fatcousin
// industry vertical

biometric authentication forensics

Face ID · Touch ID · Windows Hello · macOS Secure Enclave · Samsung Pass · voice/iris enrollment · spoof/liveness bypass detection · multi-modal auth timeline correlation.

tools
12
priority
H
processing
local · in browser

start here · primary tools

ordered. work top-down. the first tool is the suggested entry point for this vertical.

  1. ios face id enrollment artifact forensic analyzerdrop ios biometrickit/faceid plist export · parse enrollment + match attempts · runs locally
  2. android biometric prompt session forensic analyzerdrop android biometricprompt log export · parse auth type + crypto object binding · runs locally
  3. windows hello biometric log forensic analyzerdrop windows hello event log export · parse pin/biometric/facial unlock events · runs locally
  4. multi modal biometric auth timeline correlatordrop face + fingerprint + pin logs · unified auth timeline graph · runs locally
  5. case report generatorfill in case number · examiner · dates · findings · drop evidence files for auto hash · generates structured forensic report PDF · runs locally

also useful · secondary tools

cross-cutting tools that surface depending on the specific investigation.

  1. ios touch id template metadata forensic extractordrop touch id secure element metadata · parse finger slot + last match time · runs locally
  2. macos touch id secure enclave event forensic analyzerdrop macos biometrickit log export · parse touch id match + apple pay auth · runs locally
  3. samsung pass biometric vault forensic analyzerdrop samsung pass/knox vault export · parse fingerprint template index + web sign-in · runs locally
  4. biometric spoof liveness bypass artifact detectordrop biometric auth debug log · detect spoof scores + liveness bypass patterns · runs locally
  5. voice biometric enrollment artifact forensic analyzerdrop voiceprint enrollment export · parse speaker model id + liveness flags · runs locally
  6. iris recognition template metadata forensic analyzerdrop iris scanner enrollment log · parse eye id slot + match confidence · runs locally
  7. evidence manifest generatordrop evidence files · compute md5 sha1 sha256 · chain of custody manifest · case number · analyst · export pdf and csv · runs locally

want deeper biometric coverage?

this vertical is intentionally sparse — deep-moat coverage grows over time. tracked in the forensics rollout.

ready