What is IMEI -IMEI Number – IMEISV – IMEI Check ?

The IMEI full form is International Mobile Equipment Identity. IMEI number is a unique 15 digits number that is assigned to a mobile device by the manufacturer. In mobile telecommunication, every sim card is identified by an IMSI, the mobile device in which sim is inserted is identified by the IMEI. When a mobile subscriber changes the sim card, only IMSI changes not the device information or IMEI. The IMEI information of a device can be obtained from the device itself. E.g for a smartphone, in the setting of a mobile device (Samsung Galaxy S8 Settings->About phone->Status->IMEI Information,) or by dialing a code (e.g *#06#), this works for any device. A mobile device can only work with mobile operators if a device having a valid IMEI number. The use of IMEI number is to allow, disallow in case of stolen devices or allow/disallow a device due to technical reasons. The IMEI should not be changed once a device is manufactured.

What is IMEI Structure?

The IMSI number is 15 digits long. 15 digits are divided into groups. Each group of digits in the IMEI structure has information about IMEI. IMEI structure is composed in such a way that it can be traced who is the manufacturer of the device and other information. The structure has the following sections

Type Allocation Code (TAC code)

This is 8 digit code. The manufacture of device requests from the international GSM standard body the TAC code for a new model of the device. TAC Codes for IMEI. GSMA allocated bodies allocate the tac code. The TAC code has two parts.  The format is AA  BBBBBB. AA is of two digits.

  1. AA –  Allocation Boby
  2. BBBBBB – Manufactures e.g Apple

Serial Number (SNR)

Each serial number uniquely identifies a device within a TAC. This is 6 digits in length.

Check Digit or IMEI number check

Check digit is derived from other digits from a formula. To IMEI number check, this digit is used.

The integrity of IMEI  on the network is checked by the Luhn Algorithm. The check digit should be calculated by the receiving entity for verification. The IMEI number check is important, this ensures that the IMEI number is valid and the device is not tempered.

IMEISV :

It is a 16 bits value assigned to a device. The first 14 digits are the same as IMEI. The last 2 digits are for the software version. The device manufacturer gets details from the IMEI number. But for software updates propagates correctly they should know the currently used version of software on the device. Version information sets correct application update and firmware updates.

How lost Phone is traced using IMEI number:

After reporting a lost mobile device. Its IMEI number is provided to all mobile operators in a country/area. The mobile operators put the device on monitoring using the IMEI number. When the mobile phone is switched on with a new or older SIM card. The phone tries to register on the network roaming network. The roaming network sends the IMSI and MSISDN information to the monitoring system. From MSISDN location and other activities (voice call, SMS, etc.) can be traced.

OTA updates for device setting:

A device gets updates from the manufactures most of the time. Device updates can be for firmware etc. From IMEI, the full device information ( type, brand, model, etc), can be obtained. For sending updates device information is important, so that device gets the correct updates. A mobile operator may send updates for device settings for the network information (IMSI, APN, etc.). In case of changes required by the home network operator in a device setting, an OTA is sent from the home network to the device. If IMEI is known to the mobile operator, the device gets correct settings or updates. A roaming sim card has multiple IMSI, an OTA may be used to update the IMSI, based on the location a subscriber is roaming.

EIR :

Eir is the central database of mobile phones, which have IMEI number status along with IMEI. There may be a central EIR, in a country where all roaming mobile operators query for the legality of a device. When a call starts, serving MSC sends an IMEI check operation to the EIR, and EIR responds back to the MSC. If the response is successful then the call is completed else call is dropped.

IMEI-Check over network:

In 2G or 3G network:

IMEI check is the process of finding whether a device is allowed to register for data or voice calls. This is achieved by a gsm node call EIR or Equipment Identity Register. This is a central database in the roaming network. Upon receiving a  check request, EIR may return with the following. When a call is initiated, the MSC does the ss7 signaling using a gsm map protocol to check IMEI.
The roaming MSC or SGSN sends CHECK_IMEI to the EIR and EIR responds with one of the following equipment statuses.

  • Unknown Equipment, When the device is not registered in EIR.
  • White List, When Equipment number is allowed to operate.
  • Blacklist, When Equipment number is not allowed to operate.
  • Grey List, When Equipment number is allowed to operate with observation.

In 4G network :

In 4G network the underlying protocol used is Diameter protocol.  The S13 and S13′ is  used in 4G network over diameter signaling. S13 is used between MME and EIR and S13′ is used between SGSN and EIR. The 3GPP application id is 16777252 . 3GPP Spec for S13/S13′
ME identity check procedure is used for identity verification.  ME-Identity-Check-Request/Answer (ECR/ECA),  Commands ior messages are used. When a mobile phone try to register on network then a ME identity check procedure is used between MME/SGSN and EIR.

< ME-Identity-Check-Request > ::= < Diameter Header: 324, REQ, PXY, 16777252 >
< Session-Id >
[ Vendor-Specific-Application-Id ]
{ Auth-Session-State }
{ Origin-Host }
{ Origin-Realm }
[ Destination-Host ]
{ Destination-Realm }
{ Terminal-Information }
[ User-Name ]
*[ AVP ]
*[ Proxy-Info ]
*[ Route-Record ]

The Terminal Information AVP have ME Identity , and User name (optional) have IMSI.

< ME-Identity-Check-Answer> ::= < Diameter Header: 324, PXY, 16777252 >
< Session-Id >
[ Vendor-Specific-Application-Id ]
[ Result-Code ]
[ Experimental-Result ]
{ Auth-Session-State }
{ Origin-Host }
{ Origin-Realm }
[ Equipment-Status ]
*[ AVP ]
*[ Failed-AVP ]
*[ Proxy-Info ]
*[ Route-Record ]

If result code received DIAMETER SUCCESS (2001) from EIR, then Equipment Status AVP have the status (white listed, black listed or grey listed) of ME identity status.

Device lock from a mobile operator:

There are phones which mobile operators provide along with their sim card. These phones work only when a sim card from that mobile operator is used. This check is done by hardware information obtained from the IMEI number. When a device is switched on and IMSI in sim card is only allowed on the device then mobile registration fails.

1 thought on “IMEI | IMEI Number | Check IMEI”

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top