1.

INTRODUCTION
1.1.Cell phone cloning
Cell phone cloning is copying the identity of one mobile telephone to another mobile telephone. Usually this is done for the purpose of making fraudulent telephone calls. The bills for the calls go to the legitimate subscriber. The cloner is also able to make effectively anonymous calls, which attracts another group of interested users.

1.2 Cloning
Cloning is the process of taking the programmed information that is stored in a legitimate mobile phone and illegally programming the identical information into another mobile phone. The result is that the "cloned" phone can make and receive calls and the charges for those calls are billed to the legitimate subscriber. The service provider network does not have a way to differentiate between the legitimate phone and the "cloned" phone. While mobile cloning is an emerging threat for Indian subscribers, it has been happening in other telecom markets since the 1990s, though mostly with regard to CDMA phones. Pleas in an US District Court in 1997 effectively ended West Texas authorities' first case of `phone cloning.' Authorities in the case estimated the loss at $3,000 to $4,000 for each number used. Southwestern Bell claims wireless fraud costs the industry $650 million each year in the US. Some federal agents in the US have called phone cloning an especially `popular' crime because it is hard to trace. Back home, police officers say the Yasin case is just the tip of the iceberg and have asked operators to improve their technology. But the operators claim they can't do much for now. "It's like stealing cars or duplicating credit card numbers. The service providers cannot do much except keep track of the billing pattern of the users. But since the billing cycle is monthly, the damage is done by the time we can detect the mischief," says a Reliance executive. Are your mobile phone bills unexpectedly high? Theres a chance you are the victim of mobile cloning. It is also known as cell phone piracy and has been taking place throughout the world since decades. Recently this crime has come to India.
1

Mobile phones have become a major part of our everyday life. On the one hand, Indias mobile phone market has grown rapidly in the last few years on the back of falling phone tariffs and handset prices, making it one of the fastest growing markets globally. On the other the number of mobile phone subscribers is exceeding that of fixed-line users. The mobile phone subscriber base has already crossed the 50-mn mark. Today millions of mobile phones users, be it Global System for Mobile communication (GSM) or Code Division Multiple Access (CDMA), run the risk of having their phones cloned. And the worst part is that there isnt much that you can do to prevent this. Such crime first came to light in January 2005 when the Delhi police arrested a person with 20 cell phones, a laptop, a SIM scanner, and a writer. The accused was running an exchange illegally wherein he cloned CDMA-based mobile phones. He used software for the cloning and provided cheap international calls to Indian immigrants in West Asia. A similar racket came to light in Mumbai resulting in the arrest of four mobile dealer. Mobile communication has been readily available for several years, and is major business today. It provides a valuable service to its users who are willing to pay a considerable premium over a fixed line phone, to be able to walk and talk freely. Because of its usefulness and the money involved in the business, it is subject to fraud. Unfortunately, the advance of security standards has not kept pace with the dissemination of mobile communication. Some of the features of mobile communication make it an alluring target for criminals. It is a relatively new invention, so not all people are quite familiar with its possibilities, in good or in bad. Its newness also means intense competition among mobile phone service providers as they are attracting customers. The major threat to mobile phone is from cloning. Cloning is the process of taking the programmed information that is stored in a legitimate mobile phone and illegally programming the identical information into another mobile phone. The result is that the "cloned" phone can make and receive calls and the charges for those calls are billed to the legitimate subscriber. The service provider network does not have a way to differentiate between the legitimate phone and the "cloned" phone.

' Authorities in the case estimated the loss at $3,000 to $4,000 for each number used. Southwestern Bell claims wireless fraud costs the industry $650 million each year in the US. Some federal agents in the US have called phone cloning an especially `popular' crime because it is hard to trace. Back home, police officers say the Yasin case is just the tip of the iceberg and have asked operators to improve their technology. But the operators claim they can't do much for now. "It's like stealing cars or duplicating credit card numbers. The service providers cannot do much except keep track of the billing pattern of the users. But since the billing cycle is monthly, the damage is done by the time we can detect the mischief," says a Reliance executive.

