An Introduction to Cellular Forensics

Cellular forensics is the collection and analysis of data related to cellular devices, particularly from cell phones and tablets. LATRO utilizes software to extract and conduct forensic examinations of the data from cellular devices or cellular networks. Our experts process and handle the data according to legal standards required by forensic experts, law enforcement agencies, attorneys, and telecommunication companies in order to support case evidence for a wide range of crimes, from telecom fraud to violent offenses.

Cell phones and network records contain a surprising amount of information about their users. With the right technology and expertise, it’s possible to use this data in both civil and criminal proceedings to great effect in building and both prosecution and defense cases. 

Why Cellular Forensics Is Important

According to Statista, nearly half the world’s population owns a smartphone now. Many more people own more than one, which equates to a total of more than 6 billion active smartphone cellular subscriptions worldwide. The smartphone became popular around 2007, with the advent of the iPhone and its successors. But even without smart capabilities like an internet connection, any cell phone can provide a wealth of information about a person.

Here are just some of the types of information stored on most modern cell phones that can be relevant in legal proceedings:

  • Call history
  • Text messages
  • Internet-based messages such as those that transmit via Snapchat or Facebook
  • Photographs, videos, and screenshots
  • Files and folders
  • Emails
  • Notes
  • Saved passwords or other credentials
  • Financial information

People use their phones like tiny computers — which is basically what they are. However, cellular forensics also focuses on other information from network data that can provide the details of cell phone communication, including information that can reveal the relative geographical location of the cell phone user. This information is contained in Call Detail Records (CDRs).

Call Detail Record Analysis

CDRs don’t just show the time calls are made, but they can also provide an approximate location associated with the cellular tower and sector used by the cell phone. This is because most cell towers have a fixed physical location, and the antennas on the towers are oriented in specific ways. The cellular network is made up of various systems that work together to ensure the calls from a phone are transmitted to and received by the correct users.

As part of US legal proceedings, cellular network operators must provide call detail records when specified under court-issued warrants. LATRO uses specialized software to import these CDRs for analysis. With this technology, LATRO’s forensics experts can create visualization maps of the cell phone towers that were used to facilitate communication during the time period of the call records. In conjunction with these maps which highlight the relative location history of the cellular device, users also perform other analyses such as the most frequently used tower, link analysis, top calling and called phone numbers, and heat maps indicating when communication took place, and a host of other features. 

It’s important to note that call detail records (CDRs) won’t ever be able to pinpoint someone’s location exactly as GPS does. Instead, the user is said to be within a “cell,” or a coverage area of a particular cellular tower. Indeed, that’s where the term “cellular networks” comes from. Users must be able to move between the towers, or base transceiver stations (BTS), without losing signal, which is why there’s always a record of which BTS was carrying the signal to help identify faults and ensure optimal performance of the network.

Of course, CDRs do show who was called, and for how long, the date of the call, and the time of the call, which can also be useful during an investigation.

The Impact of Cellular Forensics

Careful CDR analysis also helps telecom fraud management professionals detect patterns that could indicate malicious misuse of mobile services, including attempts to defraud telecommunications companies of significant amounts of money. One example of this is International Revenue Share Fraud (IRSF) which occurs when telecom “pirates” use roaming cell phones to make huge numbers of international calls to premium-rate numbers. Trained analysts can quickly spot patterns in CDR analysis to help telecom providers crackdown on nefarious practices like this. However, telecom companies aren’t the only parties for whom CDR analysis is critical. Criminal investigators and prosecutors can use CDR analysis to investigate crimes with far more serious consequences.

Let’s look at the case of Gregory Lewis. Lewis is serving consecutive life sentences for a robbery, kidnapping, and murder that took place in the state of Pennsylvania, USA. Ultimately, he was convicted due to the phone calls he made at the time the crimes were committed. The cellular forensics experts at LATRO used CDR analysis to help the prosecuting attorneys prove, beyond a reasonable doubt, that he was in the area at the time the various crimes occurred.

Other instances of cellular forensics used to fight crime include a 2010 case involving a would-be car bomber in New York City. The bomber fled after the device failed to detonate, but thanks to CDR data and other digital forensics, the suspect was arrested at JFK Airport.

Many criminals make the mistake of assuming that once a phone is destroyed, so is all the data associated with it. Yet when cellular forensics experts analyze archived call detail records, it can reveal the truth of many situations.

In LATRO’s Cellular Forensics Lab, our credentialed experts utilize state-of-the-art forensics technology, software, and equipment plus patient and experienced call record analysis to help law enforcement officials or attorneys sift through data accurately, often securing the conviction or pardon of the cellular phone user.  Contact LATRO today to find out more or check out our Forensics Lab website.