How to find and change the IMEI number

Posted by Alex Zaah filed under Others

Please note, changing your handset’s IMEI number may void warranty or break the law. As far as I know, it’s strictly prohibited to change any phone’s IMEI number in the UK. So always refer to your user manual and local law, you are responsible for any action you take.

Please also note this post is not complete yet, I still need to modify it or add more content. In the meantime, please contact me if you have any comment or findings. I will be more than happy to hear from you regarding this post or others. You can post a comment or send a message to me either on Facebook, or Twitter, or Google Plus which can be found on the about page.

OK, I will begin with two stories. The first one is short but a little complicated. One of my friends owns an Android device, and he likes those little apps very much, especially games and mobile social apps. However his account for one social network (neither FB nor Twitter) got closed the other day for no reason specified. He then got a new account and tried to login. To his surprise, he failed. Then he asked for my account, still no luck on his device. So he called the service person found in the app, no explanation.

We finally managed to figure out that his IMEI number was blocked. The app denies access once it finds a blacklisted IMEI number is trying to sign in. I do not know why and if this is legal since no laws exists regarding acquiring and utilizing IMEI number to deny service. In fact, almost all apps can obtain a mobile device’s IMEI number through Android API, and I find this function ‘TelephonyManager.getDeviceId’ does the job exactly, however always remember to add this code ” to AndroidManifest.xml first if you use it in your own app, which grants it the right. See reference here.

So we changed the IMEI number, and this time it worked like a charm. LOL

Here’s the second story. We used to play with Smartphone OS like Symbian and Windows Mobile. Windows Mobile excels for it’s highly customizable. Then came Android. Every time Google releases an upgrade, we flash the new firmware, and then root it. We remove as many system apps as possible, and change almost everything possible to make it more personalized. Someone get their phone bricked when flashing custom ROMs, and some lose the baseband and IMEI which means no network on the phone and even worse.

OK, another friend owns a Galaxy Nexus and the IMEI number changes to 004999010640000 after he tries to flash official Android 4.02 back. He goes back to 2.3.6 and then tries 4.04; the original IMEI just could not be restored.

Well these two stories are all related to IMEI number. As we all know, IMEI stands for International Mobile Station Equipment Identity. It has various applications as it differentiates one phone from another, it’s just unique. To find your IMEI, simply type *#06#, or go to settings->about phone and phone identity (for Android 4.1.2). Many apps could show your IMEI number as well. The IMEI number is generally stored in EEPROM, short for Electrically Erasable Programmable Read-Only Memory. If it sounds kind of familiar to you, chances are that you know a lot about computer BIOS. Electrically Erasable Programmable means the data store in an EEPROM can be erased or programmed (rewritten), usually with a higher than working voltage. Since I am in the chip industry, I know it all well. We generally use a special equipment to write to the integrated circuit, not computer. So how come someone lose the IMEI number simply by flashing ROMs??

Well it’s not the only case. I know some people have been changing the IMEI number for profits because of shortcomings of the manufacturers’ warranty policy. Usually someone buys a handset with warranty, he or she types *#06# and submits the IMEI number to the manufacturers’ official website, and things seem nice. Then a different IMEI is found when using third-party apps. That is, a phone has two IMEI numbers. Type *#06# you see one IMEI number, and from third-party apps you see another. This is just weird. My guess is that some programs only change the IMEI stored somewhere else, while others change the one in EEPROM or some system files.

Back to the second story. We finally find out that the IMEI number has something to do with two files in the factory folder called nv_data.bin and nv_data.bin.md5. Fortunately the system has those two files backed up for whatever reason. We however decide to try the two files from somebody else on the forum who has the same phone. We find upon rebooting that my friend’s IMEI number changes to the same as that phone whose files we use. So we copy the backup to the factory folder, and not surprisingly the IMEI number restores.

So it seems to me that the IMEI number we change is the one store in the nv_data.bin file, not the one store in EEPROM. In fact, you can change the IMEI stored in this file to any number you wish but it’s a little complicated (if you do not backup then this method sure helps). This is still how we solve the issue in the first story too, we provide another IMEI number to the app and it accepts that, it works flawlessly!

Some, however say that Samsung handset has a code that can restore data stored in EEPROM which helps to find if your handset’s IMEI has been changed, and the code is *2767*3855#. Although this might be possible, I highly doubt it. We do give it a try, and everything is gone. In our case the IMEI remains unchanged, which means either our IMEI number never has been changed or it simply does not work. We do not recommend anyone try it, and always remember to backup if you do wanna see what it can cause on your handset.

But the whole thing proves nothing, we just know this is how the IMEI number is handled in the Samsung Galaxy series, it may not apply to other models from Samsung, not to mention Android devices made by other manufacturers. Neither do I know anything about iPhone, Windows phone, BlackBerry and Symbian…

In theory, we need higher voltage to rewrite the EEPROM to change the IMEI number; I have no idea if apps alone could achieve that. However there are apps out there claiming that they can change the IMEI in EEPROM which I will provide a list later. I do not know for sure since I do not try them. But there are hardware can do that job, which really changes the IMEI thoroughly. For example, Jtag box is one of them, which costs less. If you or your friend ever brick a phone (bootloader’s not working which means no hardware damage), then Jtag is need to fix it. In fact this piece of hardware can be used to change IMEI too.

Why is it important? Well it rests with the people who use it. Generally normal users would not care about IMEI, but those who lose the IMEI number cares. IMEI has certain effect on mobile device, the first story is a case in point, and there’s more. But criminals care the most, because they need to change the IMEI to resell the device they steal, and they always know more than us.

In the meantime, we all know IMEI number is unique to any mobile device, so carriers and police can use IMEI number to block or track stolen mobile devices. Each time a SIM card register itself on mobile operators’ network, the MSC and VLR request the IMEI number from the cell phone. If the IMEI number is blacklisted, the handset will be blocked or tracked. However, if IMEI number is not unique at all, then the criminals can change the IMEI number of any mobile device they steal, and sell them for huge profits.

It’s still unknown how the IMEI number transmitted to the carrier is obtained. If it’s the same thing as typing *#06# on your phone, then the whole situation worsens. But there’s a solution to this problem. The solution is to create two databases, with one containing IMEI and the other IMSI, and each IMEI is linked to an IMSI. An IMEI is valid only it’s linked to the correct IMSI. However I do not know if it’s cost effective since many things need to be done.

At the end, here is the list. I do not try them myself, if you need any of them to restore your IMEI, contact me for details. And again, use any of them with caution.

1. HyperTermina for Android
2. Easy imei changer
3. HD3 imei for windows mobile
4. MML for BlackBerry
5. FLP_IMEI_WriteCode
6. ZiPhone for iPhone
7. aWizard-V1_3 for windows mobile

For Android, there is an app called PDroid which enables you to provide any IMEI number to apps require it (does not change it). But you need to unlock bootloader and root your handset first. This surely is not for beginners. For iOS devices, there is a similar app called UDIDFaker can do the same job. Both apps do not change the IMEI number, but provide a fake IMEI number.

Copyright © 2021 Profone Tracking by Alex Zaah. All Rights Reserved.