In the early days of beacons, the software was written on top native scanning solutions built into iOS and Android. One of the first questions developers would ask about them were: is this secure? How do we make sure the user actually is next to the beacon? How do we make a deployment bulletproof? We designed our own tools that have been tested in the field by our largest customers. But we’ve come a long way since then. Now the backbone of our software consists of custom proximity technologies like Estimote Monitoring and the Proximity SDK. Our Proximity SDK’s hyper reliability, unlimited zones, and software defined range make it our core offering! And with this more sophisticated product comes the need for more sophisticated security and presence verification. That’s why today, we’re pleased to release Estimote Secure Monitoring.
So, how does it work?
Imagine you’ve built a beacon-based payment system for your train or bus, where you can automatically charge riders that are in the cab. Without security, it’s possible for somebody clever to spoof a train beacon, put it in our own Estimote lobby, and rack up fare charges every time you enter the Estimote office. Or think of it this way: automatic doors that open for you when you’re near and have a valid pass in the app. Without security, some could spoof a beacon and make the app believe you’re near the gate when you’re not, and the gate would open for a random stranger.
You need to protect the system against being gamed! You don’t want anyone to be able to clone your beacons with a Bluetooth sniffer, and then cost your business money without ever leaving their couch. This is where Estimote Secure Monitoring (ESM) comes in.
An Estimote Beacon with ESM broadcasts an encrypted sequence of bytes along with a value called the Shared Secret. Shared Secret is assigned to your beacon in Estimote Cloud and the Proximity SDK uses Estimote Cloud to resolve the encrypted broadcast. Additionally, the sequence of bytes is shuffled in constant intervals, around 10 minutes by default. We call that “packet rotation.” All of this means that only your app is able to decode what the beacon broadcasts and that the user needs to be physically present near the beacon. Even if they managed to clone it, the clone would become useless in a matter of mere minutes.
To enable Estimote Secure Monitoring, just follow the instructions here.
If you have any doubts or questions about ESM, share them on our forums, or feel free to drop us an email!