2.GSM AND CDMA MOBILE PHONES

2.1 CDMA( Code Division Multiple Access).
A method for transmitting simultaneous signals over a shared portion of the spectrum. There is no Subscriber Identity Module (SIM) card. Operators who provides CDMA service in India are Reliance and Tata Indicom. CDMA use a Mobile Identification Number (MIN) card that contains user account information.Rather than dividing the radio spectrum into separate users channel by frequency slices or time slots ,spread spectrum technology separate users by assigning them digital codes within the same broad spectrum .Advantages of CDMA include higher capacity and immunity from interference by other signals.. A method for transmitting simultaneous signals over a shared portion of the spectrum. There is no Subscriber Identity Module (SIM) card unlike in GSM. Operators who provides CDMA service in India are Reliance and Tata Indicom.

2.2 GSM (Global System for Mobile Communications)

A digital cellular phone technology based on TDMA GSM phones MHz frequency band. There is a Subscriber Identity Module (SIM) card. Any GSM phone becomes immediately programmed after plugging in the SIM card, thus allowing GSM phones to be easily rented or borrowed.Operators who provide GSM service are Airtel,Hutch etc. with GSM system for mobile communication reached a global scale .In the western world ,it seems every one has their own mobile phone,and GSM has taken more and more of the market.

The network element which provides all the control functions and physical link between the MSC and BTS.The BSC provides function such as handover,cell configuration data,and control of radio frequency power levels in Base Transceiver stations.The network element which handles the radio interface to the mobile station.The BTS is the radio equipment needed to service each cell in the network.A network element which provide short messages service voice mail, fax mail, email, and paging is called Message Center (MXE).A network element used to interconnect two GSM.CDMA is one of the newer digital technologies used in Canada, the US, Australia, and some South-eastern Asian countries. CDMA differs from GSM and TDMA (Time Division Multiple Access) by its use of spread spectrum techniques for transmitting voice or data over the air. Rather than dividing the radio frequency spectrum into separate user channels by frequency slices or time slots, spread spectrum technology separates users by assigning them digital codes within the same broad spectrum. Advantages of CDMA include higher user capacity and immunity from interference by other signal.

3.COMPONENT OF GSM NETWORK

3.1 The Switching System (SS)
Home Location Register (HLR) - A database which stores data about GSM subscribers, including the Individual Subscriber Authentication Key (Ki) for each Mobile Services Switching Center (MSC) - The network element which performs the telephony switching functions of the GSM network Visitor Location Register (VLR) - A database which stores temporary information about roaming GSM subscribers. Authentication Center (AUC) - A database which contains the International Mobile Subscriber Identity (IMSI) the Subscriber Authentication key (Ki), and the defined algorithms for encryption. Equipment Identity Register (EIR) - A database which contains information about the identity of mobile equipment in order to prevent calls from stolen, unauthorized, or defective mobile stations.

3.2 The Base Station System (BSS) Base Station Controller (BSC) - The network element which provides all the control
functions and physical links between the MSC and BTS. The BSC provides functions such as handover, cell configuration data, and control of radio frequency

(RF) power levels in Base Transceiver Stations. Base Transceiver Station (BTS) - The network element which handles the radio interface to the mobile station. The BTS is the radio equipment (transceivers and antennas) needed to service each cell in the network. 3.3 The Operation and Support System (OSS)
Message Center (MXE) - A network element which provides Short Message Service (SMS), voice mail, fax mail, email, and paging. Gateway Mobile Services Switching Center (GMSC) - A network element used to interconnect two GSM networks.

