Are you being tracked by mobile carrier injected Tracking Headers?

Martin Brinkmann
Aug 31, 2015
Updated • Sep 1, 2015

Mobile Internet is still on the rise and used by hundreds of millions of people around the globe to access the Internet. Mobile advertising is on the rise as well and with it comes the desire to track users to improve its effectiveness.

One way of doing that is to use data provided by mobile carriers. Back in 2014 it became known that two large mobile carriers from the United States -- Verizon and AT&T -- were injecting special tracking headers to mobile connections of their customers which advertisers could use to track users across the Internet by identifying them using provided data about customers.

It is nearly impossible for customers to tell if headers are injected when they connect to services, websites or other Internet resources as this happens on the network level.

Carriers receive all requests that users make when connected to their network. Carriers who inject tracking headers add a unique identifier to the (HTTP) request automatically before the connection to the actual resource is completed. The resource can then use the unique identifier to track users across the Internet.

Even more problematic than that is that advertisers can pay to access data profiles of customers provided by the carrier.

The information can be used to change content on the page or redirect users to a different page altogether.


The research paper "The Rise of Mobile Tracking Headers: How Telcos Around the World Are Threatening Your Privacy" (Download Removed) by the Internet rights organization Access highlights that tracking started much earlier than 2014.

Am I Being Tracked is an online tool that Access' researchers created for the study to find out how widespread the injection of tracking headers really is.

Simply visit the website using your mobile device, turn off WiFi if it is turned on, and click on the test now button.

The service returns whether your mobile carrier is injecting headers to connections you make or not.

carrier injection check

Here is how it works:

  1. You visit the Am I Being Tracked website on your mobile.
  2. The service checks if you are connected using 3G, 4G or LTE.
  3. It tries to match the IP address with publicly available information to determine the carrier.
  4. It analyzes the headers to find out if custom headers are injected.
  5. If that is the case, the headers are logged in the database.
  6. Results are displayed to the user.

Key Findings of the study

  • Carriers in 10 countries, including the United States, Canada, Mexico, China, the Netherlands, Spain and China, use tracking headers.
  • The most tracking occurred in the US followed by Spain and the Netherlands.
  • Of all tested connections on the Am I Being Tracked website, 15.3% were being tracked by tracking headers.
  • Some tracking headers may leak vital information such as phone numbers.

Mobile users have several options to prevent this from happening. First, all connections to secure sites (HTTPS) are not modified by carriers. While that is helpful, it leaves all regular (HTTP) connections vulnerable.

The use of a virtual private network puts an end to tracking and is currently the best option to block mobile carriers from injecting tracking headers.

Last but not least, you may want to consider switching to a carrier that is not injecting headers.

Now You: Are you being tracked by your mobile carrier?

Are mobile carrier injected Tracking Headers used to track you?
Article Name
Are mobile carrier injected Tracking Headers used to track you?
Find out if your mobile carrier is injecting tracking headers to connections that you make on your mobile phone or device.

Previous Post: «
Next Post: «


  1. M said on September 4, 2015 at 11:43 pm

    If I was a carrier, I would instantly add the site to the white list and then the check is worthless :)

  2. Kenny said on September 1, 2015 at 12:06 am

    If you use Google Chrome on Android and use the save data feature all of your http traffic is funneled through Google servers and is not injected. This website even identifies the carrier as Google Inc.

    1. Rick said on September 1, 2015 at 12:14 am

      And google is doing the tracking rather than your cell provider :)

  3. SCBright said on August 31, 2015 at 11:36 pm

    Not being tracked … yet
    Thanks for this info!

  4. dante said on August 31, 2015 at 6:54 pm

    I’m on Project Fi and this test site shows as T-Mobile with no injected headers. Will try again when I’m connected to a Sprint network.

  5. gh said on August 31, 2015 at 5:42 pm

    Martin, thanks for raising awareness of carrier-injected tracking headers. I worry that the practice isn’t specific to wireless carriers.

  6. Uhtred said on August 31, 2015 at 1:55 pm

    it’s all rather worrying…good to know about this kind of activity, thank you :)

    just checked UK provider “Orange Personal Communications Services” and happily (for the moment at least) not being tracked

  7. ilev said on August 31, 2015 at 10:37 am


Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.