN cannot easily be altered in the field. The ESN differs from the mobile
identification number, which is the wireless carrier's identifier for a phone in the network.
MINs and ESNs can be electronically checked to help prevent fraud and features. Each ESN is
a 32-bitnumber consisting of three fields: a manufacturer code (eight bits), a unique serial
number (eighteen bits), and an extension (six bits). In practice, the serial number and the
extension have actually been combined into one 24-bit serial number to identify each mobile
unit. Under this assignment format, 256 manufacturers could be distinguished by ESN. But
when this number proved insufficient, the 32-bit ESN assignment was altered to reflect a 14-
bit manufacturer code and an 18-bit unit identification number.

4
2.3 Mobile Identification Number (MIN)

The Mobile Identification Number (MIN) (Eureka, 2017) is a number that uniquely
identifies a mobile telephone subscriber. MINs are 34-bits in length. The first 10 bits are
sometimes known as MIN2, while the last 24 bits are referred to as MIN1.Together they are
simply known as the MIN.

2.4 How ESN/MIN Are Detected

Cellular thieves can capture ESN/MINs using devices such as cell phone ESN reader
or digital data interpreters (DDI). DDIs are devices specially manufactured to intercept
ESN/MINs. By simply sitting near busy roads where the volume of cellular traffic is h cellular
thieves monitoring the radio wave transmissions from the cell phones of legitimate
subscribers can capture ESN/MIN pair. Numbers can be recorded by hand, one-by-one, stored
in the box and later, downloaded to a computer. ESN/MIN readers can also be used from inside
an offender's home, office, or hotel room, increasing the difficulty of detection. (Manjula and
Rajanna, 2015) Cloning involved modifying or replacing the EPROM in the phone with a new
chip, which would allow one to configure an ESN (Electronic Serial Number) via software.
The MIN (Mobile Identification Number) would also have to be changed. After successfully
changing the ESN/MIN pair, the phone would become an effective clone of the other phone.

Cloning still works under the AMPS/NAMPS system, but has fallen in popularity as
older phones that can be cloned are more difficult to find and newer phones have not been
successfully reverse engineered Cloning has been successfully demonstrated under GSM, but
the process is not easy and currently remains in the
realm of serious hobbyists and researchers.
Furthermore, cloning as a means of escaping the law
is difficult because of the additional feature of

Fig :2.4 ESN/MIN are Detection

5
 3. SYSTEM DEVELOPMENT

3.1 How Mobile Phone Works

According to Akash, et al (2014), mobile phones send radio frequency transmissions

through the sky on two distinct channels, one for voice communications and the other for
control signals. When a mobile phone builds a call, it normally transmits its Electronic Security
Number (ESN), Mobile Identification Number (MIN), its Station Class Mark (SCM) and the
number called in a tiny burst of data. This burst is the short buzz you hear after you press the
SEND button and before the tower catches the data. These four things are the components the
cellular supplier uses to ensure that the phone is programmed to be billed and that it also has
the identity of both the customer and the phone. MIN and ESN are collectively known as the
‘Pair’ which is used for the cell phone identification. When the cell site gets the pair signal, it
determines if the requester is a valid registered user by comparing the
requestor's pair to a cellular subscriber list. Once the cellular telephone's pair has beenrecogni
zed, the cell site emits a control signal to permit the subscriber to place calls at will. This
practice, known as Anonymous Registration, is carried out each time the telephone is turned
on or picked up by a new cell site.

3.2 Electronic Serial Number (ESN)

The unique identification number according to Eureka (2017), is embedded in a

wireless phone by the manufacturer. Each time a call is placed, the ESN is automatically
transmitted to the base station so the wireless carrier's mobile switching office can check the
call's validity. The ESN cannot easily be altered in the field. The ESN differs from the mobile
identification number, which is the wireless carrier's identifier for a phone in the network.
MINs and ESNs can be electronically checked to help prevent fraud and features. Each ESN is
a 32-bitnumber consisting of three fields: a manufacturer code (eight bits), a unique serial
number (eighteen bits), and an extension (six bits). In practice, the serial number and the
extension have actually been combined into one 24-bit serial number to identify each mobile
unit. Under this assignment format, 256 manufacturers could be distinguished by ESN. But
when this number proved insufficient, the 32-bit ESN assignment was altered to reflect a 14-
bit manufacturer code and an 18-bit unit identification number. By simply sitting near busy
roads where the volume of cellular traffic is high, cellular thieves monitoring the radio wave
transmissions from the cell phones of legitimate subscribers can capture ESN/MIN pair.

