Public evidence submission portals are a game changer for the front line police officer and investigator. Officers and detectives no longer have to deal with the challenge of obtaining singular video files from cell phones or other digital devices, only to face additional challenges of storing and sharing the video evidence. Citizens can now receive a link from the officer to send video files to online storage platforms where they can easily be stored and shared to further investigations and prosecute offenders.

Imagine you are a patrol officer responding to a reported restraining order violation. The victim shows you a 45 second iPhone recorded video of their ex-girlfriend in a local parking lot engaging in a conversation with the victim, an obvious violation of the order. You then obtain the victim’s cell phone number and transmit a public evidence submission portal link to their iPhone. Once at police headquarters, you review the video again and charge the ex-girlfriend with violating the restraining order. What once created an inconvenience and inefficiency obtaining critical video evidence is now completed in a matter of seconds.

Fast forward 18 months when you receive a subpoena for trial in this case. You don’t think much of it since the video evidence makes it an open and shut case. That is, until you are on the witness stand and are asked by the defense, “Where is the rest of the video footage of the incident?” It is then alleged that the victim in the case approached the defendant in the parking lot and there is an extended recording of the defendant trying to get away from her ex.

How do we effectively authenticate the video evidence that was sent to you? What can we rely on to ensure that the video is an accurate representation of what was originally recorded? How do we answer these questions when the “original” video recorded on the iPhone may have been deleted over a year ago?

THE PROBLEM

Current approaches to video authentication primarily rely on content analysis (does the video look real) and metadata analysis (does the metadata show signs of editing/manipulation). Since the content that appears in this video does not give any indication of editing, we must rely on the file’s metadata to gain additional insight into authenticity. The problem in this scenario is that the public evidence submission portal that makes it easy and efficient for law enforcement to obtain video evidence also creates unique challenges to authenticating this video. Recent research¹ has found that video files recorded on iOS devices and transmitted through a public evidence portal are not bit-for-bit consistent with the original video file found on the device. These changes to the file and its metadata may make it impossible to identify editing/trimming in a video that has been collected through a public evidence submission portal using current approaches

It should be noted that the video submitted to public evidence portals will not be bit-for-bit identical but will be visually identical to the one finally transmitted from a citizen’s device. This is good for maintaining the quality of the displayed imagery for review of the submitted video file. However, the metadata and structural changes that happen to the file during the acquisition process hamper the ability to tell if a file has been altered/edited prior to submission. These challenges do not exist today when law enforcement has direct access to a citizen’s cell phone and can capture device filesystem metadata with video files. For example, a video file that has been trimmed/edited on a cell phone prior to upload would look visually identical to a true camera original video file when it is viewed in a public evidence submission portal. The receiving officer would not know that the file has been altered prior to submission.

OUR SOLUTION

At Medex Forensics, we have looked into the structural and metadata changes that occur when video files have been transmitted to public evidence portals. We have found that the changes are not actually attributed to the public evidence portal itself, but to the interaction between the operating system on a cell phone that is storing video and the mobile browser application used to transmit the file to the portal from the phone’s Photo Library². The good news is that the Medex Video Authentication Platform’s approach to video analysis does not have the same reliance on metadata values as current approaches. Medex’s approach to video authentication will quantitatively identify prior editing/trimming of video files transmitted through public evidence submission portals. This will allow for an officer or detective to effectively authenticate video evidence for use in investigations and in prosecutions.

As more agencies rely on public evidence portals, authentication of video evidence will become increasingly important. Medex Forensics will be releasing more information about authenticating and handling citizen submitted videos through public evidence portals in the coming weeks and months, starting with a HTCIA Tech Tuesday webinar on January 24, 2023. You can also expect to hear from us at many industry events and conferences with details on our research into video files that have passed through mobile browsers as well as effectively authenticating those files. You can also contact sales to gain the ability to authenticate public evidence portal and a wide variety of other video files today.

 

¹J. Valenzuela, “Validation Testing of the Multimedia Created and Transmitted by the Axon Capture Mobile Application for Apple iOS.” ProQuest Dissertations Publishing, 2022.

²Our research shows that these metadata and structural changes only occur when a user selects files from their “Photo Library” to upload; the issues do not exist when a user selects the “Choose Files” option.  It should be noted that to select a file using the “Choose Files” option the user must first locate and select the video in the Photo Library, select the “share” button for that video, and select “Save to Files”. Once saved as a file the user can select the file in the “Choose Files” option and the mobile browser upload process can begin. However, whether the “Photo Library” or “Choose Files” option is selected, the same authentication issues introduced in this blog post are present.