XRY Photon – Reading Encrypted Chats at (Almost) the Speed of Light
The widespread use of chat apps has transformed the way we interact with each other. It has also become a favorite means of communication for criminals, and thus also a focal point for forensic investigators.
Since encryption long has been a selling point for many apps, extracting encrypted chatlogs can present a significant obstacle to digital investigations. Encryption means that it is necessary to find other ways of extracting data from a chat, and that can be a time-consuming process.
Examiners once needed to do manual, sluggish work such as photographing many long chat logs, resulting in a laborious and inefficient workflow. No more.
XRY Photon handles this issue and saves time for investigators.
In this article, we’ll take a closer look at XRY Photon, the solution included with XRY that changed the game.
Taking speed reading to the next level
XRY Photon is a streamlined automated solution for gathering data from Android apps, designed to save time and increase efficiency for law enforcement and digital forensic investigators.
MSAB’s Tech Evangelist Adam Firman explains:
“You just tell Photon that you want to extract from WhatsApp, for instance, and Photon will pop up and say ‘WhatsApp discovered’ and what version. Then it will control the screen of the connected phone. It will scroll through the chat conversations before your very eyes, screen capturing and then running character recognition.”
Photon, named after the elementary particle that travels at the speed of light, is in that sense an extremely speedy version of the old technique of manually photographing a chat and writing down its content. Encrypted data quickly turns into searchable text that can effortlessly be filtered and analyzed by investigators.
Discover more ways to streamline workflows in your digital forensic units.
Automation and selective extraction
User-friendliness is in Photon’s DNA. Three of the biggest apps on the market – WhatsApp, Telegram and Signal – are handled with full automation by Photon. Examiners do not even have to touch the phone they are working with. For other Android apps, there is Photon Generic, a version of the software in which the investigator will only need to do a minimal bit of manual work: opening the chat app on the phone and then pressing «go».
Photon also has the capability to select which chats to extract, making it possible to protect and respect the privacy of victims and witnesses. This is a significant development in ensuring that the data gathered is not only valuable for investigations but also complies with data protection regulations. The trends toward tighter privacy laws make this increasingly important. Also, a workflow without excessive extractions of private data from witnesses’ cellphones is necessary to ensure that people will remain willing to contact law enforcement authorities in the long term.
To further improve your investigative workflows and enhance your expertise in digital forensics, check out our e-book.
Approach lightspeed today
In a nutshell, XRY Photon simplifies the workflow for investigators, saves time, and increases efficiency. It resolves the limitations of some traditional mobile extraction tools by automating the examination of app data on Android devices. XRY Photon eliminates the need for manual processes and offers the advantage of storing the documented data in a searchable format, facilitating text search, filtering, and other forms of analysis.
With its automated approach to data extraction, XRY Photon makes it easier for law enforcement and digital forensic investigators to gather data from apps, even when developers use encryption to protect it.
Make sure to take advantage of everything XRY and Photon has to offer – get in touch with our Sales team today.
Read more about other capabilities that set XRY apart, such as its unique exploits and top-of-the-line decoding abilities, its rapid hash matching feature, and the advanced extraction solution for more challenging devices, XRY Pro.