6
3.3 Mobile Identification Number (MIN)

The Mobile Identification Number (MIN) (Eureka, 2017) is a number that uniquely
identifies a mobile telephone subscriber. MINs are 34-bits in length. The first 10 bits are
sometimes known as MIN2, while the last 24 bits are referred to as MIN1.Together they are
simply known as the MIN.

3.4 How ESN/MIN Are Detected

Cellular thieves can capture ESN/MINs using devices such as cell phone ESN reader
or digital data interpreters (DDI). DDIs are devices specially manufactured to intercept
ESN/MINs. By simply sitting near busy roads where the volume of cellular traffic is high,
cellular thieves monitoring the radio wave transmissions from the cell phones of legitimate
subscribers can capture ESN/MIN pair. Numbers can be recorded by hand, one-by-one, or
stored in the box and later, downloaded to a computer. ESN/MIN readers can also be used from
inside an offender's home, office, or hotel room, increasing the difficulty of detection. (Manjula
and Rajanna, 2015)

3.5 How ESN/MIN Are Programmed on another Phone

To reprogram a phone, the ESN/MINs are transferred using a computer loaded with
specialized software, or a “copycat” box, a device whose sole purpose is to clone phones. The
devices are connected to the cellular handsets and the new identifying information is entered
into the phone. There are also more discreet, concealable devices used to clone cellular phones.
Plugs and ES-Pros which are about the size of a pager or small calculator do not require
computers or copycat boxes for cloning. The entire programming process takes 10-15 minutes
per phone. (Manjula and Rajanna, 2015)

3.6 GSM Phones

Global System for Mobile Communications (GSM) is a digital cellular phone

technology based on time division multiple access (TDMA). GSM phones use a Subscriber
Identity Module (SIM) card that contains user account information. Any GSM phone becomes
immediately programmed after plugging in the SIM card, thus allowing GSM phones to be
easily rented or borrowed. Operators who provide GSM service are Airtel, Hutch etc.

In their work, (Mishra and Nilesh 2014) said that mobile service providers needed to
secure their networks from attack and misappropriation of networking resources. In the attempt

7
to achieve the goals set out in GSM of protecting access to mobile services and to protect any
relevant item from being disclosed on the radio path; the GSM security protocols were
developed. There are many technical constraints that are needed to be addressed when adding
security to mobile communication. When authenticating against a mobile wireless network, the
mobile equipment needs to be able to send from one base station to another without a loss of
communication or interruption to an active connection. The requirement to roam without
interruption was a major factor in development of mobile networks that would allow a user to
be able to authenticate to and use all parts of the network seamlessly. A major difficulty faced
by mobile networks is the ability for a user to roam from one network to another network
operator which allows mobile network providers to bill foreign users and systems. The
authentication protocol deployed to address these problem was the SIM based GSM protocol.
In GSM networks, a mobile station is connected to visit network by several radio link to
a particular base station.

3.7 CDMA Phones

CDMA is a method for transmitting simultaneous signals over a shared portion of the
spectrum. There is no Subscriber Identity Module (SIM) card unlike in GSM. The digital
cellular standard for CDMA is developed by Qualcomm. CDMA is a 2Gmobile
telecommunications standard. In CDMA, the same frequencies are allocated to share multiple
radios links. It is a type of multiplexing which is used to optimize the bandwidth of single
channel. CDMA is a form of multiplexing, which allows several signals to optimize the
available bandwidth. (Aaruni et. al, 2012)