4. IMPORTANT TERMS 4.1 ESN

,which stands for Electronic Serial Number. It is same as the IMEI but is used in CDMA handsets. Integrated circuit card identifier Corresponds to the number printed on surface of SIM

File ICCID

Purpose Serial Number

Size 10 bytes

4.2 IMEI
It stands for International Mobile Equipment Identifier, this is a 10 digit universally unique number of our GSM handset. I use the term Universally Unique because there cannot be 2 mobile phones having the same IMEI no. This is very valuable number and used in tracking mobile phones

4.3 SIM
It stands for subscriber identity module.Basically SIM Provides storage of subscriber related information of three types: 1. Fixed data storage 2. Temporary data storage 3. Service related data

File IMSI

Purpose Subscriber ID

Size 9 bytes

4.4 International Mobile Subscriber Identity

As stored in the HLR/VLRS on network Unique ID for every subscriptions on the operator network. a. Every SIM can be protected by a Personal Identification Number (PIN) b. Set at point of manufacture c. Can be changed by the Subscriber d. Four digit code e. Usually 3 attempts before phone is blocked

4.5 Bypassing the PIN requires the Pin Unblocking Key (PUK)
a. 8 digit code b. Set by manufacturer c. Maximum 10 attempts before phone is permanently blockedProcessor is used for providing access to the data and security d. To access the data we need; e. Standard smart card reader f. SIM access Software g. As SIM is a smart card it has h. A processor i. j. Non-volatile memory Data stored in binary files

Knowledgeable criminals will be aware of the properties of the SIM and thus manipulate them. Greater threat is that of cloning SIM data for illicit use a. Directly from the SIM using a scanning software b. Eaves-dropping on the networks for unencrypted transmission of the IMSI it cannot normally be obtained directly as it is derived from an encryption algorithm stored on the SIM However, if the encryption algorithm is weak then it is possible to feed numbers .

4. HOW IS PHONE CLONED

Cellular thieves can capture ESN and MIN using devices such as cell phone reader or digital data interpreters (DDI).The ESN and MIN pair can be cloned in a number of way without the knowledge of Carriers or subscriber through o Electronic Scanningdevices.After ESN/MIN pair is captured ,the cloner reprogrammed or alter the micro chip of any wireless phone to create clone of any wireless phone from Which ESN/MIN pair was stolen.cellular thieves can capture ESN/MINs using devices such as cell phone ESN reader or digital data interpreters .By simply sitting near busy roads where the volume of cellular phone is high,cellular thieves monitoring the radio waves transmission from the cell phone of legitimate Subscriber can capture ESN/MIN pair. Number can be recorded by hand, one by one ,or stored in the box and later downloaded to a computer.ESN/MIN reader can also be used from inside an offenders home ,office or hotel room, increasing the difficulty of detection.The entire programming process takes 10-15 minutes Per phone .Any call made with cloned phone are billed to a legitimate phone account.Innocent citizens Ends up with unexplained monthly phone bills.

5.1 Obtaining blank SIMs

a. These cards can be ordered from the same source where network providers get their cards. b. The card must then be programmed with a special tool for programming of fresh cards. Such a tool is distributed together with the Sim-Scan package. c. An attacker could also get hold of a generic smart card and smart card programmer, and then program the card to act as a SIM. Cloning involved modifying or replacing the EPROM in the phone with a new chip which would allow you to configure an ESN (Electronic serial number) via software. You would also have to change the MIN (Mobile Identification Number). When you had successfully changed the
8

ESN/MIN pair, your phone was an effective clone of the other phone. Cloning required access to ESN and MIN pairs. ESN/MIN pairs were discovered in several ways: d. Sniffing the cellular e. Trashing cellular companies or cellular resellers f. Hacking cellular companies or cellular resellers g. Cloning still works under the AMPS/NAMPS system, but has fallen in popularity as older clone able phones are more difficult to find and newer phones have not been successfully reverse-engineered. h. Cloning has been successfully demonstrated under GSM, but the process is not easy and it currently remains in the realm of serious hobbyists and researchers

6. CELLULAR PHONE COUNTEREITING

GSM provides authentication of users and encryption of the traffic across the air interface. This is accomplished by giving the user and network a shared secret, called Ki. This 128-bit number is stored on the SIM-card, and is not directly accessible to the user. Each time the mobile connects to the network, the network authenticates the user by sending a random number (challenge) to the mobile.

