A cell phone may contain a media card. Standard forensic tools can recover this type of evidence. Subscriber Identity Module (SIM) cards are also present in all phones that contain a global system for mobile (GSM) communications. SIM cards can be read fairly easily, since the type of data on these cards and the manner in which they are stored are defined by GSM standards. Cell phone memory chips located inside the handset use the same type of memory found in compact flash cards and thumb drives; however, the storage of the data is typically proprietary, so standard forensic tools will not usually decipher the data. This makes forensic examinations of cellular phones difficult. Network providers and others who keep data on the use of particular cell phones are also useful sources of forensic information on the use and time of cell phone use. When seizing a cellular phone, investigators must be aware that when a phone is turned on and connected to a provider's network, the data on the phone constantly changes; thus, potential evidence could be lost. Officers who first come into possession of a case-related cell phone must immediately sever a phone's connectivity to a provider network, so as to preserve the current data in the phone. Only proper training will enable officers to use the method that is right for a given situation. It is critical that investigators obtain any keyboard lock codes or PIN codes used to access a phone. The type of cell phone, an investigator's training, and an agency's access to computer hardware and software will dictate the best methods for forensic examination of a particular cell phone.
Downloads
Similar Publications
- Just Science Podcast: Just Wastewater Drug Surveillance In Kentucky
- Improved Nucleic Acid Recovery From Trace and Degraded Samples Using Affinity Purification
- Success Story: NIJ and The Virginia Department of Forensic Science Advancing Drug Analysis in Forensic Toxicology for Enhanced Judicial Outcomes