1 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
BANGLADESH TELECOMMUNICATION REGULATORY COMMISSION
DRAFT DIRECTIVES ON EQUIPMENT IDENTITY REGISTER (EIR) FOR MOBILE
NETWORK OPERATORS IN BANGLADESH
The main objective of these “Directives on Equipment Identity Register (EIR) for Mobile
Network Operators in Bangladesh” is to ensure the obligations set forth in the relevant
cellular mobile phone regulatory and licensing guidelines (2G/3G/4G) for the Mobile
Network Operators to deploy EIR. In Bangladesh, it has posed severe security challenges in
regard to device operability, illegal importation, theft, organized crimes, health hazard,
availability of fake and non-genuine mobile phone handsets, revenue losses etc. To address all
such challenges, there should be some regulatory and preventing mechanism. The Equipment
Identity Register (EIR) would be a database of all IMEI numbers consists of several types of
lists (e.g. black, white, grey etc.) of mobile phone handsets. Moreover, these Directives will
ensure effective actions in order to combat the illegal importation, supply and use of
counterfeit/non-standard/unauthorized mobile handsets by implementing EIRs at the MNOs
network.
BTRC would like to seek views from the industry and consumers on any issues related to
these Directives. In other words, it is preferred that the clause in relation to which a specific
point/opinion is being expressed is clearly mentioned in the e-mail.
While expressing your views/opinion in the feedback e-mail please mention in the subject
field of the e-mail in the following way:
Subject: Response to the Public Consultation on Draft “Directives on Equipment Identity
Register (EIR) for Mobile Network Operators in Bangladesh”
E-mail Addresses for Feedback
Last Date for Submission of Opinion/Feedback
20 January, 2019
2 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
REF. NO.: 14.32.0000.500. DATE: 10-01-2019
DIRECTIVES ON EQUIPMENT IDENTITY REGISTER (EIR) FOR MOBILE NETWORK
OPERATORS IN BANGLADESH
BANGLADESH TELECOMMUNICATION REGULATORY COMMISSION (BTRC)
IEB BHABAN (5, 6 & 7 FLOOR), RAMNA, DHAKA-1000
3 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
CONTENTS
1. INTRODUCTION ....................................................................................................................................... 4
2. OBJECTIVES .............................................................................................................................................. 4
3. SCOPE ......................................................................................................................................................... 4
4. ABBREVIATIONS ...................................................................................................................................... 5
5. DEFINITIONS ............................................................................................................................................. 5
6. REGULATORY OBLIGATIONS ............................................................................................................... 8
7. GENERAL REQUIREMENTS FOR NETWORK ACCESS ..................................................................... 8
8. SALIENT FEATURES ................................................................................................................................ 9
9. OPERATIONAL PROCESS ..................................................................................................................... 11
10. MANUAL/WEB REGISTRATION .......................................................................................................... 17
11. DEVICE DE-REGISTRATION ................................................................................................................ 18
12. DEVICE LOST/ STOLEN ......................................................................................................................... 19
13. DUPLICATE IMEI IDENTIFICATION .................................................................................................. 20
14. DEVICE WITH MULTIPLE IMEI .......................................................................................................... 21
15. FOREIGN ROAMING DEVICE .............................................................................................................. 21
16. IMPLEMENTATION STEPS ................................................................................................................... 22
17. MISCELLANEOUS .................................................................................................................................. 22
ANNEXURE-1 .................................................................................................................................................... 24
4 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
1. INTRODUCTION
1.1 The advancements and availability of all mobile handset devices e.g. basic-phone, smart-
phone, tablet etc. have been proliferated significantly. In Bangladesh, it has posed severe
security challenges in regard to device operability, illegal importation, theft, organized
crimes, health hazard, availability of fake and non-genuine mobile phone handsets,
revenue losses etc. To address all such challenges, there should be some regulatory and
preventing mechanism. The Equipment Identity Register (EIR) is a database (DB) of all
IMEI numbers consists of several types of lists (e.g. black, white, grey etc.) of mobile
phone handsets.
1.2 The Commission encourages the efficient development of a telecommunication system
that enhances and strengthens the social and economic welfare of Bangladesh. The
Commission protects the social and economic interests of the consumers, responses to
their needs, and controls existing and probable oppressive or discriminatory conduct or
activities in the telecommunication sector.
1.3 To ensure the obligations set forth in the relevant cellular mobile phone regulatory and
licensing guidelines for the Mobile Network Operators (MNO) to deploy EIR module to
determine whether mobile terminals (e.g. mobile phones, Tabs, laptop, data cards, etc.)
registered with them are genuine, authorized and not defective. EIR module would allow
the operators to control access to mobile networks and to prevent the use of stolen,
fraudulent and cloned devices on the network. This applies to all 2G, 3G and 4G/LTE
voice and data networks.