7. CLONING GSM PHONES

Every GSM phone has 15 digit of electronic serial number reffered as IMEI.It is not particularly secret bit of information and you dont need to take any care to keep it private.The important is the IMSI ,which is stored in removeable SIM card that carry all your subscriber information. GSM network that are considerd to be impregnable can also be haked.The process is simple : a SIM card is inserted in to a reader,after connecting to a computer using data cables, the card information is transferred in to PC.Then using free available encryption

10

software on the Net, the card detail can be easily transferred to a blank Smart card .The result cloned phone is ready to misuse. He can do numerous call after cloning and the has to be payed by innocent subscriber.

8. METHOD TO DETECT CLONED PHONES

8.1 DUPLICATE DETECTION
The network sees same phone in several place at same time.The reaction include shutting them all of so that the real customer will contact the operator because he lost the service he is paying for,or tearing down the connection so that clone user will switch to another clone but the real user will contact the operator. 8.2 VELOCITY TRAP

The mobile phone seems to be moving at impossible or most unlikely speed. Forexample ,if a call first made in Helsinki ,and five minute later another is made but this time in Tampere, there must be two phone with same identity on the network.

11

Cloning involved modifying or replacing the EPROM in the phone with a new chip which would allow you to configure an ESN (Electronic serial number) via software. You would also have to change the MIN (Mobile Identification Number). When you had successfully changed the ESN/MSN pair, your phone was an effective clone of the other phone. Cloning required access to ESN and MIN pairs. ESN/MIN pairs were discovered in several ways:

Sniffing the cellular Trashing cellular companies or cellular resellers Hacking cellular companies or cellular resellers

Cloning still works under the AMPS/NAMPS system, but has fallen in popularity as older clone able phones are more difficult to find and newer phones have not been successfully reverseengineered. Cloning has been successfully demonstrated under GSM, but the process is not easy and it currently remains in the realm of serious hobbyists and researchers. With technically sophisticated thieves, customers are relatively helpless against cellular phone fraud. Usually they became aware of the fraud only once receiving their phone bill. Service providers have adopted certain measures to prevent cellular fraud. These include encryption, blocking, blacklisting, user verification and traffic analysis: Encryption is regarded as the most effective way to prevent cellular fraud as it prevents eavesdropping on cellular calls and makes it nearly impossible for thieves to steal Electronic Serial Number (ESN) and Personal Identification Number (PIN) pairs. Blocking is used by service providers to protect themselves from high risk callers. For example, international calls can be made only with prior approval. In some countries only users with major credit cards and good credit ratings are allowed to make long distance calls. Blacklisting of stolen phones is another mechanism to prevent unauthorized use. An Equipment Identity Register (EIR) enables network operators to disable stolen cellular phones on networks around the world. User verification using Personal Identification Number (PIN) codes is one method for customer protection against cellular phone fraud.

12

Tests conducted have proved that United States found that having a PIN code reduced fraud by more than 80%. Traffic analysis detects cellular fraud by using artificial intelligence software to detect suspicious calling patterns, such as a sudden increase in the length of calls or a sudden increase in the number of international calls. The software also determines whether it is physically possible for the subscriber to be making a call from a current location, based on the location and time of the previous call. Currently, South Africa's two service providers, MTN and Vodacom, use traffic analysis with the International Mobile Equipment Identity (IMEI) a 15 digit number which acts as a unique identifier and is usually printed on the back of the phone underneath the battery to trace stolen phones.

9. ARE OUR CELL PHONES SECURED?

Too many users treat their mobile phones as gadgets rather than as business assets covered by corporate security policy. Did you realize there's a lucrative black market in stolen and "cloned" Sim cards? This is possible because Sims are not network specific and, though tamper-proof, their security is flawed. In fact, a Sim can be cloned many times and the resulting cards used in numerous phones, each feeding illegally off the same bill. But there are locking mechanisms on the cellular phones that require a PIN to access the phone. This would dissuade some attackers, foil others, but might not work against a well financed and equipped attacker. An 8-digit PIN requires approximately 50,000,000 guesses, but there may be ways for sophisticated attackers to bypass it. With the shift to GSM digital - which now covers almost the entire UK mobile sector - the phone companies assure us that the bad old days are over. Mobile phones, they say, are secure and privacy friendly. This is not entirely true. While the amateur scanner menace has been largely exterminated, there is now more potential than ever before for privacy invasion. The alleged security of GSM relies on the myth that encryption - the mathematical scrambling of our conversations - makes it impossible for anyone to intercept and understand our words. And while this claim looks good on paper, it does not stand up to scrutiny.

