MRC%PANDA@SUMEX-AIM.Stanford.EDU (Mark Crispin) (05/31/87)
The "PIN" on the telephone number is NOT assigned by the Cellular Phone company, but rather is the serial number of the radio you are using. Every radio has a unique serial number, supposedly on a chip that is epoxied onto the radio's PC board. The number is in the format XX-0-XXXX where X represents hex digits. The first XX is the manufacturer's code (e.g. for EF Johnson phones it is 83) and the last XXXX is the manufacturer's serial number for your phone. The PROM which has your cellular phone number, features, etc., is removable, of course. The only "security" thing on this PROM (sometimes called a NAM) is the lock-code for your phone, which of course can be easily read (the main purpose of the lock-code is to keep away randoms who might try to use your phone in your car. When your phone initiates a call it transmits the phone number and the radio serial number. They must match for the call to go through. That is why if you change the radio on your phone you (or your dealer) must call your cellular phone company to tell them about the new radio. The weakness in this system is that a thief could get ahold of a phone without a epoxied serial number (either by building one or by buying one of the cheapos that don't epoxy the serial number chip in it) and then change it. I suspect the easiest instance of fraud is to use an out-of-service-area phone number (e.g. a San Diego phone number in San Francisco) that has roamer privileges. Generally, the companies don't have serial number records for roamers (consider the problems of keeping records of some other company's customers!) and rely upon hot-listing known bad guys. So you pick a fraudulant phone number and serial number pair, and change it periodically when the company finds out it ain't real. This must be what the drug pushers and similar slime are doing. They aren't particularly clever, they're relying upon the deregulation mania of the present US regime to guarantee poor communication between telephone service providers. -------