5G-EIR

5G Equipment Identity Register

Security →
Introduced in Rel-15

5G-EIR is a network function that validates mobile devices by checking their IMEI against status lists to prevent stolen, fraudulent, or non-compliant devices from accessing the 5G network.

Category
Security
Introduced
Rel-15
Where
Core Network › 5G Core
Specifications
2 specs
5G-EIR Description Purpose Related Classification Detected Changes Specifications

Description

The 5G Equipment Identity Register (5G-EIR) is a critical security function within the 5G Core (5GC) network, operating as a standalone Network Function (NF) that provides equipment identity checking services. Its primary role is to verify the legitimacy and status of User Equipment (UE) attempting to attach to the network by validating its International Mobile Equipment Identity (IMEI) or IMEI Software Version (IMEISV). The 5G-EIR maintains and queries several databases: a blacklist for stolen or prohibited devices, a greylist for devices under observation, and a whitelist for known legitimate devices. This verification is a key step in network access control, ensuring only authorized and compliant hardware can utilize network services.

Architecturally, the 5G-EIR is designed as a service-based component within the 5GC Service-Based Architecture (SBA). It exposes the N5g-eir_EquipmentIdentityCheck service to other authorized Network Functions, primarily the Access and Mobility Management Function (AMF). The AMF acts as the service consumer, invoking the 5G-EIR's service during initial registration procedures or periodically to verify a UE's equipment identity. Communication between the AMF and the 5G-EIR uses the standardized service-based interface, with messages transported over HTTP/2 with JSON payloads as defined in 3GPP TS 29.511. The 5G-EIR itself may connect to external databases, such as a central global IMEI database, to enrich its local decision-making with broader industry data on device status.

The core operation involves the AMF sending an EquipmentIdentityCheck request message to the 5G-EIR. This request contains the UE's IMEI(SV) and potentially other relevant information. The 5G-EIR processes this request by checking the provided identity against its internal lists. It then returns a response indicating the equipment status, typically with values like "WHITELISTED," "BLACKLISTED," "GREYLISTED," or "UNKNOWN." Based on this response, the AMF can decide whether to allow the registration to proceed, reject it, or apply specific restrictions. For blacklisted devices, the AMF will typically reject the registration attempt outright. The 5G-EIR's function is stateless regarding the UE session; it performs pure identity verification, leaving session management and enforcement to the AMF.

Beyond basic list checking, the 5G-EIR plays a vital role in mitigating device-based fraud and protecting network integrity. It helps operators combat the use of counterfeit devices, block devices associated with persistent malicious activity, and enforce regulatory requirements concerning approved device types. By integrating with the 5G SBA, the 5G-EIR offers a scalable, cloud-native security service that can be deployed independently and accessed on-demand by various consumer NFs, aligning with the overall 5G design principles of modularity and network slicing. Its operation is crucial for maintaining trust in the mobile ecosystem by ensuring that the underlying hardware connecting to the network is legitimate.

Purpose & Motivation

The 5G-EIR exists to provide robust equipment identity verification in 5G networks, addressing the critical need to prevent unauthorized, stolen, or faulty mobile devices from accessing network resources. Its creation was motivated by the long-standing problem of mobile device theft and fraud, as well as the need to ensure device compliance with network standards and regulatory mandates. By checking the IMEI—a unique identifier burned into the device hardware—the 5G-EIR offers a hardware-level security check that complements subscriber authentication (which validates the SIM card). This solves the problem where a valid SIM card might be used in a stolen or non-compliant device.

Historically, equipment identity checking was performed by the EIR in 2G, 3G, and 4G networks. However, these were often monolithic network elements with proprietary interfaces. The transition to 5G presented an opportunity to re-architect this function to align with modern cloud-native principles. The purpose of the 5G-EIR is not only to continue providing the essential blacklist/whitelist service but to do so as a scalable, web-based service within the 5G Core's Service-Based Architecture. This addresses limitations of the past, such as scalability constraints and complex integration, by making the EIR a standardised NF that can be easily deployed, scaled, and consumed by other network functions via RESTful APIs.

Furthermore, the 5G-EIR supports the enhanced security requirements of 5G, including those for network slicing and IoT. For network slices serving critical infrastructure (e.g., industrial IoT, public safety), operators can enforce stricter equipment policies via the 5G-EIR, ensuring only devices with specific, trusted IMEIs can access those slices. For massive IoT deployments, it can help identify and block devices with known vulnerabilities or poor radio performance characteristics. Thus, the 5G-EIR's purpose extends beyond anti-theft to become a foundational tool for overall network security hygiene, device compliance management, and the protection of specialized network services.