2. OBJECTIVES
2.1 The objective of this document is to describe and define the rules/instructions, procedure
and processes with a view to formulate operational and regulatory framework for the
successful implementation of Equipment Identity Register (EIR) system in the mobile
phone operator’s network.
2.2 The objective of EIR systems is to describe and define the processes of mobile device
registration & access control using MNOs network and communication between EIR &
NEIR. The handset users will have to register their handset into the system. Any handset
which is not registered will not be working and thus illegal activities in handset market
will be suppressed significantly.
3. SCOPE
3.1 To clarify the mobile device registration process and its associated process flow including
different verification, validation and technical aspects.
3.2 The directives will help to ensure effective actions preventing the illegal importation,
supply and use of counterfeit/non-standard/unauthorized mobile handsets.
3.3 These directives will enhance the knowledge of the various stakeholders related to the
implementation of EIR.
3.4 To clarify registration of mobile devices with IMEI number and its associated process
flow including different verification, validation and technical aspects while integrating
with different stake-holders/databases of the industry.
3.5 The EIR systems in conjunction with NEIR system will have the ability to control the
network access of any SIM based mobile device. Hence any and all devices using SIMs
will fall under the scope.
5 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
3.6 This document will illustrate end to end picture of the EIR services involving MNOs,
LEAs, Customs, mobile device importers/manufacturers, users etc. and with a set of
databases e.g. NOC Automation and IMEI Database (NAID), Central Biometric
Verification Monitoring Platform (CBVMP) DB, GSMA DB etc.
Figure 1: NEIR system (Integrations of EIR, databases and stakeholders)
4. ABBREVIATIONS
The abbreviations of the terms used in this directive are annexed herewith as ANNEXURE-1.
5. DEFINITIONS
Unless the context otherwise requires, the different terms and expression used in the
instruction shall have the following meaning assigned to them.
5.1 “Act” means the Bangladesh Telecommunication Act, 2001 (Act No. XVIII of 2001).
5.2 “Commission” means the Bangladesh Telecommunication Regulatory Commission
established under the Bangladesh Telecommunication Act 2001.
5.3 “Customer” means any person who uses the services or purchases the products of a
particular licensee or vendor, without necessarily being a subscriber to that licensee or vendor;
5.4 “License” means an license issued or deemed to have been issued by the Commission
under the Act for establishing or operating a telecommunication system or for providing
telecommunication service or for operating or maintaining such system or service or for using a
6 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
radio apparatus.
5.5 “Licensee” means the person/ organization to whom/ which the Commission has issued a
License.
5.6 “Operator” means an organization or a person licensed for establishing or operating a
telecommunication system or providing telecommunication service or operating a system which
is the combination or more than one of those facilities.
5.7 “Regulation” means, regulations made or will be made in the future by the Commission
under the Act.
5.8 “Subscriber” means any person who purchases a communications service or agrees to
receive and pay for the service from a licensee through a subscriber service agreement;
5.9 “Telecommunication” means transmission and reception of any speech, sound, sign,
signal, writing, visual image and any other intellectual expression by the way of using electricity
or electro-magnetic or electro-chemical or electro-mechanical energy through cable, radio,
optical fiber or other electro-magnetic or electro-chemical or electro- mechanical or satellite
communication system.
5.10 “Telecommunication Service” means any services provided under the Act.
5.11 “Telecommunication System” means a combination of the telecommunication apparatus
(e.g. switching system, transmission apparatus, terminal apparatus, satellite etc.) whether or not
these equipments are visibly connected with one another, or whether or not they are combined in
using the transmission or reception of any information or message.
5.12 “Vendor” means a person who carries out the business of selling, reselling or distributing
ICT terminal equipment used for the provision of licensed services.
5.13 “EIR” means Equipment Identity Register. It is a database (DB) of all IMEI numbers
consists of several types of lists (e.g. black, white, grey etc.) of mobile phone handsets.
5.14 “IMEI” means International Mobile Equipment Identity. It is a 15- or 17-digit code that
uniquely identifies mobile phone sets. In most mobile communications devices, the IMEI
appears on the display when the user enters the character sequence *#06# into the keypad. The
IMEI code may also be printed inside the battery compartment. When a phone set is lost or
stolen, the owner can call the EIR/CEIR (Central Equipment Identity Register) and blacklist the
device according to its IMEI number. After that action, the set will in most cases become useless,
even if someone swaps out the unit's SIM card. The IMEI code can enable a GSM (Global
System for Mobile communication) or UMTS (Universal Mobile Telecommunications Service)
network to prevent a misplaced or stolen phone from initiating calls. Immediately after
purchasing a mobile communications device, the owner should record the IMEI code in a secure
place so that it can be quickly accessed in the event of loss or theft.
