Explaining it in a few words is certainly not an easy task, but we can give it a try. In short, telephone conversations are transmitted in an encrypted way, and the encryption is carried out through 3 different algorithms with different encoding and security levels. Two of these algorithms, named A8 and A5, respectively at 128 and 64 bit, are often artificially weakened, as the last 10 digits can sometimes be set to zero, thus reducing the number of digits and the security of the algorithm.
Thanks to this “hole”, any intelligence agency with sufficient funds to afford the necessary equipment for eavesdropping telephone conversations. These devices work thanks to a fake base radio station, which sends out a signal equivalent to that of a GSM provider, thus covering the legitimate transmitting station. In this way, contacting another radio station, this device is capable of being recognized as if it were the GSM cellphone that you are trying to intercept, which must be within a range of a few tens of meters.
This process works basically to intercept mobile phones inside an apartment or house, while being conveniently hidden nearby.
There are also some portable stations which are recognized by the network station, and by other cellphones nearby, as if they actually were a normal cell phone with the identification data of the phone that is being eavesdropped. With this process, every call, both incoming and outgoing, from the phone under surveillance, will also be received by the radio station.
Other eavesdropping methods consist of placing a tiny Endoacustica listening device into the phone battery, which transmits towards a receiving station positioned nearby.