This feature allows the user to change the IMEI in different ways. When this feature is enabled, calls and SMS cannot be intercepted, and location cannot be tracked. Also, the target correlation methods of modern GSM-Interceptors that match the IMEI of the phone with the IMSI (SIM card used in this phone) will fail. The Dynamic IMEI feature has four options:
a. Random always: The phone’s IMEI (phone identity) changes randomly after each call or SMS.
b. Random on first request: The phone IMEI is changed when the SIM card is changed and the GSM network requests phone details for registration. In this mode, the phone IMEI will change only once after the device has registered with the network (after restarting the device).
c. User defined: The phone IMEI can be set manually by the user. Please read the user manual before using this feature.
d. Stay original: Phone IMEI remains original on every call and SMS. Also used as IMEI restore function when you have already used the other IMEI change functions.
Dynamic IMEI feature is designed to protect conversations against control and interception by GSM-Interceptor. To intercept your calls, a GSM-Interceptor will capture and use the following phone identifiers:
1. Your phone number (not transmitted over the air but known to the operator).
2. IMSI – unique SIM registration number.
3. IMEI – unique phone registration number, other than the phone number contained in the SIM.
If you change the IMEI and insert a newly purchased SIM (a prepaid one), then all the phone identifiers are different. Therefore, the system operator does not know who to put under surveillance. If you have only changed the SIM or the IMEI, you will get nothing and your calls will continue to be intercepted as if you had not changed anything.
If you change the IMEI and SIM at the same time, you can avoid any GSM-Interception. Since all your phone identifiers have changed (which were previously registered in the target selection list of a GSM-Interceptor), the GSM-Interceptor operator has to make additional efforts to receive and register your new identifiers. In addition, the system operator cannot understand that he has lost control of your phone.
This feature can detect ANY active, semi-active and passive GSM-Interceptors, regardless of type, manufacturer or other technical characteristics. Designed to protect against interception by active and semi-active GSM-Interception devices.
Active interception systems emulate a base station (BTS), forcing phones to connect to the GSM network through this device – a fake base station – rather than through the real base station. Mobile phones cannot distinguish between a fake base station (a GSM-Interceptor) and a real one. All mobile phones choose to register with a cell tower based on its power level. As long as a GSM-Interceptor has the strongest signal in a particular area, all mobile phones in that area will connect to that fake base station cloned by the interceptor. A rogue cell tower (base station) can:
– switch off A5/1 GSM standard encryption.
– lower A5/1 encryption to the weaker A5/2 one.
– not change ciphering (fully passive GSM-Interceptors).
The most common interception systems are those that reduce the encryption level from A5/1 to A5/2, either permanently or for the time needed to calculate a session key (Kc) and an encryption key (Ki) stored in the SIM.
This feature is an advanced detection algorithm based on GSM network variables that detects call interception by new GSM-Interceptors using the latest interception technology, including encryption level and network type downgrading.
During a call, the phone displays an open lock icon. This icon means that your calls and messages are no longer protected by the usual GSM A5/1 encryption and that your calls are being intercepted. All warning icons are displayed together with a sound/message/vibration alert.
The phone displays an open lock icon and alerts you with an audible alert and vibration. The same alert icon is displayed in the event of interception by your GSM service provider.
This includes the following features: Sandbox, Instant Interception Check and C1/C2 Monitoring.
The IMEI engine and other software components have been moved to a separate partition (sandbox) for faster and smoother operation. Suppressed system reboot in case of abnormal network characteristics (i.e. generated by IMSI Catchers/GSM-Interceptors).
This feature will start checking both active and passive interception, step by step allowing the user to immediately check whether the Stealth Phone is connected to a GSM-Interceptor or is affected by SS7 surveillance. After the start, the function begins to check the active and passive monitoring, step by step. When monitoring with active and semi-active GSM-Interceptors, the Stealth Phone checks:
Regarding interception performed by Passive GSM-Interceptors, the phone will check based on real ARFCN:
The phone will ping HLR/VLR core network, computing network redundancy and abnormal ping delays. In the end, will generate a Network Security Rating. 100 % means that the network is 100% secure.
By forcing cell reselection (C2 parameter), active and semi-active GSM-Interceptors force all mobile phones to disconnect from the home network and connect to the rogue BTS that the device is impersonating. This is also called BCCH manipulation and is used by all modern GSM-Interceptors. When this feature is activated, the phone will:
This feature allows the user to switch between Hunting mode (call and SMS interception detection) and Anti Interception mode (no calls and messages can be sent or received while interception is active, regardless of whether GSM-Interceptor or SS7 means are used).
This feature is true GSM location spoofing. The user can choose which cell tower the phone is connected to. In this way, any triangulation technique used for location tracking will produce false results, resulting in a false location.
Most so-called location spoofing applications are internet-based and only spoof GPS data. This creates a false sense of security because the GSM location is revealed every time the target phone is connected to a mobile network. GSM location data (Cell ID, Location Area Code, etc.) is often used by law enforcement agencies to locate mobile phones.
XCrypt is immune to this type of location tracking since connecting to more distant towers will cause false locations to be stored with the providers, leading to false results if analysed.
Caution: The mobile data connection is also provided by the network operator (via cell towers, which are easy to find). If the phone is connected to the internet via a mobile hotspot, the phone can be tracked instantly.
Optimal location spoofing is implemented for ease of use. XCrypt will always connect to the most distant cell tower, whether it is stationary or in motion.
This feature is a military-grade SMS encryption. Please note that you will need at least one pair of XCrypt Stealth Phones to send and receive encrypted messages. Only works with XCrypt to XCrypt devices. Easy to use yet powerful encryption application with no backdoors or security flaws.
XCrypt is protected from forensic investigations by volatile USB filters. No forensic device can extract any data or files from the Stealth Phone. As soon as the Stealth Phone is connected to such a device, a PC or a service box, the volatile USB filters trigger a self-destruction of the motherboard, and the Stealth Phone goes into protected mode (permanent boot loop).
XCrypt Stealth Phone is able to detect any changes made by a GSM-Interceptor to a GSM network in order to register or attract the phone to the fake network (GSM-Interceptor Proximity Alert). The registration of the phone on a new BTS (the fake BTS generated by a GSM-Interceptor) is an automated process and this behaviour is absolutely common in any mobile phone.
