The mobile ecosystem and IMEIs
In the mobile operator ecosystem, the IMEI of a device is a critical identifier on which many decisions are based.
If the IMEI is invalid (either through errors in the supply chain or via end user tampering), incorrect decisions can be made about the services the operator provides.
Scenarios where altered IMEIs arise:
Laundering of stolen devices
If a stolen device has been blacklisted by law enforcement, the device can continue to access network services if its IMEI is modified to a non-blacklisted one. This enables the device to be resold.
Changing of IMEIs to access network features
There are numerous apps in the Google Play Store which permit modification of the IMEI, generally subject to the device having been rooted. However, devices using a Mediatek chipset can have the IMEI modified via straightforward key sequences.
Changing of IMEIs to avoid service barring to unregistered devices
Some countries require that devices are registered at national level before service is provided by operators. By changing IMEIs, unregistered devices can appear as duplicates of registered ones, and hence can access network services.
Re-use of valid IMEIs in clone/counterfeit devices
Manufacturers of clone or non-authentic devices sometimes use invalid IMEIs in their devices, and sometimes re-use valid ones belonging to legitimate devices.
The symptoms arising from any of the above can include duplicate IMEIs appearing on the network.
The DeviceAssure solution
DeviceAssure allows remote identification of non-authentic devices, based on an app install or a visit to a web page with the capability embedded.
Suspect devices (for example, those having duplicate IMEIs) can be targeted for assessment.
DeviceAssure is a B2B offering that can be easily embedded into a pre-existing app or web page, providing an immediate result, with details of the device profile and any inconsistencies.
It is used to identify the following:
- Non-authentic or compromised devices in general;
- For cases of duplicate IMEIs, DeviceAssure identifies the devices which have the correct hardware profile for the IMEI.
Benefits of using DeviceAssure in the Mobile Network Operator and Telecommunications Regulator environments
- 1. Non-standard devices can be controlled, resulting in better outcomes for subscribers as well as network operators, since non-standard devices typically perform poorly, have a shorter life, and drive call traffic to operator helpdesks.
- 2. Consumer safety is enhanced through control of non-standard devices, since such devices are typically out of specification, carry no warranties, and may contain hazardous materials as well as having potentially dangerous batteries and accessories.
- 3. The ability to identify devices with incorrect IMEIs permits improved enforcement, resulting in reduced re-use of stolen devices, ultimately benefiting the consumer by making cellphone theft a less attractive crime.
- 4. Consistency of data across the network is improved through control of duplicate IMEIs and devices with incorrect IMEIs.
- 5. The ability to measure the scale of non-authentic devices within a network or country permits accurate assessment of the level of government revenue losses arising due to mis-declared imports.
Where else can DeviceAssure be utilized?
Government & Regulatory Bodies
Address tax and excise revenue loss due to importation of counterfeit devices. Public health and safety and Intellectual Property Rights within territories can be safeguarded by identifying shoddy and dangerous technology.
Device Manufacturers and OEMs
Counterfeit devices create a negative brand image for device manufacturers. DeviceAssure helps device manufacturers and OEMs understand the scale of counterfeiting, affected markets and potential impact on their brands.
Online Shopping Platforms, Secondary Device Markets
Millions of mobile devices are sold every day via a huge range of online shopping platforms without any way to assure the validity of the devices for sale. DeviceAssure provides a quick and easy way for eRetailers to validate devices before they can be listed. It can also be used by customers to verify that the goods they are purchasing are genuine.
Prevent malware and other security threats compromising networks and devices from nonstandard and counterfeit devices.