It is a normal protocol to obtain Cell Phone Carrier Records when examining Cell Phones. These records can validate what was found on the Cell Phone as well as provide additional information the carrier may have which may not be on the phone. Standing alone, Cell Phone Carrier Records document calls, SMS text messages as well as data usage for web browsing and applications (apps).
Call Detail Records (CDRs) are available from most cell phone carriers including AT&T, Sprint, T-Mobile, Verizon, and more.
Information Available
This information usually includes:
- Subscriber information including:
- Name
- Address
- City
- State
- Zip
- Length of service
- Telephone numbers
- Features of account
- Beginning Date of Service
- Ending Date of Service
- Mobile Device Equipment History
- Call Records / CDR / Call Detail Records
- Item Date, Connect Date
- Item Time, Connect Time
- Seizure Time (if available)
- Originating Number
- Terminating Number
- Dialed Number
- Elapsed Time/Length of call
- Phone Serial Number / IMEI / International Mobile Subscriber Identifier
- IMSI / International Mobile Subscriber Identity
- ESN / Electronic Serial Number
- Call Type – Cellular Carrier Company Call Type
- Description/Company’s description of the transaction
- Device Make / Manufacturer
- Device Model
- SMS “Text” and MMS Records
- Item Date
- Item Time
- Originating Number
- Terminating Number
- IMEI
- IMSI
- Description/Company’s description of the transaction
- Cell Tower / Cell Phone Location Information / Cellular tower identification as well as the GPS location for the cellular tower(s) used for the phone call, text message or data exchange.
- Tower number
- Transmitter or Receiver ID
- GPS Coordinates
- Longitude
- Latitude
- Tower Face / Sector
- Data Records / Download as well as Upload data quantities
- Item Date, Connect Date
- Item Time, Connect Time
- Elapsed Time
- Bytes Up
- Bytes Down
- Tower Information
- IP Address In use by the device
- IP Address Connected to by the device
- IMEI
- IMSI
- Access Point/device type
- Cell Phone Company’s description of the transaction
For Cell Phone / Mobile Device Forensics, please see: Cell Phone Forensics & Mobile Device Forensics
Timezones
When reviewing the CDRs, please note that timezones produced will vary by carrier. Some carriers will deliver the records in Universal Coordinate Time (UTC), others carriers produce the records in the Central Time zone (CST or CDT), while others produce the records based on the timezone of the tower the cell phone was connected to.
Data Retention Policies - Time is of the Essence!
Don't wait months, weeks, or even days hoping the data is still available from the Cell Phone Carrier. Each Carrier has their own data retention policy, and even within carriers, the policy can vary by the type of plan the user has. Generally, the sooner the data is requested from the Cell Phone Carrier, the better.
Definitions Used in this Article
Cell Phone, Mobile Phone - An electronic device used for full duplex two-way radio communications over a network of towers known as cell sites. Low-end or entry-level cell phones are often referred to as ‘basic cell phones’. These are primarily used to make and receive telephone calls and send SMS messages. The device may have other functions, such as cameras, but in general are specifically communications devices. The more sophisticated ‘smartphones’ offer all of the features which are part of the ‘basic cell phone,’ plus advanced computing, camera, music, Internet browsing, GPS navigation, and many other applications.
GPS: Global Positioning System - A U.S. Government-based system that utilizes satellite technology to provide reliable position, navigation, and timing services on a continuous basis for any place on the planet Earth.
SMS or Short Message Service - A text messaging protocol generally used on Cell Phones. Most SMS messages are sent between two mobile devices ( aka mobile-to-mobile ). The SMS protocol also supports the exchange of messages between computers, websites, and other devices. SMS messages are limited to 160 characters per message. The protocol was originally part of the Global System for Mobile Communications (GSM) standards which were published in 1985.
Mobile Device - A Mobile Device (aka a handheld device, handheld computer) is a small, handheld computing device, typically having a display screen with touch input and/or a miniature keyboard. Mobile Devices are usually battery-powered. A handheld computing device has an operating system (OS), and can run various types of application software, known as "apps". Most handheld devices are also equipped with Wi-Fi, Bluetooth, and GPS. They typically connect to the internet via cell phone signal or Wi-Fi. Generally, these devices include a camera, media player, calendar, task management, email clients, clocks & alarms, and an Internet Browser.
Cellular Data Session (CDS) information - A CDS accounts for the amount of data exchanged between the cellular device and the cellular network for a period of time.
