|This article does not cite any references or sources. (June 2013)|
Phone cloning is the transfer of identity from one cellular device to another.
CDMA cloning involves gaining access to the devices Embedded File System /nvm/num directory via specialized software or placing a modified EEPROM into the target mobile telephone, allowing the electronic serial number (ESN) & or Mobile Equipment Identifier (MEID) of the mobile phone to be changed. The ESN or MEID is typically transmitted to the cellular company's MTSO in order to authenticate device onto the mobile network. Modifying this, as well as the phones PRL & number itself (known as the mobile identification number, or MIN) can pave the way for fraudulent calls, as the target telephone is now a clone of the telephone from which the original ESN and MIN numbers were obtained.
Cloning has been shown to be successful on code division multiple access (CDMA) but rare on the Global System for Mobile communication (GSM), one of the more widely used mobile telephone communication systems. However, cloning of a GSM phone is achieved by cloning the SIM card contained within, but not necessarily any of the phone's internal data (GSM phones do not have ESN or MIN, only an IMEI number.) There are various methods used to obtain the IMEI and MIN. The most common methods are to hack into the cellular company, or to eavesdrop on the cellular network. A GSM SIM card is actually copied by removing the SIM card and placing a device between the handset and the SIM card and allowing it to operate for a few days and extracting the KI, or secret code. This is normally done with handsets that have the option of an "extended battery" by placing the normal size battery in the handset and the Kopy Kat in the now vacant extra space. This is done by allowing the device to log the interaction between the mobile telephone switching office and the handset.
Effectiveness and legislation
Phone cloning is outlawed in the United Kingdom by the Wireless Telephone Protection Act of 1998, which prohibits:
knowingly using, producing, trafficking in, having control or custody of, or possessing hardware or software knowing that it has been configured to insert or modify telecommunication identifying information associated with or contained in a telecommunications instrument so that such instrument may be used to obtain telecommunications service without authorization.
The effectiveness of phone cloning is limited. Every mobile phone contains a radio fingerprint in its transmission signal which remains unique to that mobile despite changes to the phone's ESN, IMEI, or MIN. Thus, cellular companies are often able to catch cloned phones when there are discrepancies between the fingerprint and the ESN, IMEI, or MIN.