5.15 “IMSI” means International mobile subscriber identity. It is a unique number, usually 15
digits, associated with Global System for Mobile Communications (GSM) and Universal Mobile
Telecommunications System (UMTS) network mobile phone users. This number has 2 parts. The
initial part is comprised of 6 digits in the North American standard and 5 digits in the European
standard. It identifies the network operator in a specific country with whom the subscriber holds
an account. The second part is allocated by the network operator to uniquely identify the
subscriber. The IMSI is stored in the subscriber identity module inside the phone and is sent by
7 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
the phone to the appropriate network. The IMSI is used to acquire the details of the mobile in the
home location register (HLR) or the visitor location register (VLR).
5.16 “MSISDN” means Mobile Station International Subscriber Directory Number. MSISDN
is a number used to identify a mobile phone number internationally. MSISDN is defined by the
E.164 numbering plan. This number includes a country code and a National Destination Code
which identifies the subscriber's operator.
5.17 “CBVMP” means Central Biometric Verification Monitoring Platform. It is a server
setup to look upon the Biometric SIM verification documents of all mobile network operators in
Bangladesh. The System comprises the modules of Master Settings & Configuration, Security
and Exception Handling, NID Verification; Passport Verification, Queue Management, Report
Module.
5.18 “NEIR” means National Equipment Identity Register. The system solution would be like
a centralized database registry of all mobile devices (IMEI), which keeps information about all
the mobile devices registered within the country using all MNO`s EIR. The information about
the un-registered devices can also be detected by the operator’s network. The advantage in
having the NEIR is that it will empower each network operator to restrict or prevent the
operation of any given mobile handset throughout all MNO`s network that are linked to NEIR.
5.19 “White list” is the list that comprises the IMEI ranges of all the mobile stations that have
been imported legally, registered in the BTRC’s NAID and the devices are legitimate to be used.
5.20 “Grey list” is the list in which any suspected mobile device appears and those will be
allowed to function but will trigger an alert to the network operator.
5.21 “Black list” is such a list in which mobile devices that are lost or stolen can be listed
which will prevent them from functioning on the home network or other global networks.
Devices may be Blacklisted for one or more following reasons:
IMEI is reported as stolen or lost locally.
IMEI is reported as stolen or lost according to GSMA.
IMEI is invalid and has expired some grace period i.e. it is no longer in the
notification list.
IMEI is duplicate and expired specific grace period i.e. it is no longer in the
notification list.
Mobile device purchased on Equated Monthly Installment (EMI) and defaulter to
pay back.
5.22 “Notification list” is a list that is used to indicate devices with certain issues. IMEIs may
be present on a notification list for one or more reasons including but not limited to the
following:
IMEI has not passed the BTRC’s type approval process.
IMEI has not been reported on the import list in the NAID.
IMEI is not valid because it is not assigned by GSMA.
IMEI is duplicated.
IMEIs on a notification list are provided along with the subscription with which they were
observed. This allows the operator to contact the user of the device in order to resolve the issue.
8 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
Separate notification lists would be provided for each operator consisting of only pairings
involving their respective subscribers. Upon receipt of a notification list, the MNO
5.23 “OEM” means Original Equipment Manufacturer (OEM) are manufacturing companies
that design, manufacture, and sell market products (mobile phones) under their own brand name.
6. REGULATORY OBLIGATIONS
6.1 As per Regulatory and Licensing Guidelines for establishing, operating and maintaining 2G
and 3G Cellular Mobile Phone Services, MNOs are responsible to implement IMEI
barring and EIR system in the network of the MNOs. More so, in the 4G/LTE Cellular
Mobile Phone Services Operator License, states as below:
“31.03 The Licensee shall ensure to implement Equipment Identity Register
(EIR) or related module in the network or as directed by the Commission. The
Licensee shall also ensure that the duplication of IMEI is not allowed in its
network.”
6.2 The MNOs shall design, develop, build, install, operate and maintain their respective EIR
system which shall include all the features provided by BTRC. It is to be mentioned that
all MNOs should develop their respective EIR having a common design and architecture
which will be coordinated by AMTOB.
6.3 Once NEIR is established then MNOs will migrate all related data from their respective
EIR to the NEIR and maintain real time synchronization. Thereafter, all activities (e.g.
registration/de-registration, white/grey/black listing, IMEI blocking etc.) will be
controlled centrally from NEIR. However, basing on the instruction from BTRC, MNOs
EIR can also be used for the interest of Government, LEAs, Customs, device users etc.
7. GENERAL REQUIREMENTS FOR NETWORK ACCESS
7.1 Device will be registered in NAID with IMEI/s, Serial Number, Type approval (brand,
model number, various attributes) etc. by the importers, manufacturers and/or individual
users according to the directives of BTRC.
