In many countries operators and Internet service providers are today obliged by legal requirements to provide stored traffic data generated from public telecommunications and Internet services for the purpose of detection, investigation and prosecution of crime and criminal offences, including terrorism.
Usually a public official, for instance a judge, is in charge of authorizing investigation on target persons, allowing to activate lawful interception on their communications or to query on data retention databases. The authorization paper is conventionally referred to as a “warrant”, which is provided to lawful enforcement agencies.
According to a received warrant, the lawful enforcement agency (LEA) may set targets of interception and/or query data retention databases.
The target identities for interception may be at least one of the following: International Mobile Subscriber Identity (IMSI), International Mobile Equipment Identity (IMEI), and Mobile Subscriber Integrated Services Digital Network Number (MSISDN).
Each of these codes may univocally identify a user within a network. In particular, IMSI is a numeric code memorized in the SIM card, whose digits identify both the SIM card itself and the mobile network in which the traffic is flowing. IMEI is an alphanumeric code uniquely identifying a mobile phone. MSISDN is the telephone number associated to a SIM card, in a mobile phone.
The standard architecture for Lawful Interception (LI) comprises an Intercepting Control Element (ICE) providing the user equipment of the target user with an access to the telecommunications network. An ICE could be interpreted by a Home Location Register (HLR), which is a central database that contains details of each mobile phone subscriber authorized to use the network. The HLR particularly stores details of every subscriber SIM card issued by a mobile phone operator.
ICEs may also be, among others, a Mobile Services Switching Center (MSC) Server, a Gateway MSC Server (GMSC), a Serving GPRS Support Node (SGSN), or a Gateway GSN (GGSN).
Problems with the existing solutions occur when an intercepted subscriber changes his SIM card and/or his mobile phone with a new one.
In such cases, monitoring activity cannot be pursued anymore because existing systems cannot recognize when a change of IMSI and/or IMEI occurs. This means that a warrant remains set to an old and no more active parameter.
Additionally, nowadays it is quite easy for subscribers to change their SIM cards and/or replacing their mobile equipment with new devices: anytime this situation occurs, there is a change of the IMSI and/or IMEI that negatively affects efficiency and effectiveness of interception activity.