LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What is the TMSI, who issues it, and how does it protect against movement profiling?

The TMSI (Temporary Mobile Subscriber Identity) is a temporary identity created by the VLR and sent back encrypted to the phone; it replaces the IMSI in over-the-air exchanges and changes when the phone switches base station, preventing third parties from building a movement profile.

How it works:

  1. The IMSI is required only at first registration with a base station (the network has to know who you really are once)
  2. Afterward, the VLR (Visitor Location Register) assigns a TMSI — created locally, then encrypted and sent back to the mobile
  3. When the phone changes base station, the TMSI changes too

The privacy payoff: because the over-the-air identity keeps changing and never reveals the permanent IMSI, a passive eavesdropper cannot link successive appearances to the same subscriber — no movement profile.

The weakness this implies: the protection only holds if the IMSI is truly sent rarely. An attacker who can force a phone to reveal its IMSI (by pretending to be a base station that "doesn't recognize" the TMSI) defeats the whole scheme — that is exactly what an IMSI catcher does.

Go deeper:

From Quiz: MOBINFSEC / GSM & LTE Security Infrastructure | Updated: Jul 05, 2026