Enterprise Beacon Security & Eddystone-EID:  Table Stakes in IoT

Beacon usage continues to grow across retail and enterprise use cases from proximity marketing and micro-location services to RTLS-based way-finding, asset tracking and workforce optimization. However, one of the primary concerns of IoT and the beacon ecosystem is how to handle security at scale in these enterprise scenarios. Security can be split into two categories. These are hardware/firmware and beacon transmission validation(anti-spoofing).

What is hardware/firmware security?

Hardware/firmware security is the first level of protection required to keep the physical beacons safe and operational. This security measure protects the beacon hardware’s firmware from malicious access and-or modification of individual beacon configuration. A beacon’s configuration includes transmission power, rate, modulation, and broadcast frames which include – Eddystone-URL (Physical Web), Eddystone-UID, Eddystone-TLM, iBeacon, and Bluvision’s sBeacon. Just one malicious configuration adjustment can drastically impact a beacons’ operational lifespan. Furthermore, each and every-time a beacon is illegally tampered with, a technician and-or replacement beacon must be dispatched. This action drastically impacts the total cost of ownership of a beacon fleet.

Many of our novice competitors believe the answer to hardware/firmware security is “password” protection. Basic password protection does not scale. Imagine a typical enterprise scenario where a corporation has a fleet of 100,000+ beacons installed globally. The corporation uses thousands of technicians spread across multiple partners and-or system integrators to install and maintain beacon infrastructure. This high-risk scenario requires thousands of people have access to clear text passwords for access to each beacon. The cards are stacked against corporation’s security when it tries to leverage shared/distributed clear text passwords database for hardware protection. This will fail and fail often as employees and partners leak passwords. Bluvision does not believe in this approach, we believe in the cloud, fleet management, and encryption. Bluvision’s cloud-based solution secures each beacon from the time a beacon is born at the factory to the end of its operational life. Our cloud-based vault leverages unique public/private encryption keys for authentication to each beacon. Our solution was designed from the ground up to manage, monitor, and protect a beacon access in real-life, big business scenarios. Our BluFi(Bluetooth to WiFi) gateways, provisioning tools, and SDKs maintain the highest level of security protection at all times. Bluzone cloud does it the right way.

How to validate beacon transmissions? … Eddystone-EID

How do we know a beacon’s BLE transmission is valid and not being spoofed? This question is continually being asked by our customers who leverage Bluvision solutions in mission critical programs like retail, banking, entertainment, ticketing, manufacturing, transportation (airports, train stations), hospitality, digital signage, and more. If a beacon transmission can be hijacked, intercepted, spoofed, and-or used without consent, a beacon fleet can turn into a liability, spamming engine, and-or security risk. Here are some scenarios that can play out:

  1. Beacon Hijacking: A retail competitor could use a competitor’s beacons for counter promotion. You walk into Blue Café, and have installed the app for Green Café. Green Café can use Blue Café’s beacons to push you a discount for their coffee.
  2. Beacon Cloning & Impersonation: Beacons are also extensively being used for asset tracking in places like hospitals, airports, manufacturing sectors etc., to keep track of expensive, and valuable equipment/assets. Without security features and encryption, it is quite easy to mimic the deployed beacons in this area and remove the assets from the location.
  3. Beacon Spambot:  One of the widespread uses of beacons has been with contextual or proximity marketing in retail outlets, airports, restaurants, etc. These venues install beacons in their location and allow 3rd party vendors to send hyper-local marketing to their audience. With no security measures in place, regular vendors could send out spam messages rendering these beacons obsolete.

Bluvision has created many custom means for handling these scenarios based on client needs.  Bluvision has the ability to create encrypted and modulating BLE beacons for Eddystone and iBeacon protection. However, an agreed upon security standard/protocol is needed to get widespread adoption across mobile, application developers, and enterprise architectures. No enterprise wants to support one-offs or custom solution, it’s hard to do, hard to technically sponsor. Security customization generally increases cost of ownership and risk. This is why we are excited about Eddystone Ephemeral Identifiers. Eddystone’s Ephemeral Identifiers (Eddystone-EID) is sophisticated and proven approach to securing IoT implementations and beacon transmissions. It uses rotating ephemeral identifiers to broadcast a more secure signal/beacon transmission. Each signal is quickly validated to ensure authenticity and access control.

Eddystone-EID in combination with Google, gives the beacon ecosystem a common protocol/language for securing beacon interactions. Bluvision sees the Eddystone EID release as a solution accelerator. Why? Now we can focus on more complex IoT problems, value-adds, mobile experiences, and transactions. Eddystone-EID places less technical focus beacon security and more on delivering premiere value-add solutions. But what about iBeacon? Of course there are ways to encrypt and rotate Apple’s iBeacon frames but it is not native from Apple and doesn’t have the deep security capabilities that Eddystone EID brings.

