top of page

Datawipe

 

The Pervacio solution connects to the GUI which launches the Pervacio datawipe application on to the device, whilst collecting serial information (make model and firmware etc from the device) the wipe is instigated. To complete the process, following the wipe and in order to remove the application on certain platforms a factory reset is performed and sometimes a software flash. This removes the app and restarts device, capturing a successful (auditable) recording of the sequence.


The solution is not "just a factory" reset and has been tested on commercially available forensic equipment (Oxygen, Cellebrite and X-ray), which confirmed that the data can’t be recovered from the device following the Pervacio data wipe process.

Smartphones (Apple iOS, Android, BlackBerry, Windows Phone, Symbian)

 

OS devices use a NAND flash disk protected by hardware file system encryption. During the wipe Pervacio performs the following operations:

  • hardware encryption keys are destroyed (EMF key)

  • new hardware encryption keys are generated (EMF key)

  • user partition is initialized with new data

  • 3rd party applications

  • all other encryption keys including device transport key and IT Policy public key.

  • all PIN encryption information from the device

  • all user data

  • whole disk is reformatted

  • whole disk is repartitioned into two logical partitions

  • nvram is reset

  • hashes of user password

  • system partition is flashed onto the device

  • baseband memory is reset and flashed with a new firmware

  • authentication information

  • low level bootloader is flashed

Furthermore for enterprise devices that have content protection turned on, Pervacio datawipe performs a full memory scrub process to overwrite the device heap that is in RAM, application storage, and the files that a user saved on the device.

“No data was found by Intaforensics. Their approach is to test recovery of physical and logical (meta) data on device, this method is used to analyse mobile devices in criminal cases.  They use the terminology of physical data that could reasonably be found by an 'Informed user' e.g. technical knowledgeable individual and also logical data by 'forensic expert' using forensic specialist tools.  The approach Pervacio have adopted is to send sample certified devices regularly with Intaforensics to test new methods and maintain confidence in our solution and ongoing certification”

IntaForensics has grown to provide the wide spectrum of Digital Forensic Services from its Warwickshire laboratory. Intaforensics are:

 

  • Quality guaranteed from a BS EN ISO 9001:2008 registered firm

  • Information Security BS ISO/IEC 27001:2005 accredited

  • Secure, centrally located Digital Forensics facility

  • Association of Chief Police Officers (ACPO) compliant procedures

  • Registered and vetted Digital Forensic Analysts

  • All staff are Security Cleared to UK government standards

bottom of page