Mobile menaces

DQW Bureau
11 Apr 2005


Cell phone cloning has just taken off in India and you could be its next


Remember Dolly the lamb, cloned from a six-year-old ewe in 1997, by a group

of resear-chers at the Roslin Institute in Scotland? While the debate on the

ethics of cloning contin-ues, Indians, for the first time, are faced with a more

tangible and harmful version of cloning and this time it is your mobile phone

that is the target.

In February this year, the Hyderabad police arrested two people for mobile

phone cloning-at the cost of gen-uine subscribers. The duo had established a

network of young men who frequented PCOs, which offered call faci-lity through

CDMA techno-logy. They used to make a note of the electronic serial number (ESN)

and the electronic mac-hine identification number (EMIN) of the mobile handsets.

The stolen ESN and EMIN were then fed into a new CDMA handset, whose existing

pro-gram was erased with the help of a downloaded software.


The Hyderabad arrest is not a standalone case. A spate of arrests over the

last couple of months across India reveal that cell phone cloning is on the


Who's safe?

Nobody. CDMA handsets are particularly vulnerable to cloning, according to

experts. First generation mobile cellular networks allowed fraudsters to pull

subscription data (such as ESN and MIN) from the analog air interface and use

this data to clone phones. Interception of CDMA calls is not exactly that

simple. The technology uses spread-spectrum techniques to share bands with

multiple conversa-tions. Subscriber information is also encrypted and

transmi-tted digitally.

GSM handsets, on the contrary, are safer, according to experts. Every GSM

phone has an electronic serial num-ber (referred to as the IMEI). It is not a

particularly secret bit of information and you don't need to take any care to

keep it private. The important information is the IMSI, which is stored on the

removable SIM card that carries all your subscriber information, roam-ing

database and so on. GSM employs a fairly sophisticated asymmetric-key

cryptosystem for over-the-air transmission of subscriber information. Clo-ning a

SIM using information captured over-the-air is there-fore difficult, though not

impossible. As long as you don't lose your SIM card, you're safe with GSM.

Says TV Ramachandran, Director-General of Cellular Operators Association of

India (COAI), "GSM carriers use the COMP128 authentication algorithm for

the SIM, authen-tication center and network which makes GSM a far secure



GSM networks were consi-dered to be impregnable until last month, when a

Delhi-based computer science graduate revealed gaps in the security system of

Hutch. The process was simple: a SIM card was inserted into a reader. After

connecting it to the computer using data cables, the card details were trans-ferred

into the PC. Then, using freely available encryption software on the Net, the

card details were encrypted on to a blank smart card.

Consumer and cloning

While Hutch may be in a position to bear the damage, what happens when a

subscriber becomes a victim? Not much, as most operators, both CDMA and GSM,

have chosen to maintain silence. While Reliance refused to speak to and Bharti

claimed that no GSM phone has been cloned and hence it is not a matter of

concern, Hutch considers the incident to be a stray case. Says Ramachan-dran of

COAI, "GSM networks are more secure. It is difficult to clone a SIM card as

som-eone needs to possess your SIM card to get the carrier's key." The

entire GSM industry in India runs on COMP128-1, which has been breached a couple

of years back in the US. COAI has asked all service providers to upgrade their

authentication algorithm to COMP128-3, declared tamper-proof by the

international GSM Association.

The best detection measure available in CDMA today is the A key feature. The

A key is a secret 20 digit number unique to the handset given by the

manufacturer to the service provider only. This number is loaded in the

Authentication Center for each mobile. As this number is not displayed in mobile

parameters this cannot be copied. Whenever the call is originated/termina-ted

from a mobile with auth-entication active, the network checks for the

originality of the set using this secret key. Says Naresh Malhan, COO, Delhi and

Rajasthan circle, Tata Indicom, "Both the man-ufacturer and the operator

have to participate to prev-ent cloning. The manufactu-rer has responsibility to

protect the handset parame-ters access by use of compli-cated software


Beyond detection

However, all these methods are only good at detecting cloning, not

preventing damage. A better solution is to add authentication to the system.

But, this requires upgrades to users' and operators' equipment. The Ministry

of Information and Communication (MIC) of Korea has asked the country's

leading service providers to implement the new cellular authentication system in

a full-fledged manner from March. MIC expects the measure to eradicate illegal

cloning completely. This means, upgrading the software of the operators'

network, and renewing the SIM cards, which comes for a price and may not be a

palatable idea for most Indian carriers at present.

Bhaswati Chakravorty

in New Delhi