← back to blog

mobile carrier network basics for cloud phone users in 2026

mobile carrier basics matter for cloud phone users because the carrier layer is what platforms actually check when they want to know if you are a real phone user or a fake one. by 2026, fraud detection has moved well past “what IP are you using” into “what carrier owns that IP, what cell tower are you on, what does your device’s IMEI look like, does your routing match a real mobile session”. if the carrier-layer signals do not look right, no amount of clean device fingerprinting saves the account.

this article walks through the carrier-side concepts every cloud phone operator should understand: ASN, APN, IMEI, IMSI, MNO vs MVNO, NAT types, and the specific signals platforms check.

ASN: the carrier identity

every IP address on the internet belongs to a network. networks are identified by an Autonomous System Number (ASN). when a platform sees an IP, the first thing it does is look up the ASN.

ASNs come in categories.

• mobile carrier ASN. AS3786 (LG U+ Mobile, Korea), AS17676 (Softbank, Japan), AS45727 (Three, Indonesia), etc. these IPs come from real mobile carriers.
• broadband ISP ASN. AS7922 (Comcast), AS3320 (Deutsche Telekom). these are home internet providers.
• datacenter ASN. AS16509 (AWS), AS14061 (DigitalOcean). these are cloud providers and hosting companies.
• VPN/proxy ASN. AS9009 (M247), AS19551 (Incapsula). these are pre-flagged by most fraud systems.

a cloud phone with a real Vivifi or Singtel SIM exposes a Singapore mobile carrier ASN. a cloud phone with a real AIS SIM exposes a Thai mobile carrier ASN. that is what platforms expect from a real phone user.

a VPN exposes a datacenter or VPN-flagged ASN. that is exactly what platforms do not expect from a phone user.

APN: the entry point

APN (Access Point Name) is the configuration that tells your phone how to connect to your carrier’s data network. examples: “internet” for many APAC carriers, “data.mono” for Maxis Malaysia, “3gnet” for some Chinese carriers.

every real mobile data session goes through an APN. cloud phones with real SIMs use the carrier’s actual APN. emulators with virtual networking do not have a real APN, which is one of the deeper signals fraud teams use.

cloud phone operators rarely need to touch APN settings directly, but understanding that the APN exists helps explain why “real SIM” beats “fake SIM with VPN” every time.

IMEI: the device identity

IMEI (International Mobile Equipment Identity) is the 15-digit unique identifier baked into every cellular-capable device. it identifies the hardware, not the SIM card or the user.

platforms check IMEI in several ways.

• IMEI validity. real IMEIs follow the GSMA-issued TAC (Type Allocation Code) prefix system. a Samsung Galaxy S23 has IMEI prefixes that match Samsung’s allocated TACs. emulators often have IMEIs that do not match any allocated TAC, or they have an obviously fake “all zeros” IMEI.
• IMEI consistency. if your “Samsung Galaxy S23” reports a Build.MODEL of “Galaxy S23” but an IMEI prefix that maps to a Xiaomi device, that is a red flag.
• IMEI history. some platforms maintain databases of which IMEIs have been associated with abusive accounts. a clean IMEI matters.

cloud phones use real device IMEIs because the underlying hardware is a real device. emulators struggle here because their IMEIs are software-generated.

IMSI: the subscriber identity

IMSI (International Mobile Subscriber Identity) is the unique identifier on the SIM card. unlike IMEI which identifies the device, IMSI identifies the subscriber.

IMSI structure encodes the country and carrier. the first three digits are the Mobile Country Code (MCC), the next two or three are the Mobile Network Code (MNC). MCC 525 is Singapore, MCC 510 is Indonesia, MCC 520 is Thailand. MNC 02 within Singapore is StarHub, MNC 01 is Singtel.

platforms check IMSI to verify the SIM’s claimed origin. a cloud phone that claims to be a Thai user but exposes an MCC of 525 (Singapore) is inconsistent.

cloud phones with real regional SIMs have IMSIs that match the claimed region. the region they claim to be in is real because the SIM is real.

MNO vs MVNO

MNO (Mobile Network Operator) owns the actual cellular infrastructure. Singtel, AIS, Vodafone, T-Mobile.