13

The reality is that the encryption has deliberately been made insecure. Many encrypted calls can therefore be intercepted and decrypted with a laptop computer.

9.1 CAN DIGITAL PHONES BE CLONED?

Yes. Digital phones can be cloned however; the mobile phones employing digital TDMA and CDMA technology are equipped with a feature known as "Authentication." Some newer model analog phones also have this feature. Authentication allows the mobile service provider network to determine the legitimacy of a mobile phone. Phones determined to be "clones" can be instantly denied access to service before any calls are made or received.

9.2 HOW TO KNOW THAT THE CELL HAS BEEN CLONED?

Frequent wrong number phone calls to your phone, or hang-ups. Difficulty in placing outgoing calls. Difficulty in retrieving voice mail messages. Incoming calls constantly receiving busy signals or wrong numbers. Unusual calls appearing on your phone bills

9.3 CAN CALLS ON CLONED PHONE BE TRACKED?

Yes. A SIM can be cloned again and again and they can be used at different places. Messages and calls can track sent by cloned phones. However, if the accused manages to also clone the IMEI number of the handset, for which softwares are available, there is no way the cell can be traced.

14

9.4 WHAT EXACTLY IS AUTHENTICATION?

Authentication is a mathematical process by which identical calculations are performed in both the network and the mobile phone. These calculations use secret information (known as a "key") preprogrammed into both the mobile phone and the network before service is activated. Cloners typically have no access to this secret information (i.e., the key), and therefore cannot obtain the same results to the calculations. A legitimate mobile phone will produce the same calculated result as the network. The mobile phone's result is sent to the network and compared with the network's results. If they match, the phone is not a "clone."

9.5 ARE THESE METHODS EFFECTIVE?

Yes, for the most part. However, Authentication is the most robust and reliable method for preventing cloning fraud and it is the only industry "standard" method for eliminating cloning. The fact that it is standardized means that all mobile telecommunications networks using IS-41 can support Authentication. There is no need to add proprietary equipment, software, or communications protocols to the networks to prevent cloning fraud.

9.6 IS MY PHONE AUTHENTICATION CAPABLE?

If the phone supports TDMA or CDMA digital radio, then yes. Otherwise, it depends on how old the phone is and the make and model. Almost all phones manufactured since the beginning of 1996 support the Authentication function. The best bet is to check with your service.

15

9.7 WHAT IS IS-41?

IS-41(Interim Standard No. 41) is a document prescribing standards for communications between mobile networks. The standard was developed by the Telecommunications Industry Association (TIA) and is used primarily throughout North America as well as many Latin American countries and Asia. The IS-41 network communications standard supports AMPS, NAMPS, TDMA, and CDMA radio technologies. IS-41 is the standard that defines the methods for automatic roaming, handoff between systems, and for performing Authentication.

10. IMPACT OF CLONING

Each year mobile phone industry losses million of dollars in revenue because of criminal action of person ,who are able to reconfigure mobile phones, so that their called are bill to another phone owned by innocent third persons. Many people use cloned cellular telephone,for irregular activities, because their call are not billed to them. moreover cloned phone are difficult to trace. While mobile phone cloning is an emerging threat for Indian subscribers, it has been happening in other telecom market since 1990s,though mostly with regard to CDMA phones.some federal agents in us have called cell phone cloning an especially a crime because it is hard to trace.It is like stealing cars or duplicating credit card numbers.The service providers can not do much except keep track of the billing pattern of the users.But since the billing cycle is monthly , the damage is done by the time we can detect the mischief . Cellular telephone companies do not require their customers, to pay for any charge illegally made to their account no matter how great the cost.But some portion of the cost of these illegal telephone calls is passed along to cellular telephone consumers as a whole.This phenomena is especially prevalent in drug crimes. Drug dealers need to be in constant contact with their source of supply and their confederates on the streets. Traffickers acquire cloned phones at a minimum cost , make dozens of calls, and then throw the phone away after as little as a days use.In the same way, criminals who pose a threat to our national security, such as terrorists,have been known to use cloned phones to thwart law
16