7.2 SIM has to be registered in CBVMP DB with MSISDN, NID, IMSI etc. according to
SIM Biometric verification directives.
7.3 Devices will only work with SIMs when both device & SIM ownership i.e. NID matches
and they are locked/bound to each other. Essentially it is the binding of IMEI &
MSISDN.
7.4 The binding/locking will take place prior to network access and combined data (IMEI +
MSISDN) will be in EIR DB. Only exception would be corporate SIMs.
7.5 Corporate SIMs, where multiple SIMs are registered with a single NID, will not bind
with any device. Corporate SIM will only get network access when it is paired with
already registered device.
7.6 Device registration can be done automatically with an individually registered SIM or
through Customer Care Center of MNOs with required ownership information and NID.
7.7 EIR should be able to block IMEIs that are reported lost or stolen with BTRC`s prior
approval.
7.8 EIR should be able to determine valid devices that is not a mobile phone that uses a SIM,
as example Vehicle tracking, Digital utility meters, Modems etc.
9 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
7.9 User should have the ability to register or deregister his/her mobile device without a SIM
but with proper Identification.
7.10 NID or Passport can be used as identification validation of the device owner. If a SIM is
registered with a NID then the device has to be registered with NID.
8. SALIENT FEATURES
8.1 EIR DB will be connecting with multiple databases as shown in Figure-2. The process is
illustrated below:
a) Once a mobile phone is connected in the network, the EIR will receive all relevant
information e.g. IMSI, IMEI, MSISDN etc.
b) EIR DB will verify the corresponding MSISDN, IMSI with the help of the CBVMP DB.
c) Once a new handset will be activated in the network, the IMEI number will be checked
through the NAID of BTRC whether the mobile device imported illegally or it is entered
into the country through some legal channels or it is manufactured locally in the country.
d) For verification of IMEI number, EIR DB needs to be connected with Global IMEI DB.
Figure 2: Diagram of the functional elements for EIR operations
8.2 Following are, but not limited to, the functional requirements for the EIR operations:
8.2.1 Database of IMEI:
Each of the EIRs shall have the capability to maintain the database of IMEIs of all the
devices registered in the network.
8.2.2 IMEI Verification:
Respective EIRs of the MNOs shall be able to:
a) Check IMEI format to verify valid format and range
10 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
b) Check duplicates IMEI
c) Identify IMEIs which are null or all zero
d) Check and find the list of all corresponding IMEIs belonging to a same device etc.
8.2.3 Device Information:
EIR shall contain following information, but not limited to, for devices registered with
respective mobile networks:
a) IMEI number.
b) MSISDN.
c) IMSI number.
d) Handset model, brand and other technical features/attributes of mobile
handset.
e) List of supported frequency band.
f) NID number associated with MSISDN.
8.2.4 List Management:
Sample lists might be as given below:
a) VIP List: Exceptional; Devices to be included in this list would be upon the special
instructions from governmental authority. In such cases EIR would allow the
bypassing of filtering mechanism for specific subscribers (MSISDN list or IMSI
range).
b) White List: Mobile devices imported through the legal channel and registered in the
BTRC’s NAID.
c) Grey List: Mobile devices under this list would be allowed to connect to the network
with certain conditions for a definite period of time.
d) Black List: Mobile devices which are truly reported as stolen, lost or have some
specific reason not to be attach to the network.
e) Customized List (IMEI-IMSI paired): Mobile devices which are cloned, non-type
approved, fake, illegally imported etc. but already exists in the present network. All
such kind of handsets would be allowed to be paired-up with a limited number of
MSISDNs. Concerned operators will notify their subscribers by SMS/IVR about the
status of handsets listed as Grey in the EIR system.
f) Global Black List: Once NEIR is established it will maintain a list of devices that are
black listed in GSMA database. EIR will be responsible to maintain real time
synchronization of this list and block devices that are included in this list. This list
would be updated with the help of the GSMA.
8.2.5 Module for Device Repository:
Once NEIR is established then NAID will have a DB that will include all handset models
that have been type approved from BTRC. NAID will collect related information
gradually from different manufacturers of mobile handset worldwide with attributes per
device such as TAC, device name, device image, device supported frequency bands etc.
MNOs will provide necessary device information that is used in their network.
8.2.6 NEIR Integration:
All the MNOs shall keep necessary provisions in their EIR systems in order to integrate
with the central NEIR system installed at BTRC. In this regard, following provisions are
required for central NEIR
a) Records sending /or receiving modules to/or from NEIR
b) EIRs should have API exposed for integration.
c) Auto synchronization and update (Real time) EIR DB according to NEIR DB.
