.webp?width=50&height=50&name=IMG-1171%20(1).webp)
Two of the biggest factors law enforcement officers face today are how they handle a dangerous situation and how quickly they can that situation. When lives are on the line, one of the major obstacles in resolving that situation is a lack of information.
In situations where digital evidence is involved (the majority of cases today), front line field officers finally have tools that can allow them to gain access to evidence and intelligence on-scene. Smartphone triage tools such as a Mobile Device Investigator give law enforcement better methods of extracting usable information in a timely manner.
3 Ways to Use Smartphone Triage
On-Scene Investigations
There are situations where time is critical to the case and lost time can mean the difference between additional casualties or not apprehending a suspect. Digital forensic triage of mobile devices allows field agents the speed and flexibility to search devices based on the nature of the investigation for evidence from suspects, witnesses, victims, or unknown devices.
In the case of Mobile Device Investigator, field operators can not only collect and analyze evidence quickly, but they can preview and capture screenshots from phones and tablets during forensic aquisition to make decisions on the next steps in the case (seize devices, charge suspects, identify and protect victims, etc.)
The field triage approach has been used by the military for years in sensitive site exploitation and in countries such as the U.K. which adopted digital forensic triage as a methodology early as a way to prevent forensic backlogs with front line Digital Media Investigators.
Investigations On-Scene to Lab 
If there is no immediate or imminent threat, a field agent may decide to collect relevant evidence quickly on-scene, seize the device(s) and continue the investigation back at the office or forensic lab. Using this approach, investigators can hand off prioritized evidence and devices with initial reports to prosecutors and examiners for further investigation.
The field to forensic lab approach can be very helpful to law enforcement as it speeds up the investigation process entirely. A crucial step in any investigation is collecting the cell phones from the crime scene and determining if any of those cell phones contain any information that is important to the case and with these tools.
If a smartphone investigation was started on-scene with ADF software, a digital forensic lab examiner can pick up right where the field investigator left off.
Lab Investigations
Lab examiners can use smartphone triage to identify tablets and phones with relevant evidence faster which can make the information on the devices more valuable to investigators in situations where time critical (typically important). At the very least, smartphone triage can provide a negative or positive result that the specific evidence being investigated may be, or may not be present on the device.
In the case of Child Sexual Abuse Material (CSAM), for instance, mobile phone forensic software such as Mobile Device Investigator (MDI) can automatically flag a device when digital evidence is collected and Project VIC hashes are matched. Built to leverage Artificial Intelligence and Machine Learning (AI/ML), MDI can also alert investigators for the presence of pictures of weapons, drugs, money, or other data which might warrant further investigation.
