Almost two decades ago (2003) the first IMSI catcher was patented. But on 4 January 2012, the Court of Appeal of England and Wales held that the patent is invalid for obviousness. This more or less presents the “easiness” with which an IMSI could be obtained from the air. During the years and the evolvement of mobile technologies, the IMSI catchers were always challenged. New frequencies resulted in different operational characteristics, but also modulation technologies like TDD or FDD delivered a fast number of challenges. The majority of IMSI catcher suppliers invested substantially to overcome the challenges, some were faster than others. But eventually, there would be a solution to the challenge to ensure that the law enforcement agencies could continue to benefit from the IMSI catcher capabilities.
One of the more head-breaking parameters within the mobile technological evolution is encryption. Encryption like A5/1 & A5/2 challenged the engineers to find a solution. Some were more covert than others. But in the end, there were multiple solutions like: key deciphering, frequency jamming, and de-authentication. And even retrieving the actual encryption keys from the network enabling the communication to be encrypted as if there is no intervention. This enabled the services to fully utilize the capabilities of the IMSI catchers to collect intelligence.
All efforts are made to find solutions repeatedly for continuous usage of the IMSI catcher because of its relevance and great contribution within its domain.
5G Stand Alone (5GSA) is a game-changer within the IMSI-catching domain. The challenge derives from the enhanced security standards. This demands a wider cooperation, between the tactical operational units and the communication service providers than all previous technological challenges to be able to continue the use of IMSI Catchers. To benefit from the IMSI Catcher capabilities within the 5G SA era, the solution comes down to the following: Collect from the air the obfuscated or temporary identities, like 5G-GUTI, used within the transmission and send it for correlation to the appropriate communication service provider. The communication service provider will correlate the obfuscated or temporary identities and will respond with the SUPI (Subscriber Unique Permanent Identifier).
Since in 5G SA the Permanent Subscriber Identity is obfuscated, we refer to Identity catching.
LIMA 5GSA Identity Lookup – is the solution that facilitates the Identity lookup at the communication service providers. The solution comprises the Identity Request Management component and components for the Identity Query Function (IQF) and Identity Caching Function (ICF).
The Identity Request Management component manages the Identity Requests and is accessible through a user-friendly web interface or directly operated from an Identity Catcher. It also handles the electronic interface to law enforcement. Interface details can be customer-specific and might depend on the legislation in place or depend on the agreed interfaces with the Identity Catcher(s) / Direction Finder(s).