Classification

Part ofAMF
Related approachesIMEIUE

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (19 CRs across 6 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Rel-15 4 changes

In Release 15, the 5G-EIR (5G Equipment Identity Register) was introduced as a new network function for equipment identity checks, accessible via the N17 reference point to the AMF and the service-based interface N5g-eir. The release also included updates to the 5G-EIR's OpenAPI specifications. Furthermore, the network was given the option to perform a PEI (Portable Equipment Identifier) check with the 5G-EIR as part of the registration procedures.

  • Editorial corrections in clause 5.3.2.4 Support of a UE registered over both 3GPP and Non-3GPP access TS 23.501CR0153
  • Use of emergency DNN when Emergency Registered TS 23.501CR0701
  • Alignment of Emergency Registered definition with Stage 3 TS 23.501CR0901
  • 5G-EIR OpenAPI Updates TS 29.511CR0005
Rel-16 4 changes

In Release 16, the 5G-EIR function was enhanced with the introduction of a service-based interface, N5g-eir, and the specification of procedures for its discovery and selection by other Network Functions. Furthermore, the release corrected the handling of PEI/IMEI checks specifically for User Equipment (UE) that access the network solely via non-3GPP access.

  • UPF Selection influenced by the indication of the identity/identities of 5G AN N3 User Plane capability TS 23.501CR0862
  • Correction of use of PEI/IMEI for non-3GPP only UEs TS 23.501CR1390
  • UDR service for mapping IMS Public Identity to HSS Group ID for HSS selection TS 23.501CR1759
  • 5G-EIR Discovery and Selection TS 23.501CR2555
Rel-17 5 changes

In Release 17, the 5G-EIR enhancements specifically introduced procedures to handle a UE registered for onboarding, including support for AMF relocation and de-registration for such UEs. The release also provided clarifications on the 5G-EIR function itself. Furthermore, it added a criterion for the verification of UE location when the UE is registering via 5G Satellite Access.

  • De-registration for onboarding registered UE TS 23.501CR2755
  • Support of the mapping from IP addressing information provided to an AF to the user identity TS 23.501CR2385
  • AMF relocation for UE registered for onboarding TS 23.501CR3137
  • 5G-EIR clarification TS 23.501CR3473
  • Criterion of Verification of UE location for UE registering via 5G Satellite Access TS 23.501CR3604
Rel-18 4 changes

In Release 18, enhancements for the 5G-EIR were defined in conjunction with new procedures for handling UEs registered over both 3GPP and non-3GPP access types, particularly when registered to different PLMNs. The updates provided clarifications for UE policy association and network slice selection assistance information (NSSAI) enforcement in these multi-access, multi-PLMN registration scenarios. These refinements ensure consistent equipment identity checks and policy application regardless of the access network combination.

  • Handling UE policy association when UE registered over both 3GPP and Non-3GPP access TS 23.501CR4570
  • Clarification on non-3GPP path switching capability when a UE is registered to different PLMNs over 3GPP and non-3GPP accesses TS 23.501CR4791
  • Clarification on NSSRG enforcement when a UE registered to different PLMNs over 3GPP access and non-3GPP access TS 23.501CR3935
  • Update of subscribed NSSAI when UE is not registered in network TS 23.501CR4695
Rel-19 1 change

In Release 19, the 5G-EIR's functionality was enhanced to support the checking of a UE's PEI (Portable Equipment Identifier) when the device is registered over both 3GPP and non-3GPP access types simultaneously. This update accommodates scenarios where a UE maintains separate registrations, potentially with different PLMNs, across these distinct access networks. The change ensures equipment identity validation is consistently applied regardless of the combination of access types used for registration.

  • Support of a UE registered over both 3GPP and Non-3GPP access TS 23.501CR5435
Rel-20 1 change

In Release 20, the key new feature for the 5G-EIR was the introduction of support for Dynamic Network Identity. This enhancement allows the 5G-EIR to perform equipment identity checks in more flexible network scenarios, such as when a User Equipment is registered to different PLMNs over separate 3GPP and non-3GPP access types. The update integrates this capability within the existing registration management and PEI check procedures.

  • Support for Dynamic Network Identity TS 23.501CR6483

Explore further

Broader topics and technologies where 5G-EIR plays a role.

Topics
SON (Self-Organizing Networks)Authentication (5G-AKA, EAP)Service Based Architecture5G NR (New Radio)Lawful InterceptNetwork Slicing
Technologies
LTE5G

Defining Specifications

3GPP specifications that define or reference 5G-EIR, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TS 23.501 vk00 5G System Architecture Stage 2 Rel-20
TS 29.511 vj10 5G Equipment Identity Register Service Interface Rel-19