At Estimote we take security of beacon infrastructure very seriously. Early on we introduced Secure UUID on top of iBeacon to prevent malicious use and spoofing of beacons. Many of our large enterprise customers and retailers are using it to make their infrastructure more secure.
Today we’re excited to announce extended security support for Eddystone, a new open BLE beacon format introduced by Google last year. To make Eddystone more secure, Google is releasing Ephemeral Identifiers (EIDs): a feature for encrypting beacon’s broadcast to prevent spoofing and piggybacking, which uses a similar rotating encryption scheme to what we offer for iBeacon. You can read more about it on Google’s blog.
EIDs are supported by recently launched Estimote Location Beacons. You can order them here.
Why do Estimote Beacons need Ephemeral IDs?
Beacons work by broadcasting their IDs over the air. If the ID is not encrypted, anyone with a Bluetooth device could just sniff it out and spoof (clone) your beacons. Imagine that you have a loyalty program for frequent visitors to your venue. With a spoofed beacon, someone could keep scoring rewards without leaving their couch. Piggybacking is even worse: it’s when your competitor integrates your beacons in their app, so that anytime someone visits your location, the competitor’s app notifies them about a special deal somewhere else.
Not cool, right? We’ve thought a lot about protecting against those threats. iBeacon users can prevent them with Estimote Secure UUID. It is already a part of some of the world’s largest iBeacon deployments to date. But what if you’re not using iBeacon but Eddystone instead? That’s where EIDs come in. Below we describe EIDs in more detail. If you’re not yet familiar with how Eddystone works, first take a look at our Developer Portal.
In theory, Eddystone-EID is the fourth frame supported by the Eddystone protocol, alongside Eddystone-UID, Eddystone-URL, and Eddystone-TLM. With our implementation, you can think of it more as a security plugin to Eddystone-UID. To use EIDs, Estimote Beacons need to be registered in Google Cloud. Then, if EIDs are enabled, beacons will not broadcast their real Namespace and Instance values. Instead, they will transmit seemingly random IDs, changing them on regular intervals. To resolve the real Eddystone-UID (combination of Namespace and Instance) you need to use an SDK from Estimote or Google. Every time your app receives an encrypted ID, it will fetch data from Google Proximity Beacon API associated with the real ID. Since connection is authorized and encrypted, you don’t need to worry about someone else being able to identify your beacons.
Sounds familiar? That’s because it is: rotating and ephemeral are effectively the same method. Secure UUID protects iBeacon by randomizing the UUID, Major, and Minor. Ephemeral IDs do the same for Eddystone beacons. If you want to learn more, visit our Knowledge Base.
How to turn on Ephemeral IDs in Eddystone
To enable EIDs on Estimote Location Beacons, you will need to do that via Estimote SDK or via Google Proximity Beacon API and Eddystone GATT Service coming in the next firmware release. Head to our Developer Portal for in-depth tutorial.
Please note that EIDs require an internet connection to work since Estimote’s SDK needs to send a request to the cloud to resolve the real Eddystone-UID. Also, Ephemeral ID only encrypts Eddystone-UID: it does not cover Eddystone-URL.
If you have any questions about Ephemeral ID or beacon security, find us on Twitter or shoot us an email.
Wojtek Borowicz, Community Evangelist at Estimote