11 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
d) Once the NEIR system comes in operation, final approval will be given by the
NEIR system in terms of device blocking, registration, deregistration etc.
e) Various reports/data will be exchanged between the MNO’s EIR and NEIR DB.
f) Any necessary modules/APIs to be incorporated as per the decision given by
BTRC.
h) Other specifications related to integration will be given by BTRC from time to
time.
8.2.7 Stolen Device Tracking Module:
When a phone is reported stolen, the EIR system can mark the IMEI number invalid, thus
prompting remote action immediately e.g. blacklisting the device, tracking the device
bearer, blocking the device and so on as required.
8.2.8 Record keeping of the usage of mobile device:
In case of device lost or stolen cases, the EIR can keep records of user history for that
particular device, records concerning previous and after the device reported as stolen or
lost. The EIR system can mark the IMEI number invalid, thus prompting remote action
immediately e.g. blacklisting the device, tracking the device bearer, blocking the device
and so on as required.
8.2.9 Device blocking & unblocking:
EIR shall be able to block services to subscribers with registered devices with invalid or
blacklisted IMEIs, also it will have the ability to unblock services when necessary.
9. OPERATIONAL PROCESS
9.1 DEVICE & SIM CASES
The devices & SIMs seeking network access eligibility from EIR can be of various types
and be in various states. All possible cases for SIM & Device are given below:
SIM Cases
A. Unregistered Unbound SIM (Ur_Ub_S): SIM is not registered in CBVMP with a
NID. Since it was not registered it cannot be bound with any device.
B. Individually Registered Unbound SIM (IR_Ub_S): SIM is registered in CBVMP
with a NID, which is not a Corporate SIM and not bound with any device.
C. Individual Registered Bound SIM (IR_B_S): SIM is registered in CBVMP with a
NID, which is not a Corporate SIM and bound with one or more device. It can be
the device it is currently in or any other device that may belong to same NID.
D. Corporate Registered Never-bound SIM (CR_Nb_S): Here the SIM is registered
in CBVMP as a corporate SIM, where a single NID is listed for multiple SIMs.
Also corporate SIMs should be allowed in personal devices which can be bound
with individually registered SIM. As such devices should not be allowed to
register or bind with a corporate SIM. Thus it is suggested that device binding &
registration only be possible with a SIM that is not a corporate SIM.
Device Cases
a) Unregistered Unbound Device (Ur_Ub_D): Device IMEI is neither
registered in EIR nor bound with a SIM.
b) Registered Unbound Device (R_Ub_D): Device IMEI is registered in EIR
but not bound with any SIM.
c) Registered Bound Device (R_B_D): Device IMEI is registered in EIR and
bound with SIM/s, where their NIDs match.
12 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
9.2 AUTOMATIC REGISTRATION AND ACCESS CONTROL
The combination of Device & SIM cases result into a total of Twelve (12) different states
of IMEI + MSISDN duplet that could possibly seek network access. The overall general
process & state wise processes of registration and access control are as follows.
9.2.1 Over All General Process
(a) Device & SIM will request network access with IMEI, MSISDN and other
device attributes.
(b) EIR will check in NAID, if the device (IMEI) is a valid device type other than
mobile phone. E.g. Vehicle tracking, Digital utility meters, Modems etc. EIR
will allow this network access. Then,
(c) EIR will check if the (IMEI + MSISDN) duplet already exists in its database.
If it does it will get network access. If not then,
(d) EIR will check if SIM is registered with a NID i.e. exists in CBVMP, if exists
then,
(e) EIR will check if the device is valid exists in the NAID, also not blacklisted in
Global IMEI DB etc. If valid then,
(f) If the device was not registered prior to requesting network access then EIR
will bind the device to the MSISDN and auto register the device with the NID
of the SIM. Or,
(g) If the device was already registered then EIR will check if the NID of device
& SIM matches, if they match and they are not already bound to each other, it
will bind them to each other and grant network access. Only exception would
be Corporate SIMs.
(h) User will be prompted for authorization before locking the device to SIM. For
this purpose last 4 digits of MSISDN will be asked through USSD for
ownership confirmation.
(i) For one particular device, IMEI 1, IMEI 2, IMEI 3, IMEI 4 etc. can be
associated with a single NID for a single owner.
9.2.2 State Wise Process Flow
When device with SIM requests for network access the validation process will go
through different checks and verification steps for different state. Each state’s
access control and ‘Device+SIM’ binding process flow is given in details below,
separated by SIM cases:
A. Unregistered Unbound SIM (Ur_Ub_S) can be combined with 3 different
cases of devices:
(i) Unregistered Unbound SIM (Ur_Ub_S) + Unregistered Unbound Device
(Ur_Ub_D)
(ii) Unregistered Unbound SIM (Ur_Ub_S) + Registered Unbound Device
(R_Ub_D)
(iii)Unregistered Unbound SIM (Ur_Ub_S) + Registered Bound Device
(R_Ub_D)
EIR will first check if the duplet (IMEI + MSISDN) already exists in its DB. For
‘unregistered unbound SIM’ the duplet will not exist. Since the SIM is not
properly acquired meaning it is not registered with a NID it will not exist in the
CBVMP DB. Hence device case will not matter. It will not get network access.
