IMEI Changer and MAC Address Randomization Explained

Every device that connects to a mobile network or a Wi-Fi router broadcasts at least two hardware identifiers before any data is transmitted: the IMEI (International Mobile Equipment Identity) and the MAC address (Media Access Control address). Both are designed for network management. Both are routinely collected, logged, and in some cases sold or handed to authorities. This guide explains what each one exposes, who collects it, and how changing or randomizing these identifiers limits your exposure.

What is an IMEI number?

The IMEI is a 15-digit number that uniquely identifies a physical mobile device — your phone, modem, or any device with a cellular radio. It is separate from your SIM card. You can change SIM cards as many times as you like, but the IMEI stays with the hardware unless deliberately changed.

Every time your device connects to a mobile network — even without a SIM card — it broadcasts its IMEI to the nearest cell tower. Mobile operators log this data. In most countries, operators are legally required to retain it for months or years. Law enforcement can request it without a warrant in many jurisdictions.

The practical consequence: if you use the same phone on different SIM cards, networks, or even different countries, that device's movements can still be correlated. Swapping SIM cards does not make you anonymous if the IMEI remains constant.

How to check your IMEI number

On any phone — Android or iPhone — dial *#06#. The IMEI will display immediately without needing to press call. You can also find it in Settings → About Phone on Android, or Settings → General → About on iOS.

The 15-digit number breaks down into four parts: the TAC (Type Allocation Code, 8 digits) identifies the device model; the FAC (Final Assembly Code, now folded into the TAC on modern devices) identified the manufacturer; the SNR (Serial Number, 6 digits) identifies the individual unit; and the final check digit validates the sequence. Dual-SIM phones have two IMEIs — one per radio — and both are logged independently by networks.

Knowing your IMEI matters before taking any action on it: it's the baseline you're working from.

IMEI vs phone number vs IMSI: what is the difference?

These three identifiers are frequently confused because they all relate to mobile connectivity, but they identify different things and are visible to different parties:

• IMEI — identifies the physical hardware (the device). Assigned by the manufacturer. Stays with the handset when you swap SIM cards. Visible to every cell tower and mobile operator the device connects to.
• Phone number (MSISDN) — identifies your subscription. Assigned by your carrier. Changes when you get a new SIM or port your number. Visible to anyone who calls or messages you, and to your carrier.
• IMSI — identifies the SIM card itself. Stored on the SIM, not the device. Changes when you swap SIM cards. Used internally by carrier infrastructure to authenticate your session.

The critical implication: swapping SIM cards changes your IMSI and phone number, but not your IMEI. A mobile operator seeing two different SIM cards used in the same IMEI can trivially link both sessions to the same device. This is why SIM-swapping alone does not provide anonymity — true device-level privacy requires addressing the IMEI independently.

What is IMEI changing?

IMEI changing — sometimes called IMEI spoofing or IMEI randomization — replaces the identifier that the device broadcasts with a different value. A privacy router with an IMEI changer feature allows you to change the IMEI of its cellular modem before connecting to a network. The result: from the network's perspective, each connection appears to come from a different, unrecognized device.

On the Norypt Privacy Router, IMEI changing is available via three methods depending on your preference:

• Physical toggle: A hardware button that randomizes the IMEI on the next boot — no software access required.
• CLI: A command-line interface for precise control, useful for professionals who want to set a specific value or script changes.
• Web UI: A browser-based admin panel that lets you change or randomize the IMEI from any device on the local network.

This means you can arrive in a new country, change the IMEI before inserting a local SIM, and the connection has no link to any previous network activity from that device.

Is IMEI changing legal?

This depends on jurisdiction. In the United Kingdom, changing an IMEI is illegal under the Mobile Telephones (Re-programming) Act 2002 — originally enacted to combat phone theft. In the United States, IMEI modification is prohibited under the Wireless Telephone Protection Act. Several other countries have similar provisions.

However, legal restrictions vary significantly. In many countries, there is no law specifically prohibiting IMEI modification on devices you own. The legal position also differs between modifying a phone's IMEI and modifying the IMEI of a router modem for privacy purposes.

You are responsible for understanding and complying with the laws in your jurisdiction. This article is informational — it explains what the technology does and why it is relevant to privacy, not a recommendation to act in any way that is unlawful in your location.

What is a MAC address?

