IMSI (International Mobile Subscriber Identity)
What is IMSI (International Mobile Subscriber Identity)?
IMSI (International Mobile Subscriber Identity)A 15-digit identifier stored on the SIM or eSIM profile that uniquely identifies a subscriber on a cellular network, made of MCC, MNC, and MSIN fields.
The IMSI is the subscriber identity used by GSM, UMTS, LTE, and 5G to look up subscriber records in the operator's HLR/HSS/UDM. In older networks, the IMSI was sometimes sent over the air in cleartext during attach, which enabled IMSI catchers (also called Stingrays) — devices that impersonate a base station to collect IMSIs and even downgrade traffic to weakly encrypted 2G. 5G addresses this by using SUPI/SUCI: the permanent identifier is hidden behind a public-key encryption of the IMSI. Defences against IMSI catchers on mobile devices include strong baseband isolation, monitoring tools like Android's AIMSICD or research apps, disabling 2G when possible, and using end-to-end encrypted apps so the cellular layer carries less sensitive content.
● Examples
- 01
An IMSI catcher near a protest pretends to be a stronger LTE tower and forces phones to downgrade to 2G to collect IMSIs.
- 02
5G SUCI conceals the IMSI by encrypting it with the home network's public key during initial registration.
● Frequently asked questions
What is IMSI (International Mobile Subscriber Identity)?
A 15-digit identifier stored on the SIM or eSIM profile that uniquely identifies a subscriber on a cellular network, made of MCC, MNC, and MSIN fields. It belongs to the Mobile Security category of cybersecurity.
What does IMSI (International Mobile Subscriber Identity) mean?
A 15-digit identifier stored on the SIM or eSIM profile that uniquely identifies a subscriber on a cellular network, made of MCC, MNC, and MSIN fields.
How does IMSI (International Mobile Subscriber Identity) work?
The IMSI is the subscriber identity used by GSM, UMTS, LTE, and 5G to look up subscriber records in the operator's HLR/HSS/UDM. In older networks, the IMSI was sometimes sent over the air in cleartext during attach, which enabled IMSI catchers (also called Stingrays) — devices that impersonate a base station to collect IMSIs and even downgrade traffic to weakly encrypted 2G. 5G addresses this by using SUPI/SUCI: the permanent identifier is hidden behind a public-key encryption of the IMSI. Defences against IMSI catchers on mobile devices include strong baseband isolation, monitoring tools like Android's AIMSICD or research apps, disabling 2G when possible, and using end-to-end encrypted apps so the cellular layer carries less sensitive content.
How do you defend against IMSI (International Mobile Subscriber Identity)?
Defences for IMSI (International Mobile Subscriber Identity) typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for IMSI (International Mobile Subscriber Identity)?
Common alternative names include: IMSI, Subscriber identity.
● Related terms
- mobile-security№ 517
IMEI (International Mobile Equipment Identity)
A 15-digit number that uniquely identifies a mobile device on a cellular network, allocated by the GSMA and used by carriers to block stolen handsets.
- attacks№ 1047
SIM Swapping
A fraud technique in which an attacker tricks or bribes a mobile carrier into transferring a victim's phone number to a SIM the attacker controls.
- mobile-security№ 085
Baseband Attack
An exploit against the cellular modem (baseband processor) of a phone, abusing protocol parsing bugs in 2G, 3G, 4G, or 5G stacks to gain code execution before the application OS sees the traffic.
- mobile-security№ 700
Mobile OTP Interception
Attacks that capture one-time passwords delivered to a phone, undermining SMS- or app-based two-factor authentication.
- attacks№ 651
Man-in-the-Middle Attack
An attack in which an adversary secretly relays or alters communications between two parties who believe they are talking directly to each other.
- mobile-security№ 694
Mobile App Security
The practice of designing, building, and testing iOS and Android applications to protect user data, prevent reverse engineering, and resist runtime tampering.