Illustration of process flow is given below:
13 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
Figure 3: Ur_Ub_S
B. Individually Registered Unbound SIM (IR_Ub_S), here the SIM is
properly acquired and it is registered with a NID in CBVMP, which is not
a Corporate SIM and not bound with any device. Combining IR_Ub_S
with three device cases results into the following states
(i) Individually Registered Unbound SIM (IR_Ub_S) + Unregistered
Unbound Device (Ur_Ub_D)
In this case device is not registered with a NID and not bound with a SIM
but SIM is registered against an NID. So, EIR system will not find any
Device + SIM duplet. As the SIM is valid, the system will proceed to the
device verification procedure. If the device is proved to be a legal and
properly authorized handset then the system will initiate device
registration process. The device will get registered with that particular
SIM’s NID and bound/locked with the SIM.
(ii) Individually Registered Unbound SIM (IR_Ub_S) + Registered Unbound
Device (R_Ub_D)
Where device is registered with an NID and not bound with a SIM. EIR
will check if the NIDs of Device & SIM matches, if they match it will
bind/lock them to each other. If the NIDs do not match it will deny
network access.
(iii) Individually Registered Unbound SIM (IR_Ub_S) + Registered Bound
Device (R_B_D)
Where device is registered with a NID and may or may not be bound with
another SIM (one or more). If the device is in white or grey list of EIR it
will skip checking other device validities and go straight to checking of
NID of the device and the SIM. If they match, it will bind/lock them to
each other and If NIDs do not match it will deny network access.
14 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
Figure 4: IR_Ub_S (1)
15 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
C. Individually Registered Bound SIM (IR_B_S), here the SIM is properly acquired
and it is registered with a NID in CBVMP, which is not a Corporate SIM and
bound with one or more devices. Combining IR_B_S with three device cases
results into the following states:
(i) Individually Registered Bound SIM (IR_B_S) + Unregistered Unbound
Device (Ur_Ub_D)
The device is not registered with a NID and not bound with a SIM. So, no
Device + SIM pair will be available. Then after proper device checking it
will get automatically registered with SIM’s NID and bound/locked with
the SIM.
(ii) Individually Registered Bound SIM (IR_B_S) + Registered Unbound
Device (R_Ub_D)
The device is already registered with a previously used SIM and not bound
with the new SIM. After device verification EIR will check if the NIDs of
Device & SIM matches, if they match it will bind/lock them to each other.
If the NIDs do not match it will deny network access.
(iii) Individually Registered Bound SIM (IR_B_S) + Registered Bound
Device (R_B_D)
The device is registered with an NID and bound with another SIM (one or
more). If the device is in white of grey list of EIR it will skip checking
other device validities and go straight to checking NID match. If the NIDs
of Device & SIM matches, if they match it will bind/lock them to each
other. If NIDs do not match it will deny network access.
16 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
Figure 5: IR_Ub_S (2)
17 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
D. Corporate Registered Never-bound SIM (CR_Nb_S): As explained, the
corporate SIMs should not be locked with any device. It will only work on a
pre-existing registered device. Hence it will only work for ii & iii.
(i) Corporate Registered Never-bound SIM (CR_Ub_S) + Unregistered
Unbound Device (Ur_Ub_D)
(ii) Corporate Registered Never-bound SIM (CR_Ub_S) + Registered
Unbound Device (R_Ub_D)
(iii) Corporate Registered Never-bound SIM (CR_Ub_S) + Registered Bound
Device (R_B_D)
After SIM verification from CBVMP the system will check if the device is
listed in VL, WL or GL. If it exists in any of them lists it will get network
access. Process flow is provided below:
Device with SIM requests network access
Request will be placed in EIR Systemwith necessary data i.e. MSISDN+IMSI
(SIM) & IMEI (Device)
Is the device listed in WL or GL in EIR/NEIR?
Is the device listed in VL in NEIR DB
Network access allowed, SIM pairing with device not required.
Is the device listed in BL in EIR/NEIR DB
Network access NOT allowed
YES
YES
NO
YES
NO
Check (IMEI + MSISDN + IMSI + NID)
Combo Exists
Check (MSISDN + IMSI + NID)
Combo Exists i.e. SIM Validity
Check IMEI Validity
VL –�VIP ListWL –�White ListBL –�Black ListGL –�Grey List
EIR System checks & finds that the IMEI + MSISDN + IMSI + NID Combo
does not exist
System pulls data from CBVMP and Detects registered Corporate SIM
Network access allowed, SIM pairing with device not required.