A MAC address is a 12-character hardware identifier assigned to every network interface — your phone's Wi-Fi chip, your router's wireless radio, and the WAN port that connects your router to the internet. MAC addresses operate at the data link layer, which means they are used for local network communication rather than internet routing. Your router's public IP address is what the internet sees — but within your local network, and between your router and your ISP's infrastructure, MAC addresses are the primary identifiers.

There are two MAC address exposure points that matter for privacy:

• BSSID (Basic Service Set Identifier): This is the MAC address of your router's Wi-Fi radio — the identifier that nearby devices see when they scan for Wi-Fi networks. It can be used to geolocate your router, because companies like Google and Apple maintain global databases mapping BSSIDs to physical locations. A device can determine its rough location just from the BSSIDs it sees nearby, without GPS.
• WAN MAC address: This is the identifier your router presents to your ISP and to the upstream network infrastructure when connecting to the internet. ISPs log this. In some countries, ISPs are required to associate WAN MAC addresses with subscriber accounts.

How MAC address randomization works

MAC randomization replaces the hardware-assigned MAC address with a randomly generated one. The replacement is temporary — it exists only for the duration of the session or until the next reboot, depending on the implementation. The underlying hardware address is unchanged; the address being broadcast is overridden in software.

On the Norypt Privacy Router, both the BSSID and the WAN MAC address are randomized on every boot. This means:

• The Wi-Fi network you broadcast appears as a different access point to any nearby device scanning for networks — preventing BSSID-based geolocation databases from building an accurate location history for your router.
• The address your router presents to your ISP changes on every reboot — preventing long-term correlation of your internet sessions by the ISP's logging infrastructure.

MAC address log wiping

Routers maintain internal logs of MAC addresses that have connected to them. On most consumer routers, these logs persist indefinitely and are accessible via the admin interface — or, more concerningly, via remote access vulnerabilities or ISP-mandated remote management protocols (TR-069).

The Norypt Privacy Router wipes MAC address logs persistently. No record is retained of which devices connected, when, or for how long. This eliminates a forensic data source that would otherwise be available to anyone who gains access to the router — whether through physical seizure, remote access, or a firmware vulnerability.

Who collects MAC addresses and IMEI data?

The entities that routinely collect and retain these identifiers include:

• Mobile operators: Log IMEI data for every session, associated with location, time, and in most cases with a subscriber identity (IMSI from the SIM card).
• ISPs: Log WAN MAC addresses, often associated with subscriber accounts and session timestamps.
• Location database companies: Google, Apple, Microsoft, and others maintain BSSID-to-location mapping databases, built from data collected by devices running their operating systems. These databases are used for location services but also represent a persistent record of where access points have been observed.
• Network operators in public spaces: Hotels, airports, cafes, and corporate networks log MAC addresses of connecting devices. Some use MAC address tracking to monitor customer movement through physical spaces.

Does a VPN hide your IMEI or MAC address?

No — and this is one of the most common misunderstandings about VPNs. A VPN encrypts your traffic and masks your IP address from websites and services you visit. It operates at the network layer (layer 3 of the OSI model). IMEI and MAC addresses operate at lower layers — the physical and data link layers (layers 1 and 2) — which means they are used before your traffic ever reaches the VPN tunnel.

In practice: when your phone connects to a cell tower, it broadcasts its IMEI as part of the initial registration handshake. When your device connects to a Wi-Fi access point, it broadcasts its MAC address to associate with the network. Both of these events happen before any data flows — including the VPN connection. The VPN provider never sees your IMEI or MAC address, and neither can it affect what the network infrastructure sees.

IMEI changing and MAC randomization address the layer that VPNs cannot. They are not alternatives — they are complementary. Used together, they close the gap between what a VPN protects and what the network infrastructure still records.

How IMEI and MAC randomization fit into a broader privacy setup

IMEI changing and MAC randomization are network-layer protections. They address identifiers that operate below the application layer — meaning they work regardless of which apps, browsers, or VPNs you use. A VPN hides your IP address and encrypts your traffic, but does not affect what IMEI or MAC address your device presents to the network infrastructure. These are complementary protections, not alternatives.

For a complete network privacy setup, the Norypt Privacy Router combines IMEI changing, MAC randomization, WireGuard VPN, privacy DNS, zero traffic logging, and MAC address log wiping into a single pre-configured device. Every device connected to it — your phone, laptop, tablet — benefits from all of these protections automatically, without any configuration on those devices. See the Norypt Privacy Router for full specifications.