Contact Us

We offer Cyber Security Services Consultations and Penetration Tests, Forensic Informatics Examination and Technical Expert Opinion Reports, Data Recovery Solutions and Secure Data Destruction Solutions, ISO Consultations and Internal Audits, Forensic Science Examination and Technical Expert Opinion Reports, Illegal Eavesdropping & Physical Search Detections, Cyber Security Product Solutions.

Get In Touch

Call Now

+44 1189 890 877 / +44 7385 793 440

Quick Email

info@forensicdefence.com

Office Address

400 Thames Valley Park Drive, Thames Valley Park, RG6 1PT, Reading, United Kingdom

Follow Us

Mobile Phone and Tablet Examination

  • Home |
  • Mobile Phone and Tablet Examination

All digital evidence is identified in our forensic laboratory, which adheres to international standards. Our forensic engineers, who have years of experience in their field, perform these identifications in a reliable and auditable manner, and the results are reported in compliance with the legal system.

Mobile Phone and Tablet ExaminationMobile Phone and Tablet Examination

Mobile devices (e.g., mobile phones, tablets) have increasingly taken over the functions of traditional computers. Modern smartphones and tablets, accessible to users of all ages, store a vast amount of personal data. Mobile phones utilize three types of data storage: NOR, RAM, and NAND.

NOR Memory: Handles the operating system code, kernel information, device drivers, OS applications, and user applications.

RAM is the storage unit with the least data capture due to generally containing volatile data. It stores data that occur instantaneously on the mobile device, allowing for faster service to the user during the next similar operation.

NAND Memory: Stores sensitive user data such as audio, video, applications, and documents.

Forensic processes on mobile devices adhere to forensic standards and use various hardware/software tools. Devices with physical damage can undergo JTAG and chip-off procedures for data extraction.

Mobile devices without physical damage can undergo three main extraction techniques:
  • Logical Image Extraction: The fastest and most universally applicable technique. It extracts data by communicating with the device’s OS via an API. This method retrieves data such as call logs, SMS/MMS records, photos, videos, and audio files but struggles to access deleted data.
  • File System Image Extraction: Retrieves system files, databases, calendar entries, and web history, including deleted data within databases, in addition to the data obtained through logical extraction.
  • Physical Image Extraction: The most comprehensive data extraction technique, though it cannot be applied to many devices due to security measures taken by manufacturers (Apple, Samsung, etc.). This method transfers copies of all data contained in the device into an image, including ‘hidden and deleted’ files, using the bit-by-bit method.

Mobile devices play a crucial role in investigations and prosecutions. Our expert team performs forensic imaging and data recovery on brands like Samsung, Sony, Apple, Nokia, etc. After these procedures, they prepare an expert opinion report for judicial authorities.

Our laboratory provides data obtained to the requesting institution/person under our Data Protection and Information Security Policy without retaining any information/documents.

The processes of imaging, data recovery, analysis, and reporting take between 2 to 10 business days, depending on the mobile device’s capacity. For the obtained data to be admissible as evidence, experts must examine and report the mobile device(s). The types of data retrievable from the device vary according to the operating system, and the interpretation of where the data is stored and how it should be analyzed depends on the examiner’s expertise and judgment.

Data obtained from mobile phone extraction includes:
  • Mobile device technical information
  • OS details
  • Setup date and time
  • Setup email information
  • Setup language
  • Contacts
  • SMS/MMS messages
  • Calendar data
  • Call logs
  • Email data
  • Photos, videos, and audio files
  • Internet history
  • Documents
  • Social media data
  • Application details
  • Location information
  • Password information
  • Messaging app contents (WhatsApp, Skype, Messenger, Snapchat, Tinder, etc.)
  • Health data

Experts must closely follow updates to the operating system, as these may change the location and confidentiality of the data contained in the device (including deleted data).

Technical studies conducted in line with data recovery and examination reveal:
  • The date and time of the device’s installation via which email,
  • Technical information of the SIM cards inserted in the device until the examination date,
  • Email accounts defined on the device and the applications downloaded through these accounts,
  • By conducting location data analysis on the photo file, determining the date and time, and the coordinates/location where the photo was taken,
  • By conducting location data analysis on the video file, determining the date and time, and the coordinates/location where the video was taken,
  • The number of contacts saved in the address book and the names under which the numbers were previously saved,
  • Deleted SMS-MMS messages,
  • Deleted Word-Excel-Pdf documents,
  • Wi-Fi information the device has been connected to,
  • Internet data usage information of the applications,
  • Decryption of WhatsApp end-to-end encryption and data recovery,
  • Accessing data in Cloud Storage,
  • Examining and recovering the WhatsApp database in Cloud Storage,
  • Deleted messages and call information of social media and messaging applications like “WhatsApp”, “Instagram”, “Twitter”, “Skype” etc.,
  • Whether applications like “Bylock”, “Eagle” etc. are present on the device, if so, through which email they were installed, when and how, and what communications are included in their content.

Moreover, security elements of mobile devices, which are starting to replace computers and are used by everyone, are also threatened by spyware. Spywares are programs that operate in the background of the operating system and enable all personal data to be sent to third parties without the user’s knowledge and authorization.

On a device with spyware, the following can be captured by third parties instantly:

  • Bank and credit card information of the person,
  • Social media account information,
  • Instant screenshots,
  • WhatsApp chats,
  • WhatsApp voice and video call information,
  • Call information,
  • Voice recordings,
  • Notepad data,
  • Calendar data,
  • Email data,
  • Location information,
  • All application activities.
Our expert team examines devices regardless of the operating system and identifies spyware, determining to whom and how the data is being sent. If you suspect that your private conversations are being overheard by others, you should have your device examined for spyware by experts in the field.

In this context, the most important evidence that judicial authorities (Court-Prosecutor-Lawyer) or administrative authorities (Inspection Board-Internal Audit Unit-Legal Counsel) rely on to clarify an incident is now digital evidence. Thus, cell phones and tablets, which are small in size but large in terms of the data they store, have become the most prominent digital evidence in many cases.

From divorce cases to labor law cases, criminal cases to commercial cases, and even intellectual property cases, the clarification of incidents is achieved through the data they contain.

Forensic Defence experts analyze the digital evidence in your judicial or administrative investigations within the framework of the law, preparing expert opinions/reports following international standards, and in compliance with the Criminal Procedure Code and  the Civil Procedure Code, making them usable in any country in the world. If necessary, the experts who provided the report can also be heard as witnesses according to the Criminal Procedure Code.

For more details and information don’t hesitate to contact us.

Contact information

Institutional

Menu

Social Media

Facebook X-twitter Youtube Linkedin Instagram

Follow Us