The way that iXAM® acquires data in the same way as a hard disk drive or a memory card is foreniscally imaged. It uses a software write blocked direct read of the physical memory space.
The extraction software never runs the onboard OS, meaning iXAM® has the ability to bypass a passcode set on the device and image the memory space you specify. But the device passcode can still be required to access encrypted data (iOS 4.x). In these cases there is the option to brute-force and identify the passcode to ensure maximuim data capture.
Can I image any of the supported devices if the passcode is set? - YES
Will iXAM® give me the device passcode? Yes. - if the passcode is set it will be identified, unlocked and reported.
What about the SIM PIN code? - iXAM® does not read or need the SIM card. As the extraction software does not attempt to engage the network, it never triggers the SIM to require the PIN code.
We recommend the use of a dedicated SIM reading application such as SIMiFOR® to get the best possible evidence from SIM Cards.
iXAM Validation on data from locked devices...how do I do it?:
FTS; the developers of iXAM®, run a large full service Cell (Mobile) Phone Forensics laboratory in the United Kingdom. iXAM® is undergoing continuous use and validation based on the NIST validation protocol and in-house developed processess. These have been independently assessed to meet the standards required by ISO/IEC 17025:2005.
For passcode locked devices the validation process concentrates on fully validating and verifying the imaging process (using unlocked devices) and by using refence data sets to validate that decoding and carving methods employed subsequently cannot alter the data retrieved.