3.8 Cloning a Mobile Phone

Each mobile phone has a specific broadcasting fingerprint in its transmitted information
signal. This fingerprint is very unique for a particular number. This print does not get altered
even if the user changes MIN or ESN number. The process of Cloning access ESN and MIN
pair in following ways to make a success: Sniffing of radio waves sniffing devices. Usage of
garbage of mobile phones or hacking of mobile phone service Provider Company. Breach the
security to gain unauthorized access in mobile companies. When the cell site gets the pair
signal, it determines if the requester is a valid registered user by comparing the
requestor's pair to a cellular subscriber list. Once the cellular telephone's pair has beenrecogni
zed, the cell site emits a control signal to permit the subscriber to place calls at will. This
practice, known as Anonymous Registration, is carried out each time the telephone is turned

8
3.8.1 Cloning GSM Phones

Cloning has been shown to be successful on code division multiple access (CDMA) but
more difficult on the Global System for Mobile (GSM). GSM is one of the most widely used
mobile telephone communication systems. However, cloning GSM phones is achieved
by cloning the SIM card contained within, not necessarily any of the phone’s internal data.
Cloning of GSM mobile is a rare process. It is one of the reasons that make GSM phone more
popular as cloning of such mobile is only possible through the cloning of SIM card inserted
into it. The main reason for this is that these phones do not have ESN or MIN number. They
only have IMEI number. SIM can be copied by removing the SIM card and placing a device
between handset and SIM card to extract KI or secret code. This process may take a few days.
The process of cloning in GSM mobile phone is a tough process so it is being a research area
for researchers

3.8.2 Cloning for CDMA Mobile Phones

CDMA clone transfers all the user setting and data from original legitimate phone into
fraudulent phone that is indistinguishable in make and firmware version. In CDMA mobile,
the EPROM (Erasable Programmable Read-Only Memory) is replaced with a new chip with
new configured ESN by the use of software. The second step is to change the MIN and to make
a successful ESN/MIN pair. This pair sometimes pronounced as Mobile Equipment Identifier
(MEID). The ESN/MIN is transmitted to cellular company to authenticate device into mobile
network. After making this modification, the mobile phone PRL and number itself or MIN
number can pave the way for fraudulent calls, as the target mobile phone is now the clone of
the mobile phone from where the original ESN and MIN numbers are obtained. Cloning in
CDMA mobile requires ESN and MIN pair. The figure below shows atypical pictorial view of
how a phone is cloned.

3.9 Detection of Phone Cloning

These are the different ways of detecting a suspected cloned phone.

i. When there is duplicate Location

This is also called duplicate detection. When a service provider discovers that the same
phone is used in several places at the same time. The service provider may shutdown the
network and wait for the legal user to respond back to the service provider. At this point, the

9
ESN/ MIN can be reprogrammed resulting in detection of the false user. The only loophole in
this system is that it is very much difficult for the service provider to trace out the duplicates.

ii. Velocity Trap

This is almost like the first one above, but in this case, if the location of the phone is
continuously changing or the location is too far away from last call within the seemingly
impossible amount of time, then it falls under velocity trap. For an example, if first call is made
from Nigeria and another is made from Canada within sixty minutes, or if the calls are
encountered from Lagos and another Owerri within three minutes, Velocity Trap is suspected.

iii. Radio Fingerprint

This is the process of identifying a cellular phone or any other device by a unique
"fingerprint" that characterizes its signal transmission. The identification of a wireless device
is done by the electronic fingerprint detected due to its unique radio transmission
characteristics. Cellular operators use Radio fingerprinting to prevent cloning of mobile
phones. When a phone is cloned, it will have a similar numeric equipment identity but a
different radio fingerprint.

iv. Usage Pattern

This can be called usage profiling. When the usage patterns of the users are studied,
any obvious differences can be noted, and the original authenticated user is contacted. For
instance, if a user is normally known for local calls and suddenly ora call is tracked immediately
from foreign country, then it’s possible the phone has been cloned.

3.10 Suggestive Factors that indicate that a Phone has been Cloned.

 There will be prevalent difficulty in receiving calls or voice messages.