Figure 6: CR_Nb_S
10. MANUAL/WEB REGISTRATION
10.1 User can register their device without a SIM at a Customer Care Center of MNO
with their NID and provide purchase/necessary document.
10.2 EIR system will check EC’s NID DB through CBVMP for verification of the
information.
18 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
10.3 For the device to work the NID of the SIM has to match the NID of the device. For
corporate SIMs it will get network access without NID match.
10.4 If the user intends to use more than one MNO SIM then the user has to register the
device in each MNO EIR separately.
10.5 When BTRC will implement NEIR, any person bringing handset personally or
receiving handset as gifts from abroad should be able to register at any of the MNO
Customer Care, Helpdesk showing purchase/necessary original documents. NEIR will
register the device in its DB and all the other MNOs will be able to check NEIR for
device registration status.
11. DEVICE DE-REGISTRATION
11.1 User can de-register their device at Customer Care Center of MNO with their
NID.
11.2 As example, if user wants to sell his/her device, then they would want to unbind
the device IMEI from their NID. Also the new user should be able to register the device
in his/hers name. Basically de-registration is unbinding the IMEI from MSISDN.
11.3 If the device is listed in any BL they will remain there. Otherwise after
deregistration IMEI number will be removed from all other lists in EIR DB and added
to archives.
11.4 All the SIMs of that specific MNO bound/locked to device will automatically
unbound.
11.5 Ownership authentication in the form of biometric verification will be required
for authorization prior to deregistration.
11.6 If device is not blacklisted it will be ready for registration.
11.7 If the user has more than one MNO SIM bound to the device, then the user has to
deregister the device from EIRs of all the MNOs separately.
11.8 When BTRC implements NEIR user should be able to de-register at any of the MNO
Customer Care and NEIR will de-register the device from all the other MNOs if applicable.
19 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
System removes IMEI from all Lists except BL. EIR DB is updated
All SIM bound/locked to device gets automatically unbound by removing
the IMEI
Completion of Deregistration
Is the device in EIR BL?
EIR System removes IMEI from all Lists.
NO
YES
YES
NO
System prompts Biometric verification
System checks if the IMEI exists in EIR DB
Deregistration Fail
EIR checks if the Biometric verification
match the device NIDDeregistration Fail
YES
NO
User request for device deregistration at Operator�s designated outlet.
Figure 7: De-Registration
12. DEVICE LOST/ STOLEN
12.1 If a device is lost or stolen the user will have to go to Customer Care Center of
MNO of the SIM with their NID make a complaint and block the stolen device.
12.2 User has to provide the MSISDN/ IMEI and NID and biometric verification.
12.3 After EIR verifies the information the device will be deregistered and added to EIR
Black List (BL) thus blocked from network access for that particular operator.
12.4 User will need to block the other operator’s network access in similar manner to
completely disable the device.
12.5 When BTRC implements NEIR user should be able to report at any of the MNO
Customer Care, Helpdesk and NEIR will de-register the device from all the other MNOs
if applicable and add it to NEIR BL.
20 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
YES
NO
YES
User reports Device Lost/Stolen at Operator�s designated outlet.
User reports device lost or stolen with IMEI or NID
System prompt the user for Biometric verication
System checks if the IMEI or any device
registered under that NID exists in EIR db
Deregistration Fail
EIR checks if the Biometric verification
match the device NID
NODeregistration Fail
EIR Deregisters the device and adds the IMEI to Black List
Figure 8: Device Lost/Stolen
13. DUPLICATE IMEI IDENTIFICATION
13.1 EIR system will detect whenever a device with duplicate IMEI requests for
network access with a registered SIM.
13.2 If the device is not listed in the BL and VL in the EIR DB then the system will
check if it is listed in WL or GL of EIR DB.
13.3 If the IMEI is found then it will check if the device attributes and type approval
match with the listed one.
13.4 If the device attributes match that means that it is the same device and it is already
registered.
13.5 But if the attributes do not match it means there is at least one or more devices in
the EIR DB listed under the same IMEI number. Then the system will assign an
additional copy ID to the new IMEI number then forward to the regular registration
process with a personal SIM.
13.6 The Device will be listed the GL with a specific grace period, after which the
device will be added in the BL.
13.7 User will be notified about duplicate IMEI and the grace period.
Device with SIM requests network access
Does the device attributes/ type approval match?
System detects IMEI in WL or GL of EIR DB?
Is the SIM is a Corporate/Group SIM
YES
Assign an additional copy ID with IMEI
Forward to registration processwith personal SIM
NO
Figure 9: Duplicate IMEI
21 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
14. DEVICE WITH MULTIPLE IMEI
14.1 All the legally imported devices will be listed in NAID. BTRC has the authority
to update this database.
