We know that pressing send or turning on the phone conveys information about the phone to the cell site and then to the MTSO. A call gets checked with all this information. There are many parts to each digital message. A five digit code called the home system identification number (SID or sometimes SIDH) identifies the cellular carrier your phone is registered with. For example, Cellular One's code in Sacramento, California, is 00129. Go to Stockton forty miles south and Cellular One uses 00224. A system can easily identify roamers with this information. The "Roaming" lamp flashes or the LED pulses if you are out of your local area. Or the "No Service" lamp comes on if the mobile can't pick up a decent signal. This number is keypad programmable, of course, since people change carriers and move to different areas. You can find yours by calling up a local cellular dealer. Or by putting your phone in the programming mode.
This number doesn't go off in a numerical form, of course, but as a binary string of zero's and ones. These digital signals are repeated several times to make sure they get received. The mobile identification number or MIN is your telephone's number. MINs are keypad programmable. You or a dealer can assign it any number desired. That makes it different than its electronic serial number which we'll discuss next. A MIN is ten digits long. A MIN is not your directory number since it is not long enough to include a country code. It's also limited when it comes to future uses since it isn't long enough to carry an extension number.
The electronic serial number or ESN is a unique number assigned to each phone. One per phone! Every cell phone starts out with just one ESN. This number gets electronically burned into the phone's ROM, or read only memory chip. A phone's MIN may change but the serial number remains the same. The ESN is a long binary number. Its 32 bit size provides billions of possible serial numbers. The ESN gets transmitted whenever the phone is turned on, handed over to another cell or at regular intervals decided by the system. Every ten to fifteen minutes is typical. Capturing an ESN lies at the heart of cloning. You'll often hear about stolen codes. "Someone stole Major Giuliani's and Commissioner Bratton's codes." The ESN is what is actually being intercepted. A code is something that stands for something else. In this case, the ESN. A hexadecimal number represents the ESN for programming and test purposes. Such a number might look like this: 82 57 2C 01.
The station class mark or SCM tells the cell site and the switch what power level the mobile operates at. The cell site can turn down the power in your phone, lowering it to a level that will do the job while not interfering with the rest of the system. In years past the station class mark also told the switch not to assign older phones to a so called expanded channel, since those phones were not built with the new frequencies the FCC allowed.
The switch process this information along with other data. It first checks for a valid ESN/MIN combination. You don't get access unless your phone number matches up with a correct, valid serial number and MIN. You have to have both unless, perhaps, if you call 911. The local carrier checks its own database first. Each carrier maintains its own records but the database may be almost anywhere. These local databases are updated, supposedly, around the clock by two much larger data bases maintained by Electronic Data Systems and GTE. EDS maintains records for most of the former Bell companies and their new cellular spin offs. GTE maintains records for GTE cellular companies as well as for other companies. Your call will not proceed returned unless everything checks out. These database companies try to supply a current list of bad ESNs as well as information to the network on the tens of thousands cellular users coming on line every day.
A local caller will probably get access if validation is successful. Roamers may not have the same luck if they're in another state or fairly distant from their home system. Even seven miles from San Francisco, depending on the area you are in. (I know this personally.) A roamer's record must be checked from afar. Many carriers still can't agree on the way to exchange their information or how to pay for it. A lot comes down to cost. A distant system may still be dependent on older switches or slower databases that can't provide a quick response. The so called North American Cellular Network attempts to link each participating carrier together with the same intelligent network/system 7 facilities.
Still, that leaves many rural areas out of the loop. A call may be dropped or intercepted rather than allowed access. In addition, the various carriers are always arguing over fees to query each others databases. Fraud is enough of a problem in some areas that many systems will not take a chance in passing a call through. It's really a numbers game. How much is the system actually loosing, compared to how much prevention would cost? Preventive measures may cost millions of dollars to put in place at each MTSO. Still, as the years go along, cooperation among carriers is getting better and the number of easily cloned analog phones in use are declining.
This number doesn't go off in a numerical form, of course, but as a binary string of zero's and ones. These digital signals are repeated several times to make sure they get received. The mobile identification number or MIN is your telephone's number. MINs are keypad programmable. You or a dealer can assign it any number desired. That makes it different than its electronic serial number which we'll discuss next. A MIN is ten digits long. A MIN is not your directory number since it is not long enough to include a country code. It's also limited when it comes to future uses since it isn't long enough to carry an extension number.
The electronic serial number or ESN is a unique number assigned to each phone. One per phone! Every cell phone starts out with just one ESN. This number gets electronically burned into the phone's ROM, or read only memory chip. A phone's MIN may change but the serial number remains the same. The ESN is a long binary number. Its 32 bit size provides billions of possible serial numbers. The ESN gets transmitted whenever the phone is turned on, handed over to another cell or at regular intervals decided by the system. Every ten to fifteen minutes is typical. Capturing an ESN lies at the heart of cloning. You'll often hear about stolen codes. "Someone stole Major Giuliani's and Commissioner Bratton's codes." The ESN is what is actually being intercepted. A code is something that stands for something else. In this case, the ESN. A hexadecimal number represents the ESN for programming and test purposes. Such a number might look like this: 82 57 2C 01.
The station class mark or SCM tells the cell site and the switch what power level the mobile operates at. The cell site can turn down the power in your phone, lowering it to a level that will do the job while not interfering with the rest of the system. In years past the station class mark also told the switch not to assign older phones to a so called expanded channel, since those phones were not built with the new frequencies the FCC allowed.
The switch process this information along with other data. It first checks for a valid ESN/MIN combination. You don't get access unless your phone number matches up with a correct, valid serial number and MIN. You have to have both unless, perhaps, if you call 911. The local carrier checks its own database first. Each carrier maintains its own records but the database may be almost anywhere. These local databases are updated, supposedly, around the clock by two much larger data bases maintained by Electronic Data Systems and GTE. EDS maintains records for most of the former Bell companies and their new cellular spin offs. GTE maintains records for GTE cellular companies as well as for other companies. Your call will not proceed returned unless everything checks out. These database companies try to supply a current list of bad ESNs as well as information to the network on the tens of thousands cellular users coming on line every day.
A local caller will probably get access if validation is successful. Roamers may not have the same luck if they're in another state or fairly distant from their home system. Even seven miles from San Francisco, depending on the area you are in. (I know this personally.) A roamer's record must be checked from afar. Many carriers still can't agree on the way to exchange their information or how to pay for it. A lot comes down to cost. A distant system may still be dependent on older switches or slower databases that can't provide a quick response. The so called North American Cellular Network attempts to link each participating carrier together with the same intelligent network/system 7 facilities.
Still, that leaves many rural areas out of the loop. A call may be dropped or intercepted rather than allowed access. In addition, the various carriers are always arguing over fees to query each others databases. Fraud is enough of a problem in some areas that many systems will not take a chance in passing a call through. It's really a numbers game. How much is the system actually loosing, compared to how much prevention would cost? Preventive measures may cost millions of dollars to put in place at each MTSO. Still, as the years go along, cooperation among carriers is getting better and the number of easily cloned analog phones in use are declining.