From retailers to theme parks, restaurants and malls, one of the chief factors that fueled unparalleled excitement over beacons, is its ability to cater to the consumers’ desire to receive personalized, contextual offers and content on their mobile devices. According to a recent study by Research Now, a U.S based market research company, 72% of consumers agreed that receiving a relevant offer on their mobile device while shopping in-store would significantly influence their chances of making a purchase.
Despite all the attention from the tech world, beacons are yet to go mainstream because businesses have quite a few security concerns around beacons. While data breaches around credit card have tormented retailers for years, the issue around beacon security and privacy is comparatively new. And among the many questions being tossed around, the most common one would easily be ‘ How secure are beacons?’. In this post we are trying to break a few myths around beacon security and privacy. We also have a checklist at the end of this post that will help you assess beacon security.
Contrary to popular belief, beacons do not deliver offers or other content. They merely broadcast identifiers(Bluetooth Low Energy signals) that can be received by a mobile device. This identifier is made of three components that together create a beacon’s unique identity. They are:
– Universal Identifier (UUID) – This is a very large number that is unique to each organization. It helps them brand their beacons by ensuring that it doesn’t conflict with the UUID of another company. Thus, when it comes to large-scale beacon deployments, the mobile app of a particular organization will be programmed to discover only their beacons, while ignoring the rest.
– Major Number – This number is used to specify a related set of beacons. For example, in the case of retail stores, all beacons at a particular store will share the same major number.
– and Minor Number – This number is used to specify a particular beacon in a given location. For example, in the case of retail stores, beacons deployed in different departments of sections will have different minor numbers.
Now if the mobile device of a consumer has an app installed and designed to pick up the specific signal ID, it will trigger a set of actions such as sending a notification or navigating to a specific section of an app or finding the consumer’s exact location and directing him to the product that he has been looking for. In the absence of an app, no action will be performed. Beacons aim to provide contextually relevant information and experiences to consumers, in return for business intelligence.
Myth 2: Any beacon can be hacked easily
Agreed, Bluetooth Low Energy proximity solutions, come with a number of risks such as untrustworthiness of the mobile devices participating in the solution, device spoofing and man-in-the-middle interception. Similarly, despite the fact that UUIDs are unique to each organization, they do not play any role in the security strategy around beacons. Anyone equipped with a bluetooth discovery app or a bluetooth sniffer can discover the identifiers with great ease. However, this doesn’t make beacons insecure, but merely indicates misplaced security concerns.
Image Source: gevme.com
For example, a team from the Make magazine, cracked the CES Scavenger Hunt, a beacon powered app that was aimed at offering an engaging experience to visitors at the event. What shocked media the most was that not only did they manage to complete it before the show started, but also without being present at the venue physically. Though, it might seem as a major exploit at first glance, cracking it would have been pretty simple. For starters, the application file wasn’t encrypted. And this made it easy for them to discover the ID numbers of the beacons at the venue and spoof them.
Therefore, when it comes to developing apps for proximity solutions, you should incorporate a security model that addresses the common risks involved. Another important thing to note is that, the compensation security mechanism you employ should suit the concerned application. If the resources or assets at risk are minimal, then you can opt for a minimal security model. For example, in the case of CES Scavenger Hunt app,the company that provided the technology to support beacons, used an audit trail to validate the progress of the players based on time and location in order to ensure reasonably fair game play in a cost-effective manner. On the other hand, if there are a number of valuable assets then, you should definitely opt for a stringent security model.
Myth 3: Beacons can collect information about users without their permission
Beacons are incapable of tracking consumers as long as the consumers don’t enable location services on their mobile device. Moreover, users are also required to grant permission to each app before access to information. Therefore, in the case of beacons, users can control their privacy by granting or rejecting permissions to a particular app.
Myth 4: UUID is used to protect valuable resources or assets
As said before, UUIDs are unique to each organization, they do not play any role in the security strategy around beacons. Rather than being used as keys to unlock protected resources, identifiers should be used as one of the several other reference points that help determine proximity and location with great accuracy.
Therefore, in order to avoid broadcasting spoofed beacon data, it is highly important that your app verifies the beacon broadcast reception with other information such as GPS locations or a local Wi-Fi network. Doing so, allows you to enhance user interaction by effectively discovering micro locations using beacons.
Myth 5: Beacons have access to information on latitude and longitude
Beacons by themselves are equipped to broadcast identifiers alone. Only a mobile app can translate the identifiers in the beacon’s broadcast into a geographic location such as latitude and longitude, either using a mapping database or using GPS technology.
Myth 6: Beacons allow mobile devices to learn about other nearby devices
The functioning of beacons is based on a protocol that allows them to transmit identifiers that will be received by the mobile devices around. The same protocol doesn’t allow mobile devices to learn about or find other devices in the nearby area.
Changing the identifiers in a beacon broadcast to that of a competitor beacon can result in it acting as a potential advertising source for your competitor. Therefore, it is highly crucial that you avoid unauthorized access. Here is a checklist on the number of factors that a beacon should support to prevent unauthorized access.
1. Maintain a mechanism to detect unauthorized authentication attempts
When it comes to changing beacon settings, credentials play a very crucial role. Therefore merely making it difficult to connect to a beacon and change its settings is not enough. You need to set a complex password of sufficient length in order to prevent people from guessing it easily. Adding on to that, you can avoid brute password attacks by employing a mechanism to detect unauthorized authentication attempts and accordingly initiate progressively longer timeout periods between authentication attempts.
2. Each beacon should have a unique password
In order to avoid security breaches it is best to avoid allocating same or similar passwords to different beacons. Another important point to note is that, companies must take care to avoid deploying beacons using the default password provided by vendors.
3. Encrypt the major and minor numbers (payload) frequently
One of the best methods to obscure reverse engineering the major and minor values, is to encrypt the major and minor numbers frequently on a timely basis. In addition to that, when it comes to advanced beacon solutions you will need an enterprise caliber software platform to simultaneously change the value of the UUID along with that of the payload.
4. Provide a mechanism for updates
To keep your beacons safe from any security breaches, you must set up a mechanism that sends timely firmware updates and security notifications. Moreover, beacons must be capable of updating the software on their own.
Beaconstac makes it easy for brands to protect their infrastructure investment and prevent unauthorized third party use of their beacon network. If you plan to beacon-enable your existing/upcoming mobile app, use the Beaconstac SDK for iOS that will take care of the above mentioned security aspects.
If you are planning a beacon pilot, take a look at Beaconstac, that includes everything you need to get started. Using Beaconstac you can set up your own campaign, without a developer’s help!