14.2 In case of a device with multiple IMEI numbers (Dual SIM etc.) authority will make
sure that all the IMEI numbers of a same device will be tagged together with its Serial
Number in order to identify the device properly.
14.3 When system detects a ‘multiple IMEI device’ from NAID it will forward to the
registration process pulling all the IMEI numbers and bind with that one particular NID.
14.4 All the IMEIs of Device will be added in the WL of the EIR DB, bound to the
MSISDN of that one SIM.
Device with SIM requests network access
Is the device Identified as multiple IMEI device
by NOC DB?
Pull all the IMEI and bind with that SIM NID
Forward to registration process
Forward to registration process
YES
NO
Both IMEI will be listed in the WL of the EIR DB
Figure 10: Multiple IMEI
15. FOREIGN ROAMING DEVICE
15.1 Foreign individuals should be able to access the network with their device that is
not listed in BTRC’s NAID.
15.2 If the device is using a foreign SIM and in roaming state then EIR will give it
access to network.
15.3 If the foreigner acquires a local MNO SIM with their Passport & Visa and the
SIM is registered in CBVMP with their passport number then they should be able
to register their device.
15.4 Foreigners should be able to register their device in MNO EIR with passport
number at MNO’s customer care center without acquiring a SIM.
15.5 EIR will make necessary checks in the Black List. Once NEIR is implemented, it
will also check Global IMEI blacklist provided by NEIR for device validity.
15.6 When device is seeking network access,
22 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
(a) EIR will check if the device is already registered and the passport number of
the SIM and device match, if it does it will bind them and list it in the GL with
validity up to visa expiration.
(b) If the device is valid but not registered in EIR then EIR will register the
device with the passport number of the SIM, bind Device to SIM and list it in
GL with validity up to visa expiration.
16. IMPLEMENTATION STEPS
16.1 Initial Implementation
A. Initially MNO will allow all the devices in its network and add them in the
Grey List. The devices will be registered to the SIMs they are currently using.
The EIR will allow users to register their all current devices even with
faulty/duplicate/NULL IMEI for a specific period of time.
B. All IMEIs including null, clone etc. will be included in the Grey List and they
will be assigned a grace period. Duplicate, NULL, Cloned etc. IMEIS will be
bound with currently using MSISDN number and users will be notified that
they can only use the current device till the grace period.
C. EIR will gradually populate the White List with valid IMEI and MSISDN.
D. The duration of the grace period will be decided by BTRC.
16.2 Full Enforcement
A. After the end of the grace period only valid IMEI & SIM will be allowed in the
network.
B. All null, clone or invalid IMEIs will not be allowed.
16.3 MNOs shall have to deploy and implement their EIR system within 2 months of
issuance of this directive.
17. MISCELLANEOUS
17.1 The directive shall be read in conjunction with the Bangladesh
Telecommunication Regulatory Act-2001 (amended), any subsequent legislation and
prevent laws or sector policies framed by the Government and other rules, regulations,
decrees, orders, decisions, guidelines and directives issued by the Government or the
Commission from time to time.
17.2 These directives may be withdrawn, revised, updated or amended from time to
time taking into consideration various factors including but not limited to national
security and Court orders.
17.3 These directives shall come into effect from the date of issuance by BTRC.
17.4 The Commission may impose appropriate legal action for the violation of any of
the provisions of these directives.
17.5 MNOs shall not disclose the contents of any data, except to the extent permitted
by BTRC in writing or through any regulations/instructions/directives etc. MNOs shall
23 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
take all reasonable measures to safeguard the databases from unauthorized interception or
unauthorized access.
17.6 In case of any doubt regarding interpretation of any of the provisions of these
directives, the clarification of the Commission shall be final authority.
24 Bangladesh Telecommunication Regulatory Commission (BTRC) www.btrc.gov.bd
ANNEXURE-1
ABBREVIATIONS
3GPP 3rd Generation Partnership Project
BTRC Bangladesh Telecommunication Regulatory Commission
CBVMP Central Biometric Verification Monitoring Platform
CEIR Central Equipment Identity Register
EIR Equipment Identity Register
IMEI International Mobile Equipment Identity
IMSI International Mobile Subscriber Identity
LEA Law Enforcing Agencies
MNO Mobile Network Operator
MSISDN Mobile Station International Subscriber Directory Number
NAID NOC Automation and IMEI Database
NEIR National Equipment Identity Register
NID National Identity/Identification
DB Database
OEM Original Equipment Manufacturer
UMTS Universal Mobile Telecommunications System
HLR Home Location Register
VLR Visitor Location Register
BL Black List
GL Grey List
WL White List
VL VIP List