enforcement efforts aimed at tracking their where about. There are also more discreet, concealable devices used to clone cellular phones. Plugs and ES-Pros, which are about the size

of the pager or small calculator, do not require computers or copycat boxes for cloning. The entire programming process takes ten-15 minutes per phone. Innocent citizens end up with unexplained monthly phone bills. It is initial stages in India so preventive step should be taken by the network Mobile Cloning Is in initial stages in India so preventive steps should be taken by the network provider and the Government the enactment of legislation to prosecute crimes related to cellular phones is not viewed as a priority, however. It is essential that intended mobile crime legislation be comprehensive enough to incorporate cellular phone fraud, in particular "cloning fraud" as a specific crime.

11. HOW TO PREVENT CELL PHONE CLONING

Service provider have adopted

certain measures

to prevent cellular fraud.These include stolen

encryption,blocking,blacklisting,user verification and traffic analysis.Blacklisting of

phones is another mechanism to prevent unauthorized use.An Equipment Identity Register(EIR) enable network operators to disable stolen cellular phone on network around the world.User verification using PERSONEL IDENTIFICATION NUMBER(PIN) is one method against cellular fraud. Cloning as the crime branch detectives divulge,starts when some one,working for mobile phone service provider,agrees to see the security number to gray market operators.Every mobile handset has a unique factory coded electronic serial number and a mobile identificatonnumber.The buyer can then program these security number in to new handsets.To check the misuse of mobile phone cloning phenomena falls on subscriber himself. The subscriber, according to the officials, should be on the alert and inform the police on suspecting any foul play.It would be advisable for them to ask for the list of outgoing calls, as soon as they realize that they have been overcharged. Modification of current definition of scanning receiver to ensure that the term is understood to include a device that can be used to intercept an electronic serial number.correction of an error in the current penalty provision of 18 U.S.C that provide two different statutory maximum penalty (10-15 years) for the same offence.with
17

respect to cell phone cloning act , the Act makes clear that a person convicted of such a offence without o prior section 1029 conviction is subject to a statutory maximum of 20 years.In addition to amendment to section 1029, the wireless Telephone Protection Act directs the commission to review and amend the federal sentencing guidelines and the policy statements of the commission , and, if appropriate, to provide an appropriate penalty for offences involving the cloning wireless telephone . The U.S Secret Service and the wireless telecommunication Industry are increasingly concerned about cloning fraud.consistent with the manufacturing is the predominant function of offender in these cases.The other type of cloning equipment addressed in the amendment ,specialized computers software, was present in 32 percent of the cases.The cellular telephone industry does not charge legitimate, victimized customer for fraudulent call, rather the companies absorb the losses themselves. Uniquely identifies a mobile unit within a wireless carrier's network. The MIN often can be dialed from other wireless or wire line networks. The number differs from the electronic serial number (ESN), which is the unit number assigned by a phone manufacturer. MINs and ESNs can be checked electronically to help prevent fraud .Mobiles should never be trusted for communicating/storing confidential information. Always set a Pin that's required before the phone can be used. Check that all mobile devices are covered by a corporate security policy. Ensure one person is responsible for keeping tabs on who has what equipment and that they update the central register. How do service providers handle reports of cloned phones? Legitimate subscribers who have their phones cloned will receive bills with charges for calls they didn't make. Sometimes these charges amount to several thousands of dollars in addition to the legitimate.

Typically, the service provider will assume the cost of those additional fraudulent calls. However, to keep the cloned phone from continuing to receive service, the service provider will terminate the legitimate phone subscription. The subscriber is then required to activate a new subscription with a different phone number requiring reprogramming of the phone, along with the additional headaches that go along with phone number changes.

