I am wondering if the Samsung S4 and Samsung S5 phones had face unlock enabled and if there is a way LE/FBI can use special software to see whose face unlocked the phone and when. Or if there is a way they can link face unlock being used to who was using to who was using the phone at the time. The Samsung S5 also had the feature of a fingerprint sensor added to the home button so users could choose to unlock the Samsung S5 either with their face or fingerprint. I don’t know if any of these security features would be useful to law enforcement in providing data on who unlocked the phone and was most likely using it at the time.
The iPhone didn’t get Face ID and Touch ID until the iPhone 5S was released
“Oxygen Forensic® Detective is an all-in-one forensic software platform built to extract, decode, and analyze data from multiple digital sources: mobile and IoT devices, device backups, UICC and media cards, drones, and cloud services. Oxygen Forensic® Detective can also find and extract a vast range of artifacts, system files as well as credentials from Windows, macOS, and Linux machines.
The cutting edge and innovative technologies deployed in Oxygen Forensic® Detective include, but are not limited to, bypassing screen locks, locating passwords to encrypted backups, extracting and parsing data from secure applications and uncovering deleted data.
Furthermore, multiple extractions can be investigated in a single interface to gain a complete picture of the data. By using the integrated industry-leading analytical tools to find social connections, build timelines, and categorize images, law enforcement, corporate investigators and other authorized personnel can help make this world a safer place.”
Source - oxygen-forensic.com
It is likely there will be recoverable forensic data on the mobile phones even after a factory reset has been done. Law Enforcement and the FBI have access to specialist software programs like the one above from Oxygen Forensics to retrieve data from mobile phones etc. I searched online and it appears it may be possible for them to view data from an android mobile phone to see a history of when factory resets have been done on the handset.
Thankfully it appears some criminals and sexual predators have a false sense of security that doing a factory reset on a phone completely deletes all the data and everything on it. In order to delete all the data from a mobile phone so that none of it can ever be retrieved by law enforcement I think they would have to physically completely destroy it.
I’m sure it is likely law enforcement would be able to find out whether KK claim about finding the Samsung S5 was true or not. The person who previously owned the phone he allegedly found would most likely have set up some security on it even if it was just a basic passcode and not face unlock or fingerprint unlock. He would have had to bypass the security that the person set up. It was possible for Samsung S5 owners to use Find My Mobile and go online to see the location of their phone on a map if had been lost or stolen. You could erase the data on the phone remotely.
It seems unlikely KK would be able to find a Samsung S5 in the back seat of a cab that had no security at all set up like a passcode, face unlock or fingerprint unlock. Or he would need to be able to bypass that security some how. You would expect the owner of a lost phone to try and use the Samsung Find My Mobile website to find its location to try and get it back and erase the data on it remotely for security.
The owner of a lost phone would also likely report the phone as lost or stolen with their network provider and law enforcement. The Samsung S5 may have been purchased on a cell/mobile phone contract and been locked to a particular cell network/phone network. He would need to use his own SIM card from the same network to use it or get it unlocked so he could use the SIM card of another service provider.
I don’t know if you could possibly buy a Samsung S5 as a burner phone but if it wasn’t a burner phone law enforcement should be able to obtain data from the phone service/network provider as to when a cell number started calling from it. It may not be the same in the USA as it is here in Scotland but my mobile phone provider/cell service provider knows what model of mobile phone I am using my SIM card in even though my iPhone was purchased network unlocked sim free from another retailer.
I suspect you're right about that--he was going places where he could use wifi to communicate, wasn't he? I know even a phone without a SIM card can make emergency calls (in the USA) and so I suppose it must ping cell towers as it travels.
