The IMEI Code: Your phone’s other number
Technical clarifications: IMEI, IMSI, ICCID, TMSI
- IMEI uniquely identifies the device; IMSI identifies the subscriber (on the SIM); ICCID identifies the physical SIM card; TMSI is a temporary network alias.
- ICCID generally isn’t used in standard network signaling; IMSI is what networks actually see.
- Many networks now use IMEISV (IMEI + software version) to apply device-specific workarounds and capability maps.
- Some details in the article are called out as sloppy or wrong (e.g., SSNs having check digits, confusion about number ranges and MAC addresses).
Emergency calling and legacy infrastructure
- GSM and successors support emergency calls without a SIM; the IMEI can act as a last-resort identifier.
- In practice, emergency infrastructure (e.g., E911 in the US) is described as layered hacks: callers get virtual numbers, IMEI/IMSI are rarely surfaced to dispatchers.
- Some countries (e.g., Germany) have disabled SIM-less emergency calling due to abuse; others rely on legal penalties or suggest test numbers/ANACs instead.
Privacy and tracking concerns
- Many see an immutable IMEI as a significant privacy risk, enabling tracking across SIMs and possibly across operators and roaming partners.
- Others argue the main tracking vector is the SIM/IMSI and carrier account, and that for average users IMEI is a minor concern compared to smartphones’ app tracking.
- There’s specific criticism of Android’s A-GNSS/SUPL behavior sending IMSI to Google by default.
- Silent SMS are highlighted as a tool used by authorities to locate devices; others push back that they are mainly for features like visual voicemail, though they admit they can be abused.
Changing identifiers and legal/technical barriers
- It is technically possible to change IMEIs on some hardware (routers, certain modems/phones), and tools/projects are discussed.
- Uses include privacy routers and “identity crisis” tricks to run cheap phone/tablet data plans in routers.
- Risks noted: collisions with legitimate devices, legal bans (e.g., UK criminalizes IMEI tampering), and unclear legality of plan circumvention.
- Some security/telecom veterans say frequent SIM changes alone don’t defeat state-level tracking; device changes/IMEI changes help more, but nothing is foolproof.
Carrier policies, theft, and national regimes
- Carriers now widely blacklist stolen IMEIs; this wasn’t always enforced and often required government pressure.
- Some countries tightly bind IMEI to identity (e.g., Kazakhstan, Turkey, Tunisia), significantly reducing theft but also blocking foreign devices and hobby GSM hardware.
- Australia and others maintain national IMEI blacklists; concerns about DoS/abuse are raised but not resolved in-thread.
Other notes
- Discussion touches on fake/clone phones that spoof identifiers and spec readouts, making authenticity hard to verify.
- Several commenters argue mobile networks and addressing (IMEI, MAC, ARP) are legacy, privacy-unfriendly designs overdue for a rethink.