 The owner of the mobile phone will notice recurrent phone calls from wrong numbers.
 There will also be difficulty in making calls even when there is sufficient network.
 Continuous receipt of line busy signals when trying to place calls
 Receiving messages from wrong numbers.
 Outrageous call bills from service providers.
 Inconsistent bills for an unknown transaction.
 Anomalous transactions not initiated by the rightful phone user.
 Call breaching.

10
3.11 Cell Phone Cloning- Possible Preventive Measures

Here are possible number of ways in which one can prevent his/her phones from being
cloned. They include:

 Cross check your bills either daily weekly or even monthly to ensure there are no much
variations in the bills. You may wish to contact your service provider.
 Saving of highly classified information in mobile phones should be minimized.
 Ensure that all your mobile phones are under insurance by the company policy.
 Use of password to secure your phone.
 You really don’t have to trust anybody with your phone
 Change your phone password from time to time.
 Use more of GSM phones than CDMA phones if you can’t be too careful as CDMA
phones are more difficult to clone.
 If you have an old cell phone, try to exchange it with another compatible with more
modern technologies.
 In the event of damage to the appliance, seek authorized representatives from the
manufacturers or workshops known for their integrity.
 Review monthly bills sent by the service provider.
 To prevent loss of money, stop automatic debit payment option
 When receiving calls from people identified as operators’ employees, turn off
automatically if you are asked for pressing of some keys.
 Avoid turning on your mobile phone at bus stations and airports, the main places of
action for scanners equipped with scanners. If the device is in roaming, communication
can be made to the exchange via unencrypted FM waves, facilitating the capture of
sensitive information.

3.11.1 HOW BIG OF A PROBLEM IS CLONING FRAUD?

The Cellular Telecommunications Industry Association (CTIA) estimates that financial

losses in due to cloning fraud are between $600 million and $900 million in the United States.
Some subscribers of Reliance had to suffer because their phone was cloned. Mobile Cloning Is
in initial stages in India so preventive steps should be taken by the network provider and the
Government.

11
3.11.2 HOW IS MOBILE CLONING DONE?

Cloning involved modifying or replacing the EPROM in the phone with a new chip
which would allow you to configure an ESN (Electronic serial number) via software. You
would also have to change the MIN (Mobile Identification Number). When you had
successfully changed the ESN/MIN pair, your phone was an effective clone of the other
phone. Cloning required access to ESN and MIN pairs.
• ESN/MIN pairs were discovered in several ways:
Sniffing the cellular
• Trashing cellular companies or cellular resellers
• Hacking cellular companies or cellular resellers
• Cloning still works under the AMPS/NAMPS system, but has fallen in popularity as
older clone able phones are more difficult to find and newer phones have not been
successfully reverse-engineered.
• Cloning has been successfully demonstrated under GSM, but the process is not easy
and it currently remains in the realm of serious hobbyists and researchers.

3.11.3 ARE OUR CELL PHONES SECURED?

Too many users treat their mobile phones as gadgets rather than as business assets
covered by corporate security policy. Did you realize there's a lucrative black market in stolen
and "cloned" Sim cards? This is possible because Sims are not network specific and, though
tamper-proof, their security is flawed. In fact, a Sim can be cloned many times and the resulting
cards used in numerous phones, each feeding illegally off the same bill.

But there are locking mechanisms on the cellular phones that require a PIN to access
the phone. This would dissuade some attackers, foil others, but might not work against a well
financed and equipped attacker. An 8-digit PIN requires approximately 50,000,000 guesses,
but there may be ways for sophisticated attackers to bypass it.

With the shift to GSM digital - which now covers almost the entire UK mobile sector -
the phone companies assure us that the bad old days are over. Mobile phones, they say, are
secure and privacy friendly. This is not entirely true. While the amateur scanner menace has
been largely exterminated, there is now more potential than ever before for privacy invasion.
The alleged securityof GSM relies on the myth that encryption - the mathematical scrambling

12
of our conversations - makes it impossible for anyone to intercept and understand our words.
And while this claim looks good on paper, it does not stand up to scrutiny. The reality is that
the encryption has deliberately been made insecure. Many encrypted calls can therefore be
intercepted and decrypted with a laptop computer.

