NSW will force pawnbrokers to record MAC addresses


news As a crime-fighting measure, the NSW Government is set to force second-hand dealers to record the MAC addresses of Wi-Fi-enabled mobile devices.

The planned changes in legislation will give people who have had such devices stolen a better chance of getting them back.

NSW’s Minister for Innovation and Better Regulation Victor Dominello said the alterations to the Pawnbrokers and Second-hand Dealers Regulation will force pawn shop staff to record media access control (MAC) addresses for mobile phones, tablets and notebook computers – the three most commonly stolen electronic devices.

“We are living in the digital age and consumers are purchasing a range of valuable Wi-Fi devices. From 1 June this year, a licence condition for pawnbrokers accepting certain electronic goods will be to capture the MAC address and provide [them] to NSW Police,” Dominello said.

The minister strongly urged consumers to record their MAC address, which can can be easily located on a device, and is also displayed on routers used at home or work.

To connect to a Wi-Fi network, electronic devices have an internal 12-character MAC address. This is assigned by the manufacturer, and are always to a device. Usually found in the settings menu, the MAC address cannot be erased.

Inspector Tony Heyward of NSW Police’s Operational Information Agency explained that that police officers will compare MAC addresses recorded by pawnbrokers against those provided to them by victims of theft.

Matching MAC addresses will allow them to reunite a device with its owner, he said.

“A total of 19,179 mobile phones were stolen from NSW citizens in 2015. During the same period, thieves also stole 7,696 notebook computers and 5,104 tablets,” Heyward said. “The MAC address is such a simple yet powerful crime-fighting tool, and this is yet another way NSW Police and our partner agencies are staying one step ahead of criminals.”


  1. Seems reasonable, though shouldn’t people be recording their devices serial / IMEI numbers?

    • For phones I would say this is the most important part.
      In fact, your mobile provider should know the IMEI of any device you connect to their network, and you should report any phone you have had stolen as such so that it gets listed in the stolen IMEI registers by your telco, effectively banning that phone from use in Australia.

  2. Not sure how useful this will be.

    iOS 8 and above uses MAC address randomisation. When searching for wifi networks it uses a random MAC. It only uses the real MAC when connecting to a known network.

    For a stolen device that is password protected, it’s not easy to get the real MAC.

    I believe Windows 10 does this too

    • The point is to identify the device in your possession.
      Why would you pay someone money for a locked phone you can’t unlock?
      Since you wouldn’t do that, the phone will either be sold as inoperable, (can’t get the Mac off an inoperable phone) or operable, in which case you get the real MAC out of the menus.

      The MAC used for connecting to wifi networks isn’t going to mean anything in this context.

      (But what you describe is interesting! And a fact I wasn’t aware of so thanks!)

      • Doesn’t help that the MAC isn’t always unique though, certain manufacturers (chinese ones being the big ones) like to re-use MAC addresses between multiple devices.

  3. “This is assigned by the manufacturer, and are always to a device.” – I think you meant to say unique in there somewhere.

      • Indeed so, we have a lot of customers using our online sales system, originally the system was designed to base it on the MAC address (and a user/pass), but it was found that we had quite a few customers (in different locations) which had Telstra 3G USB dongles which all have the exact same MAC address.

  4. “the MAC address cannot be erased”


    Whilst this is a useful step and will add another barrier to the business model for stolen devices we should avoid such certainty. If there is financial advantage to changing a MAC address we may find that its not so difficult on some devices after all.

    Other theft deterrence methods should not be relaxed.

  5. This government has No idea how Technology works. That is clear.

    I am surprised they even know what MAC addresses are.

    • The Corner of Albany Highway and Hillview Terrace in East Victoria Park, WA.

      All of my stuff has my WA driver’s licence engraved on it.

  6. As someone who’s worked at a pawnbroker in nsw.

    We required suitable I.D. (such as a drivers license or photo card) from customers.

    With items that had, or should have a serial, we HAD to enter that into our system. If the serial was missing (peeled off sticker) we had to reject the item.

    Phones – We had to get the serial and imei from the device. Not from the back of the phone, but from the software, which to the best of my knowledge can be modified.

    Along with all this, a quick description of the item

    Blue Samsung Galaxy S4 16gb in green case w/ charger.

  7. On some devices the MAC address can be modified. At the hardware level. I dunno how common that is, but at least two of the devices I have allow that, likely more.

Comments are closed.