Family locating sharing app forensics: Life360 as a case study

Abstract

Smartphones and mobile applications (apps) are ubiquitous in societies worldwide, and one popular app category is family locating service (also referred to as family locator) apps. Such apps allow users to continuously share their location with others for reassurance that their immediate family, friends, or loved ones are safe, creating a virtual safety net. Some family locator apps support invitation-only family circles, which creates the expectation that users’ personal data is shared only with trusted individuals. Focusing on Life360 (version 21.9.0), a popular family locator app, we demonstrate the extent and types of forensic artifacts and sensitive data that could be acquired using both commercial and open source tools from the use of the app on iOS and Android devices (iPhone 6S – iOS 13.1.3 and iOS 14.4.2, iPhone 7 – iOS 14.8, iPhone 12 Mini – iOS 14.8, TCL 10L – Android 11, and two Samsung Galaxy S7s – Android 8.0.0). For example, we demonstrate how one can readily acquire user personal data generated by Life360 through device logical file and network traffic forensics, and only one device would need to be compromised for all Circle users’ personal data to be compromised.