MVNO (Mobile Virtual Network Operator) leases capacity from an MNO and resells it under their own brand. examples: Mint Mobile (US, on T-Mobile), Yoodo (Malaysia, on Celcom), Circles.Life (Singapore, on M1).

from a platform detection standpoint, MVNOs and MNOs both look like real mobile carriers because they share the same underlying infrastructure. the IP comes from the MNO’s pool. the ASN is the MNO’s ASN. an MVNO SIM in a cloud phone passes platform checks the same way an MNO SIM does.

NAT types and CGNAT

most mobile carriers use Carrier-Grade NAT (CGNAT) which means many subscribers share the same public IP. this is normal for mobile networks. it is one of the reasons mobile IPs are trusted by platforms: a single mobile IP might serve hundreds of real users, so platforms cannot blanket-ban a mobile IP without affecting innocent users.

cloud phones inherit CGNAT behavior from the carrier their SIM is on. that is fine and expected. the platform sees a mobile carrier IP that looks like a normal phone user behind CGNAT.

emulators on a datacenter network do not have CGNAT. they have a one-to-one IP that looks nothing like a mobile user.

cloud phone vs VPN vs proxy covers the broader IP-layer comparison. mobile carrier basics are the foundation that comparison rests on.

what platforms actually check

modern fraud detection runs a battery of carrier-layer checks. the typical sequence.

1. resolve IP to ASN.
2. classify ASN: mobile carrier, ISP, datacenter, VPN.
3. cross-reference ASN’s claimed country with the account’s claimed country.
4. check IMEI validity and TAC consistency with the device’s claimed model.
5. check IMSI MCC/MNC consistency with IP geolocation.
6. check for CGNAT behavior consistent with mobile IP.
7. check TLS fingerprint and HTTP behavior consistent with a mobile browser stack.

each check is a yes/no. modern fraud systems weight the checks and produce a score. high-scoring sessions get challenged or blocked.

cloud phones with real mobile SIMs pass most of these checks naturally. emulators and VPN setups fail several at once.

the device fingerprinting connection

carrier signals do not exist in isolation. they combine with device fingerprinting (sensor data, GPU strings, install history) to produce a “is this a real user” composite score.

cloud phone fingerprinting basics: a 2026 primer covers the device-side signals. mobile carrier basics are the network-side companion.

the GSMA mobile network technical resources is a useful authoritative reference on carrier infrastructure for operators who want to go deeper.

what cloud phone operators should do

practical takeaways.

• prefer cloud phones with real mobile carrier SIMs from your target region.
• avoid stacking VPNs on top of cloud phones (anti-pattern).
• check that your cloud phone provider exposes carrier ASN, IMEI, and IMSI consistently with the device’s claimed identity.
• for region-critical workflows (Lazada Thailand, Daraz Pakistan, Jumia Egypt), confirm the SIM’s MCC matches the target country.

try a real-SIM cloud phone

if you are operating multi-account workflows and want to confirm your carrier-layer signals look right, the easiest test is to use a cloud phone with a real regional SIM and see how platforms respond. cloudf.one offers a one-hour free trial on a real Singapore Android device with a real SIM, no credit card.

start the free trial →

frequently asked questions

what does ASN stand for and why does it matter?

ASN is Autonomous System Number, the unique identifier for a network on the internet. it matters because platforms classify IPs by ASN type (mobile, ISP, datacenter, VPN).

can a VPN make my IP look like a mobile carrier?

mostly no. a few “mobile VPN” services route through real mobile networks, but they are expensive, slow, and shared. cloud phones with real SIMs are a cleaner solution.

is IMEI the same as a phone’s serial number?

different but related. IMEI is the cellular hardware ID. a phone may also have a separate device serial number. IMEI is what cellular networks use; serial is what manufacturers use.

does CGNAT hurt detection?

no, it helps. CGNAT is normal for mobile networks. a mobile IP without CGNAT looks unusual.

what is the difference between MCC and MNC?

MCC (Mobile Country Code) identifies the country. MNC (Mobile Network Code) identifies the carrier within that country. together they identify a specific carrier in a specific country.