Cell Phone Unlocking Technology

I’m curious as to how cell phones are unlocked by third parties. The manufacturer knows the secret unlocking code, since they made the thing. They then pass this info on to the cell phone company that sells the phone to the end-user. There are many companies that, for a fee, will send you the unlocking code to unlock a GSM cell phone if you provide them with the phone’s make, model, and IMEI (International Mobile Equipment Identity) number. What I find interesting is that they do not provide instant service, as might be expected if the unlocking code was some simple function of the IMEI number. They usually advertise a 24-48 hour turnaround, which suggests that the process is more complicated than running a simple computer program to compute the unlocking code. In general terms, how do they generate the correct unlocking code? It can be done without access to the end-user’s phone, but it may take a while. The only thing that I can think of is that they are doing a brute-force search for the code using a modified cell phone that has been configured with the customer’s IMEI number and connected to a computer. That would also suggest that the unlocking code is validated by a very complex function, embedded in the phone’s hardware or firmware, of the IMEI number.

Some unlock codes can be calculated quite quickly. There are sites that have javascript (or better, downloadable programs) that take the IMEI etc. and produce the code.

But that doesn’t work for some phones. For those, the easiest way is to call a helpful person at the cell provider and get them to provide the code. Almost all of the customer service reps you would call aren’t going to be that helpful of course. But “special business relationships” are made between cell phone unlockers and a few helpful-for-a-price employees. There can be a layer or two of in-between people between the unlocker and the employee. So it all takes time (and money).

Such helpful employees, of course, are also used when someone wants to buy a copy of someone else’s cell phone records.

BTW, giving out the IMEI, etc. to some dubious business on the Internet is a good way to get your phone cloned, and if still active, you’d suddenly start getting thousands of overseas phone calls on your bill.