There’s a register, or a generic element of computer information storage, on the device that contains a string of bits that are algorithmically put into it. Generally that register is write protected, meaning it can only be read from.

You’re familiar with read-only chips and probably familiar with read-write chips (like those used for flash memory).

What they don’t talk about is write-once memory. You can write data to it a single time and that’s it.

How (in theory):

Imagine you have 8 fuses. We’ll label them 0 through 7. You want to store a binary representation of the letter A, which is 01000001. So you blow fuses 0, 2, 3, 4, 5, and 6, leaving only fuses 1 and 7 intact.

The thing is, there are two lines for each fuse: A read line and a write line. To read a fuse, you use the read line. To write to a fuse, you have to use both the read and the write line to burn the fuse.

On the write line, there another, higher amp fuse. After you’re done burning your fuses, you overload the write line without the read line and blow the fuse on the write line. No more writing. Only reading. (Also, you’d put a fuse on the read line to prevent someone from trying to dump a bunch of current there to change one of the bits.)

How (in practice):

When Foxconn or other manufacturers build devices, one of the steps with the partially assembled device connects a computer to specific connection points on the PCB which were placed there for this purpose specifically. These connection points are connected to the chip where the IMEI, Serial, MAC number, or other hardware ID is stored.

In older designs, you could later change the write-once content so long as you changed a 0 to a 1 only. While you couldn’t set it to any value you wanted, you could change the value to something other than what it was previously.

In more modern designs, the data is written and then current is passed through another connection point which disconnects the data lines for writing internal to the chip.

How (the bad way):

Write-once chips are pretty specialized which translates as “expensive in small quantities”. So, on cheaper devices or low-margin devices, the OEM just uses flash memory to store whatever and the software on the controller on the device simply won’t provide a way for the value to be changed. This doesn’t prevent someone with proper knowledge and equipment to change the content of flash chips.

This is how counterfeit SD flash cards and counterfeit usb flash drives are made. Someone buys a bunch of cheap 512mb cards and changes the content of the flash memory used by the controller so that the chip intentionally misidentifies itself to the computer as being 2tb. And so long as you don’t try to use more than 512mb of space and don’t format the card without using the Quick Format feature, you won’t notice. (Doing a ‘long format’ should catch this type of counterfeiting.)

In the most simple ways of old, a really large string is guessed and we hope that it doesn’t collide with any other device you meet. Those we call MAC. There isn’t anything to guarantee they are unique except for statistically it’s unlikely they’ll collide.

In more recent time, we started adding more Information than just MAC to a device. We identify the vendor, modell etc too. Those vendor id’s are in a big database. That together with the serial number / MAC that this vendor can guarantee to be unique among his produced products should be enough for a unique identification. Then again, no one is enforcing that vendors create unique MAC adresses.

In reality, MAC adresses clash rarely enough as to not be a problem. A system should also never use only MAC when it comes to security either, as those can be spoofed easily. iOS and Android for example offer to connect to wifi using a random MAC that isn’t actually theirs. A bad actor could even choose which one to use.

I work with cellular devices that requires unique IDs such as what you described. Smartphones would generally all work in a similar fashion but the details would be considered trade secret, of course. It starts with factory serial number which is flashed to the device when it’s still in the assembly line. The format is unique to each manufacturer but they generally follow a system of model code name, dates, batch, and sequence. Then the IMEI, MAC and anything else unique (default wifi SSID, SIM lock password) are written much later, usually in the last step before boxing. The IMEI has a special format. The first 8 digit is called TAC and has to be registered by the manufacturer. They are normally unique to each model, or a subgroup of a model. The next 6 is normally programmed in sequence. Then the last digit is checksum. Once you use up a million IMEI in your TAC range, you must register another TAC code. This ensures the IMEI for each device is unique in the world. In comparison, The first half of the MAC address is also registered by the manufacturer, but it’s only to the manufacturer not model. And the second half, 6 digit hexadecimal numbers are cycled through the history of the manufacturer so there’s an almost impossible chance your MAC could collide. Then other unique code like SIM unlock codes are generated for each device but they’re not required to be unique.