Prevalent Challenges in Mobile Phone Forensics
With an ever-increasing range of exquisite features and storage capacitance, mobile phones have become ubiquitous. They store a vast amount of information about those who possess them. Just as these devices have become integral parts of our lifestyle, they prove to be the source of crucial information that acts as evidence in forensic investigations. There are some tools and techniques, available for this; however, there exists no such solution, which single-handedly can perform the entire forensic investigation of mobile phones, thus, the challenges in mobile phone forensics are increasing at an alarming rate.
A mobile can be tied to a crime in many ways. They are:
- It can be used as a tool for communication while committing a crime.
- In a crime, it can use as a storage device for extracting information.
- It can also contain information about a victim.
Persistent Challenges In Mobile Phone Forensics
There is no denial of the fact that mobiles/smartphones play a vital role in the investigation of a crime committed by using the device. However, it is a very difficult task accompanied by many forensic challenges, as listed below:
- Identification Of The Mobile Phone
In the process of mobile phone investigation, the first step is the identification of the phone. Keeping in mind that there are several network carriers and manufacturers, identification of the phone by mere viewing is impossible. In spite of the fact that all the mobile operating systems, function, in the same way, they greatly vary in the way they store the data, security settings, access rights and other settings. A single model can be marketed by the manufacturers under different names. Moreover, the Chinese phone models replicate the look of several known brands but deploy a different OS than the original one. Unless and until the phone battery is removed, the investigator cannot come to know of the correct model of the software.
Preservation Of Existing Data
Preservation of existing mobile phone data is the next step in the investigation process. It is necessary to prevent any new information, in the form of a call or a message, from being received by the acquired phone. It happens that sometimes the newly received messages may delete the older messages. Therefore, in order to prove the integrity of the data, we suggest placing the mobile phone in an isolated and wireless environment. There are multiple technologies, which give this kind of isolation to keep the mobile devices away from radio frequencies.
- Phone Power And Connection Establishment
One of the most crucial challenges in Mobile Phone Forensics that the investigators come across is the preservation of the power of the phone. If kept in an operational mode for a longer period, its battery will eventually drain out. This may lead to the deletion of volatile data stored in the phone, thus resulting in the loss of prospect evidence. Therefore, keeping a check on the battery of the phone is necessary to ensure the preservation of data. However, there exists no standard for the power requirement in mobile phones. This is because there is no standard for cable connectors. Therefore, even if two different mobile phones may require the same voltage it is likely to happen that they do not use compatible power connectors.
Data Protection Via Encryption & Passwords
There are a variety of security mechanisms that different mobile phones use in order to safeguard the data stored in the phones. These mechanisms differ from manufacturers to SIM cards, PINs and PUKs. Getting access to the data does not necessarily mean that the investigator will be able to carve out the evidence. The data stored on mobile phones is usually encrypted using an encryption algorithm. Thus, it gets difficult for the investigators to access the data without the assistance of hardware or software devices.
- Unequalled Data Formats
Let us assume that the investigator does not follow the above-mentioned challenges in a particular case. However, there still remains a barrier that can make the entire investigation useless. There does not exist a standard location or format for storing information in a mobile phone. Also, it is possible to store data in different places in different kinds of memories. Some information may be stored in the SIM card of the mobile phone while some may also be stored in its RAM (volatile memory). Also, some of the data is stored in the ROM too. Stores information such as contacts, text messages, emails, etc. in their default file format. In a way that no one can understand without any software.
Selection Of Assessment Tool
The biggest challenge in mobile phone forensics that an investigator comes across and which when fulfilled ensures completion of the forensic investigation is the selection of the right forensic tool. Even though there are numerous forensic tools available in the market. However, the one which suits your investigation completely sometimes is hard to find. In addition, there exists no such tool that can fulfil all the requirements of an investigation.
At times, examiners has to face challenges in Mobile Phone Forensics. As they have to face lot of technical problems, that can prove to be fatal for an investigation. However, with right choice of procedures and presence of mind. An examiner can solve the case without any issue and overcoming the challenges in mobile phone forensics. Moreover, choice of right tool can give a right direction to your investigation and justice to the victim.