3.11.4 WHAT ARE EMIE AND PIN?

ESN mean Electronic Serial Number. This number is loaded when the phone number
is manufactured. this number cannot be tampered or changes by the user or subscriber. if this
number is known a mobile can be cloned easily.

Personal Identification Number (PIN).every subscriber provides a Personal

Identification Number (PIN) to its user. This is a unique number. If PIN and ESN are know a
mobile phone can be cloned in seconds using some software’s like Patagonia. Which is used
to clone CDMA phones.

3.11.5 WHAT IS PATAGONIA?

Patagonia is software available in the market which is used to clone CDMA phone.
Using this software a cloner can take over the control of a CDMA phone i.e. cloning of phone.
There are other Software’s available in the market to clone GSM phone. This software’s are
easily available in the market. A SIM can be cloned again and again and they can be used at
different places. Messages and calls sent by cloned phones can be tracked. However, if the
accused manages to also clone the IMEI number of the handset, for which software’s are
available, there is no way he can be traced.

3.11.6 CAN DIGITAL PHONES BE CLONED?

Yes. Digital phones can be cloned however; the mobile phones employing digital
TDMA and CDMA technology are equipped with a feature known as "Authentication." Some
newer model analog phones also have this feature. Authentication allows the mobile service
provider network to determine the legitimacy of a mobile phone. Phones determined to be
"clones" can be instantly denied access to service before any calls are made or received.

3.11.7 ARE THESE METHODS EFFECTIVE?

Yes, for the most part. However, Authentication is the most robust and reliable method
for preventing cloning fraud and it is the only industry "standard" method for eliminating

13
cloning. The fact that it is standardized means that all mobile telecommunications networks
using IS-41 can support Authentication. There is no need to add proprietary equipment,
software, or communications protocols to the networks to prevent cloning fraud.

3.12 IS MY PHONE AUTHENTICATION CAPABLE?

If the phone supports TDMA or CDMA digital radio, then yes. Otherwise, it depends
on how old the phone is and the make and model. Almost all phones manufactured since the
beginning of 1996 support the Authentication function. The best bet is to check with your
service

3.12.1 ROLE OF SERVICE PROVIDER TO COMBAT CLONING FRAUD?

They are using many methods such as RF Fingerprinting, subscrier behavior profiling,
and Authentication. RF Fingerprinting is a method to uniquely identify mobile phones based
on certain unique radio frequency transmission characteristics that are essentially "fingerprints"
of the radio being used. Subscriber behavior profiling is used to predict possible fraudulent use
of mobile service based on the types of calls previously made by the subscriber. Calls that are
not typical of the subscriber's past usage are flagged as potentially fraudulent and appropriate
actions can be taken.

Authentication has advantages over these technologies in that it is the only industry
standardized procedure that is transparent to the user, a technology that can effectively combat
roamer fraud, and is a prevention system as opposed to a detection system.

3.12.2 WHAT IS IS-41?

IS-41(Interim Standard No. 41) is a document prescribing standards for

communications between mobile networks. The standard was developed by the
Telecommunications Industry Association (TIA) and is used primarily throughout North
America as well as many Latin American countries and Asia.

The IS-41 network communications standard supports AMPS, NAMPS, TDMA, and
CDMA radio technologies. IS-41 is the standard that defines the methods for automatic
roaming, handoff between systems, and for performing Authentication.

14
3.13 WHAT CAN BE DONE?

With technically sophisticated thieves, customers are relatively helpless against cellular
phone fraud. Usually they became aware of the fraud only once receiving their phone bill.
Service providers have adopted certain measures to prevent cellular fraud. These include
encryption, blocking, blacklisting, user verification and traffic analysis: Encryption is regarded
as the most effective way to prevent cellular fraud as it prevents eavesdropping on cellular calls
and makes it nearly impossible for thieves to steal Electronic Serial Number (ESN) and
Personal Identification Number (PIN) pairs.
Blocking is used by service providers to protect themselves from high risk callers. For
example, international calls can be made only with prior approval. In some countries only users
with major credit cards and good credit ratings are allowed to make long distance calls. There
are many technical constraints that are needed to be addressed when adding security to mobile
communication. When authenticating against a mobile wireless network, the mobile equipment
needs to be able to send from one base station to another without a loss of communication or
interruption to an active connection. The requirement to roam without interruption was a major
factor in development of mobile networks that would allow a user to be able to authenticate to
and use all parts of the network seamlessly. A major difficulty faced by mobile networks is the
ability for a user to roam from one network to another network operator which allows mobile
network providers to bill foreign users and systems.