18

12. FACTS AND FIGURE

1. Attempt to register using encryption 4. Passes on authentication 5. Dials a number 6. Requests MS switch off encryption 8. Call proceeds wit MIM eavesdropping

2. Passes on the registration request 3. Authenticates

7. Encrypts then passes on the call request

Legitimate Subscriber

Man-in-themiddle

Operator BTS

Spoofing BTS Spoofing MS

19

The subscriber attempts to register using the encryption, to the man in middle after that it passes on the registration request to BTS operator.BTS operator authenticates the call to second person and it passes authentication to subscriber .when subscriber dials a number it goes to second person and second person send request to MS switch off encryption .now the man in middle encrypts then passes on the call request to BTS operator.In the above figure red colour represents spoofing BTS and blue colour represents spoofing MS.

File
SMS SMSP SMSS

Purpose
The text messages Message parameters Status of the messages

Size
N*176 bytes Variable Variable

13. SOLUTION OF THIS PROBLEM

Service providers have adopted certain measures to prevent cellular fraud. These include encryption, blocking, blacklisting, user verification and traffic analysis: Encryption is regarded as the most effective way to prevent cellular fraud as it prevents eavesdropping on cellular calls and makes it nearly impossible for thieves to steal Electronic Serial Number (ESN) and Personal Identification Number (PIN) pairs. Blocking is used by service providers to protect themselves from high risk callers. For example, international calls can be made only with prior approval. In some countries only users with major credit cards and good credit ratings are allowed to make long distance calls. Blacklisting of stolen phones is another mechanism to prevent unauthorized use. An Equipment Identity Register (EIR) enables network operators to disable stolen cellular phones on networks around the world. User verification using Personal Identification Number
20

(PIN) codes is one method for customer protection against cellular phone fraud. Tests conducted have proved that United States found that having a PIN code reduced fraud by more than 80%. Traffic analysis detects cellular fraud by using artificial intelligence software to detect suspicious calling patterns, such as a sudden increase in the length of calls or a sudden increase in the number of international calls. The software also determines whether it is physically possible for the subscriber to be making a call from a current location, based on the location and time of the previous call. Currently, South Africas two service providers, MTN and Vodacom, use traffic analysis with the International Mobile Equipment Identity (IMEI) a 15 digit number which acts as a unique identifier and is usually printed on the back of the phone underneath the battery to trace stolen phones.
Other warning signs that subscriber should watch out for to detect fraudlentactivity include: Frequent wrong number phone call on your phone, or hang ups.Difficulty in placing outgoing calls.Difficulty in retrieving voice mail messages. Incoming call receive busy signals. Unusual bill appearing on yours phone.

14.CONCLUSION

Presently the cellular phone industry relies on common law (fraud and theft) and in-house counter measures to address cellular phone fraud. Mobile Cloning Is in initial stages in India so preventive steps should be taken by the network provider and the Government the enactment of legislation to prosecute crimes related to cellular phones is not viewed as a priority, however. It is essential that intended mobile crime legislation be comprehensive enough to incorporate cellular phone fraud, in particular "cloning fraud" as a specific crime

Mobile Cloning Is in initial stages in India so preventive steps should be taken by the network provider and the Government the enactment of legislation to prosecute crimes related to cellular phones is not viewed as a priority, however. It is essential that intended mobile crime legislation be comprehensive enough to incorporate cellular phone fraud, in particular "cloning fraud" as a specific crime.

21

 Existing cellular systems have a number of potential weaknesses that were considered. It is crucial that businesses and staff take mobile phone security seriously. Presently the cellular phone industry relies on common law (fraud and theft) and in-house counter measures to address cellular phone fraud. Mobile cloning is in initial stages in India so preventive steps should be taken by the provider and the government the enactment of legislation to prosecute crimes related to cellular phone is not viewed as a priority, however. It is essential that intended mobile crime legislation be comprehensive enough to incorporate cellular phone fraud, in particular Cloning fraud as a specific crime. The sources of evidence The subscriber The mobile station The network

Since GSM is the worlds largest system for mobile communication today and also lay the foundation for the future UMTS, it is important to recognize the need to study the methods and tools for forensic analysis of the GSM system.

22