Recovering Data From A Physically Damaged iPhone With Chip-Off Forensics


recover damaged iphone data

Before we get started I need to clarify something. Some companies are going to say that recovering data from a damaged iPhone using chip-off forensics is possible. The truth is – and it does depend on the circumstances – yes, it can be done but there is a serious exception and I’ll explain a bit more about that later in this article.

I want to first spend a little bit of time on explaining what the chip-off forensics technique is. Essentially, the idea is to remove the NAND flash memory chip from the iPhone device and connect that to a NAND flash drive reader and proceed to extract data from there. It sounds fairly basic and logical but it is a little more involved than that.

recover damaged iphone data

The chip-off forensics technique is quite successful with devices that are not encrypted such as flash drives, SD cards and other forms of media that do not encrypt data being stored to the chips, flash drives and controllers. This also means, in many cases, SSD hard drives. Regardless of your device, a competent data recovery lab should have all the tools necessary to perform this kind of extraction.

Back To The Beginning

Okay, I started this article by saying that although you may be told data recovery can be performed on all iPhones, there is an exception to this and it is a very important point to remember. Here’s the deal. It can be done only with iPhone 3 to 3S models where the chips inside of them were not encrypted by Apple. Later models – from the iPhone 4 and forward – have all be encrypted so the data that may result from any recovery attempt using the chip-off forensics technique is going to result in nothing more than useless RAW data. It won’t be of any use to anyone.

recover data from damaged iphone

The Apple Back Door

You may have heard about the instance when the FBI approached Apple and requested that they develop a back door specifically to bypass the iPhone passcodes. The goal was to eliminate the pass codes from being deleted following a few unsuccessful attempts. That didn’t go far at all. A legal battle ensued where the case went nowhere and Apple never created the back door.

Let me help the story along a little bit here. If the FBI could not obtain data by removing pass codes, they would not have even bothered to introduce chip-off forensics. The reason being that it would not be able to recover any useful data. Here’s why:

The encryption used on these devices is the very same type of encryption used with Bitcoin. In other words, it would be 265-bit encryption that would be beyond the capabilities of the military and FBI to break or even crack a little bit.

The Super Computer

As an aside, I’d like to mention that IBM has developed a super computer – the first ever quantum computer – that will, believe it or not, soon start working on and possibly will be able to break those encryptions.

By the way, 256-bit encryption is the standard in use today by any of the countless competent mobile device manufacturers. They promote it as a privacy and security matter that is meant to protect your data. However, there are some knock-off offshore brands that may not use the 256 bit standard. The same situation exists with lesser known brands of SSD hard drives.

Back To My Point

What about those data recovery places that claim they are able to perform the extremely complex chip-off forensics technique? These would be the same companies that charge upwards of $5,000 to do this. Well, in reality, they are just blowing smoke. If anything, all they are capable of doing is fixing minor electronic issues on the motherboard such as a dead connection or dead capacitor.

I know that sounds harsh, but these companies exist and their goal is fueled by greed and not to provide you with the customer service you expect.

Your Course of Action

Here’s a warning for you. Before you turn to a data recovery centre that insists that they can perform chip-off forensics on iPhones that are 4+, this is what you should do: visit an advanced repair shop that has the ability to troubleshoot the motherboard. Hopefully, they will also be able to fix whatever problem they discover from that troubleshooting phase.

Bear in mind, this is not going to be a cheap fix. The average cost for this kind of work will be somewhere between $200 and $500. The upside to this is that you won’t be spending $5,000+ for services to your iPhone that are not physically possible to do.

That is why it is so important to learn more about what kinds of data recoveries are possible and what ones are not. Hopefully, I have been helping you to better understand that in some cases, data recovery is impossible even if you are being told that it can be done.

This post was written by Yevgeniy Kapishon. He is a data recovery engineer at ADRS® Aesonlabs Data Recovery Systems, blogger and a hardcore techno enthusiast living in Toronto, Canada. In his free time, he likes to wander and explore the back-alleys of his neighborhood with his best friend aka Cat by the name of Benjamin.


Kokou Adzo

Kokou Adzo is a stalwart in the tech journalism community, has been chronicling the ever-evolving world of Apple products and innovations for over a decade. As a Senior Author at Apple Gazette, Kokou combines a deep passion for technology with an innate ability to translate complex tech jargon into relatable insights for everyday users.

5 Comments

Your email address will not be published. Required fields are marked *

  1. Since the writing of this has the chip off technique changed on iPhone 4? Mines currently stuck in the connect to iTunes recovery mode loop after a failed update and I was going to try one of the data recovery firms. Besides being stuck in the “connect to iTunes” loop the phone was password locked (can’t access the home screen to unlock) which from reading here could cause an issue in data recovery, being encrypted?

    Have tried a few of the supposed successful apps to exit recovery mode but they don’t work either.

  2. This is a very well written article. It should though define “data recovery”. This could be extracting data from the device where the passcode is unknown, or more likely when the passcode is known but the device has a fault. I want to comment on the latter, for the former “data recovery” is not reasonably possible. I say reasonably as there is a case of using NAND mirroring which involves copying the raw data from the NAND, attempting passcodes until the device locks, then restoring the NAND from the mirror and repeating the process until the correct code is entered. This takes days on a 4-digit code but is possible. So good advice is use a 6 digit code.

    The article has great advice to go to a reputable repairer or microsolderer who can repair most defects at a logic board level. It should not cost more than $100 for most repairs. On some devices the fault is so severe, for example hard water damage or physical damage, that the device cannot be repaired. In such cases as long as a small number of components have survived they can be transplanted on to a donor board and the data can be recovered. I do this professionally, the 3 components are the CPU, NAND and Logic EEPROM. These 3 are used to maintain the encryption keys and are all needed to be able for the system (iphone) to boot to the passcode. The all data can be read and copied. This can be performed on ALL iphones up to the current Iphone 12 at the time of writing.

    Save yourself the expense of this though and make sure you have icloud backups turned on – that’s the best advice I can give.

  3. my iphone 7 plus was at full sotrage use. it got stuck on aple’s logo.. corrupted system.. won’t update from itunes or any of these softwares that claim so.. I want to take the Restore option as the last resource.. as my iphone is 128 gb space, would it be able to chip off remove the parts, copy to a 256 gb and then I’d try to do the update of the system and acess the files? Or is it possibledue to full capacity use, all data was automatically lost at all?
    thank you a lot in advance

  4. so for ANY kind of data recovering you always need a working original cpu from the iPhone? say the iPhone has a dead cpu (shorted internally by water damage, cracked chip, etc), then no data recovery is possible? even if you have the passcode?

    1. If you do not have the 3 working components I have mentioned then you cannot recover the data from the device. The encryption is very strong and cannot be broken. Information used to generate the keys is burnt into the CPU, so you need the original CPU. If all 3 are working you do need the pass code as well obviously.