These four things are the components the cellular supplier uses to ensure that the phone
is programmed to be billed and that it also has the identity of both the customer and the
phone. MIN and ESN are collectively known as the ‘Pair’ which is used for the cell phone
identification. When the cell site gets the pair signal, it determines if the requester is a valid
requestor's pair to a cellular subscriber list. Once the cellular telephone's pair has beenrecogni
zed, the cell site emits a control signal to permit the subscriber to place calls at will. The
identification of a wireless device is done by the electronic fingerprint detected due to its unique
radio transmission characteristics. Cellular operators use Radio fingerprinting to prevent
cloning of mobile phones. It is one of the reasons that make GSM phone more popular as
cloning of such mobile is only possible through the cloning of SIM card inserted into it. The
service provider may shutdown the network and wait for the legal user to respond back to the
service provider

15
 4. FUTURE SCOPE

Resolving subscriber fraud can be a long and difficult process for the victim. It may
take time to discover that subscriber fraud has occurred and an even longer time to prove that
you did not incur the debts. As described in this article there are many ways to abuse
telecommunication system, and to prevent abuse from occurring it is absolutely necessary to
check out the weakness and vulnerability of existing telecom systems. If it is planned to invest
in new telecom equipment, a security plan should be mode and the system tested before being
implemented. It is therefore mandatory to keep in mind that a technique which is described as
safe today can be the most unsecured technique in the future. t is difficult to predict the future
of mobile phone cloning, as it depends on a variety of factors including technological
advancements, changes in laws and regulations, and the actions of individuals and
organizations. In general, it is likely that the ability to clone mobile phones will continue to
evolve as technology advances, and it will be important for individuals and organizations to
stay informed about the potential risks and take steps to protect themselves. Some potential
future developments in mobile phone cloning could include Continued advances in cloning
technology: As technology continues to evolve, it is likely that the methods used to clone
mobile phones will become more sophisticated and harder to detect. This could make it more
difficult for individuals and organizations to protect themselves against mobile phone cloning.

Changes in laws and regulations: Governments and other organizations may develop
new laws and regulations to address the issue of mobile phone cloning, or to update existing
laws to keep pace with advances in technology. These changes could affect the ease with which
mobile phones can be cloned, as well as the legal consequences of cloning a mobile phone.

Increased awareness and education: As the risks and consequences of mobile phone
cloning become more widely known, it is possible that individuals and organizations will
become more aware of the issue and take steps to protect themselves. This could involve using
security measures to protect against cloning, or avoiding activities that put their mobile phones
at risk of being cloned. Overall, it is important for individuals and organizations to stay
informed about the potential risks and take appropriate steps to protect themselves against
mobile phone cloning. In general, it is likely that the ability to clone mobile phones will
continue to evolve as technology advances, and it will be important for individuals and
organizations to stay informed about the potential risks and take steps to protect themselves.
Some potential future developments in mobile phone cloning could include Continued .

16
 REFERANCES

1] Aaruni Goel, M. S. (2012). The Approaches to Prevent Cell Phone Cloning in CDMA
Environment.International Journal of Computer Applications (0975-8887) volume 45-
No. 21, p.16.
2] Akash Kumar Mahato, Kumar and Akashdeep Singh (2014). Mobile Phone
Cloning. International Journal for Research in Applied Science and Engineering
Technology (ijraset), p.224.
3] Manjula .D. and Rajanna .M. (2015). Implementing Mobile Phone Cloning in GSM and
CDMA Technology.International Journal of Innovative Research inComputer and 5]
Communication Engineering, p.11.
4] Mishra Sandip and Nilesh K. Modi (2014). False Base Station Attack in
GSM Network Environment . International Journal of Advanced Research inCompute
r Engineering & Technology (IJARCET),p.3846.
5] Nidhi Tanwar and Sachin Chauhan (2015). Mobile Phone Cloning. International Jour
nal of Science and Research (IJSR) ISSN (Online): 2319-7064 IndexCopernicus
Value (2013): 6.14 | Impact Factor (2013): 4.438 ,p.350.
6] Mislan, R., Casey, E., & Kessler, G. (2010). The Growing Need for on – Scene Triage
of Mobile Devices. Journal of Digital Investigation, p.6.
 5. CONCLUSION