Matthew JohnsonEnterprise Beacon Security & Eddystone-EID:  Table Stakes in IoT
read more

5 Reasons why Eddystone will revolutionize mobile and IOT


Bluvision is very bullish on the potential of the Internet of Things, proximity technology, BLE, sensors and beacons.  This “proximity-aware ecosystem” within IOT isn’t only about beacons however; it’s about creating real value-driven solutions.  The market demands these solutions be “simple, but powerful.”   This is exactly what Eddystone is designed to do and why Bluvision has chosen to integrate Eddystone across our solutions.  Here are 5 reasons why Eddystone will revolutionize mobile experiences and IOT: 

1. Eddystone – It’s truly an extensible BLE format

Eddystone is an open, scalable BLE beacon format that allows developers to create contextually aware experiences on both Android and iOS devices.  Eddystone devices have the ability to do many things at the same time.  This is possible because Eddystone supports multiple types of broadcast signals, or in BLE terms, “frames”.  Eddystone’s multi-frame support is major differentiator between the Eddystone and Apple’s single-frame iBeacon.  Here is a summary Eddystone frames:

  • Eddystone-URL (Physical Web) – This frame broadcasts URLs, allowing BLE devices to emit URL links to about location specific content.
  • Eddystone-UID – Broadcasts specific unique identifiers which native applications listen for to trigger context-aware notifications and deliver proximity-aware user experiences.
  • Eddystone-TLM – Broadcast telemetry information such as battery information, temperature, and many more.

2. Eddystone-URL & Physical Web – It’s all about the URLs and Mass Adoption

Eddystone’s biggest differentiator is the Physical Web support via Eddystone-URL.  Physical Web is an open source solution created by Google to enable the discovery of URLs or Links based on nearby beacons.  Why is Physical Web and Eddystone-URL so important?  The answer is: It’s simple.  Physical Web addresses questions that people have every day; “What is really nearby, not 5 kilometers away?”.   Physical Web helps solve the problem of inaccurate local search.  How many times have you been in an unfamiliar location and get frustrated trying to find something nearby?  Sound familiar? This is a common problem as 50% of all local searches are performed on mobile devices.  Physical Web with Eddystone enhances accuracy and relevancy of local search and discovery activities. Now places like local restaurants, airports, hotels, bus stops, train stations, coffee shops, schools, museums, and parks can be “proximity aware” without having a native app.  They can rely on Eddystone-URL devices as a new means of promoting awareness via mobile web.  85% of time spent on mobile devices is spent using, on average, five apps. This means the majority of businesses, especial those that are small or medium sized, don’t have the budget, audience, or content to become a core app on a mobile device.  Physical Web gives the global audience a new tool to promote their web sites (URLs) in a new way – the browser.

Physical Web and Eddystone-URL also provide these other benefits and capabilities:

  • Easy to integrate – URLs are ubiquitous and easy to manage
  • URLS are easy to measure & optimize – Leverage existing web analytics and optimization tools to measure performance.
  • Physical Web helps increase app downloads – Create localized landing pages that promote your native apps capabilities and value.
  • Create Immersive Mobile Web Experiences– Utilize localized URLs as entry triggers for making mobile web experiences more relevant and contextual.
  • It’s Global – URLs can used anywhere

3. Android. Android. Android.

Eddystone is the long awaited beacon solution that provides Android support.   Official Android support has been a large barrier to beacon/sensor adoption by many developers, businesses, and brands worldwide in regards to proximity experiences and/or marketing.   Bluvision provides Android iBeacon support, but many technology leaders, CIOs, CTOs, and developers have discussed their reluctance to integrate iBeacons into their solutions because they perceive iBeacon as iOS only.  Eddystone provides a simple, consistent, and reliable beacon framework allows the global Android community to develop a broad spectrum of proximity solutions. 

Eddystone aligns nicely with the Google’s Android One project.  Android One is the global smartphone/hardware reference platform that requires bluetooth low energy support on each device.  The Android One spec targets entry level smart devices worldwide.  Android One target growth countries including India, China, Pakistan, Brazil, and many others.  These markets dramatically increases the total possible audience for Eddystone driven solutions. 

4. Eddystone-TLM – IoT’s Secret Weapon

Eddystone-TLM (Telemetry) provides new ways to combine the power of IoT and mobile.   Eddystone-TLM initially provides the means to broadcast sensor data such as temperature and battery level. This is only the beginning, though.  In the future, Eddystone-TLM has the ability add more sensors data types to its TLM broadcasts.  Today,  Bluvision provides beacons with integrated accelerometers, light sensors, and magnetometers.   We transmit this data using our “sBeacon” protocol and utilize our Bluzone cloud to collect and analyze sensor data for our enterprise customers.  We are currently investigating how to use utilize Eddystone-TLM as an additional broadcast medium for our sensor data.   Telemetry broadcasts transform beacons into smart sensors and provide the ability to transmit basic beacon information, such as an ID, but also real-time environmental conditions around the object or location.  Today, developers have the power to create experiences based on actual beacon movement, temperature, and light level.  For example, imagine if a smart beacon is attached to a bus, train, outdoor vending machine, door,  etc. Now you have the ability to personalize the experience based on temperature (hot, cold); time of day (night, morning, afternoon); movement (starting to move, in constant motion, stopped, stopping); etc. This fundamentally changes ways in which users will interact with IoT- enabled devices.

5. Eddystone – Cross Platform, Simultaneously

Eddystone officially supports Android and iOS platforms.     Bluvision already supports and has released Eddystone-compatible SDKs for iOS, Android, and iBeacon.  Now corporations and developers have all the tools needed to develop and deploy beacon solutions on both platforms utilizing a mature set of SDKs and cloud based tools.  Utilizing Bluvision beacons and sensors, you now have the power to deploy beacons and solutions with Eddystone and iBeacon simultaneously.

Eddystone is here and Bluvision is excited to provide Eddystone support throughout our tools, platform and SDK

Matthew Johnson5 Reasons why Eddystone will revolutionize mobile and IOT
read more