In a period when the mobile phone is a crucial element of our lives, security threats
and risks are growing more and more. The cell phone itself is not secure as it can easily produce
mobile telephone replicas. Mobile cloning was introduced in the UK and the US in 1998, but
in India, it continues to expand and started in 2005 in India. There are very high future aspects
of cell phone security, as mobile phone crimes are now a priority. It may also lead to the
resolution of the crime. The contact of mobile phones is one of the most trustworthy, effective
and commonly used. Constructive or harmful use of the device can be modified. Sadly, it is
really easy to crack because of the safety requirements which takes far less time. Cloning can
also be developed quickly and effectively enforced. It must also be taken into account that the
safety currently employed is not adequately successful to protect the network in the future. It
is therefore very important to test how the safety system operates on a timely basis and must
also adjust or upgrade it once a month or year. The network operator will take preventive action,
although the government does not find the passage of legislation to deter mobile phone-related
crime a priority. There are many flaws in the current cellular network, it isn't perfect for us.
The security personnel will also take these cloning issues seriously. And that is dangerous for
our society.

In conclusion, mobile phone cloning is a serious issue that can result in financial losses
and legal repercussions. It involves illegally obtaining and duplicating the unique identification
number of a legitimate mobile phone, allowing the cloned phone to make unauthorized calls or
send text messages. It is important to be aware of the potential risks and take steps to protect
your mobile phone from being cloned, such as keeping your phone locked and not sharing your
IMEI number with anyone. As always, it is highly recommended to follow the laws and
regulations of your country to avoid any legal issues. It may also lead to the resolution of the
crime. The contact of mobile phones is one of the most trustworthy, effective and commonly
used. Constructive or harmful use of the device can be modified. Sadly, it is really easy to crack
because of the safety requirements which takes far less time. Cloning can also be developed
quickly and effectively enforced. It must also be taken into account that the safety currently
employed is not adequately successful to protect the network in the future. It is therefore very
important to test how the safety system operates on a timely basis and must also adjust or
upgrade it once a month or year. It is therefore very important to test how the safety system
operates on a timely basis and must also adjust or upgrade it once a month or year.
 ACKNOWLEDGEMENT

I would like to express my gratitude towards a dynamic person and my guide Prof. K.S.
Pinnalwar, Assistant Professor In Computer Science And Engineering, Hi-Tech Institute of
Technology, Aurangabad for giving me opportunity to work on an interesting topic in 3rd
semester. I would also like to thank her for helping me at every discrete step in the study of
this project, contributed with this valuable guidance and provided with perfect solution with
every problem that rises. The work presented here could not have been accomplished without
her most competent and inspiring guidance, incessant encouragement,
constructive
criticism and constant motivation during all the phases of my Micro-Project work. I am really
indebted to her.

I would like to express my sincere thanks to our respected principal Prof. G. S. Dhage, Hi-
Tech Institute of Technology, Aurangabad and Prof. P. M. Mohite, HOD, Department Of
First Year Engineering for their insightful comments during the project work and also a piece
of advice and guidance which enlightened my way towards the completion of this project.

I would like to extend my thanks to all my professors, staff members and all our friends who
extended their co-operation to complete this seminar.

My thanks to all the staff members of Computer Science And Engineering Department, HIT
who helped me in completion of this project. I would like to express my appreciation and thanks
to my family and all my friends who assisted me with their valuable suggestions and comments,
and I am very grateful for their assistance.

With warm regards,

Yours Sincerely,
Shelar Puja Ashok
Roll No.21150