Industry

Enterprise Beacon Security & Eddystone-EID:  Table Stakes in IoT

Beacon usage continues to grow across retail and enterprise use cases from proximity marketing and micro-location services to RTLS-based way-finding, asset tracking and workforce optimization. However, one of the primary concerns of IoT and the beacon ecosystem is how to handle security at scale in these enterprise scenarios. Security can be split into two categories. These are hardware/firmware and beacon transmission validation(anti-spoofing).

What is hardware/firmware security?

Hardware/firmware security is the first level of protection required to keep the physical beacons safe and operational. This security measure protects the beacon hardware’s firmware from malicious access and-or modification of individual beacon configuration. A beacon’s configuration includes transmission power, rate, modulation, and broadcast frames which include – Eddystone-URL (Physical Web), Eddystone-UID, Eddystone-TLM, iBeacon, and Bluvision’s sBeacon. Just one malicious configuration adjustment can drastically impact a beacons’ operational lifespan. Furthermore, each and every-time a beacon is illegally tampered with, a technician and-or replacement beacon must be dispatched. This action drastically impacts the total cost of ownership of a beacon fleet.

Many of our novice competitors believe the answer to hardware/firmware security is “password” protection. Basic password protection does not scale. Imagine a typical enterprise scenario where a corporation has a fleet of 100,000+ beacons installed globally. The corporation uses thousands of technicians spread across multiple partners and-or system integrators to install and maintain beacon infrastructure. This high-risk scenario requires thousands of people have access to clear text passwords for access to each beacon. The cards are stacked against corporation’s security when it tries to leverage shared/distributed clear text passwords database for hardware protection. This will fail and fail often as employees and partners leak passwords. Bluvision does not believe in this approach, we believe in the cloud, fleet management, and encryption. Bluvision’s cloud-based solution secures each beacon from the time a beacon is born at the factory to the end of its operational life. Our cloud-based vault leverages unique public/private encryption keys for authentication to each beacon. Our solution was designed from the ground up to manage, monitor, and protect a beacon access in real-life, big business scenarios. Our BluFi(Bluetooth to WiFi) gateways, provisioning tools, and SDKs maintain the highest level of security protection at all times. Bluzone cloud does it the right way.

How to validate beacon transmissions? … Eddystone-EID

How do we know a beacon’s BLE transmission is valid and not being spoofed? This question is continually being asked by our customers who leverage Bluvision solutions in mission critical programs like retail, banking, entertainment, ticketing, manufacturing, transportation (airports, train stations), hospitality, digital signage, and more. If a beacon transmission can be hijacked, intercepted, spoofed, and-or used without consent, a beacon fleet can turn into a liability, spamming engine, and-or security risk. Here are some scenarios that can play out:

  1. Beacon Hijacking: A retail competitor could use a competitor’s beacons for counter promotion. You walk into Blue Café, and have installed the app for Green Café. Green Café can use Blue Café’s beacons to push you a discount for their coffee.
  2. Beacon Cloning & Impersonation: Beacons are also extensively being used for asset tracking in places like hospitals, airports, manufacturing sectors etc., to keep track of expensive, and valuable equipment/assets. Without security features and encryption, it is quite easy to mimic the deployed beacons in this area and remove the assets from the location.
  3. Beacon Spambot:  One of the widespread uses of beacons has been with contextual or proximity marketing in retail outlets, airports, restaurants, etc. These venues install beacons in their location and allow 3rd party vendors to send hyper-local marketing to their audience. With no security measures in place, regular vendors could send out spam messages rendering these beacons obsolete.

Bluvision has created many custom means for handling these scenarios based on client needs.  Bluvision has the ability to create encrypted and modulating BLE beacons for Eddystone and iBeacon protection. However, an agreed upon security standard/protocol is needed to get widespread adoption across mobile, application developers, and enterprise architectures. No enterprise wants to support one-offs or custom solution, it’s hard to do, hard to technically sponsor. Security customization generally increases cost of ownership and risk. This is why we are excited about Eddystone Ephemeral Identifiers. Eddystone’s Ephemeral Identifiers (Eddystone-EID) is sophisticated and proven approach to securing IoT implementations and beacon transmissions. It uses rotating ephemeral identifiers to broadcast a more secure signal/beacon transmission. Each signal is quickly validated to ensure authenticity and access control.

Eddystone-EID in combination with Google, gives the beacon ecosystem a common protocol/language for securing beacon interactions. Bluvision sees the Eddystone EID release as a solution accelerator. Why? Now we can focus on more complex IoT problems, value-adds, mobile experiences, and transactions. Eddystone-EID places less technical focus beacon security and more on delivering premiere value-add solutions. But what about iBeacon? Of course there are ways to encrypt and rotate Apple’s iBeacon frames but it is not native from Apple and doesn’t have the deep security capabilities that Eddystone EID brings.

Matthew JohnsonEnterprise Beacon Security & Eddystone-EID:  Table Stakes in IoT
read more

5 tips for airports to guarantee passenger satisfaction this holiday season

No comments

The days before Christmas eve (December 23rd) and New Years eve (December 30th) have been predicted to be the busiest travel days this year. Long distance travel is said to increase by 23 percent compared to the rest of the year. Add to this, snowstorms, extra cold weather and additional security measures, managing airport operations and ensuring passenger experience will literally be the ‘Nightmare before Christmas’ for airport officials. How is your team equipped to handle the extra traffic, long lines and chaos this holiday season?

According to a study, a satisfied passenger is defined as one who spends the shortest time from the curb to the gate. This means that airports have to focus on ensuring short wait times at check-in lanes, immigration and TSA, an easily navigable airport, on-time flights and an efficient baggage delivery system. The question is – how can airports achieve all of this amidst disruptions like weather, security issues, staffing problems, inoperable equipment and more than normal traffic? According to SITA’s 2015 Airport IT Trends survey, the answer lies in beacons that use Bluetooth LE technology. However, not many airports are using the technology to its full potential. Bluvision, apart from being the market leaders in beacons, is leading innovation in terms of indoor location with RTLS (real time location system) and ToF. Here are 5 tips on how your airport can use beacons to enrich passenger experience this holiday season:

(i) Monitor dwell times and Queue times: Knowing the wait times at check-ins, TSA, immigration and boarding can drastically change the quality of experience you provide to your passengers. Today’s passengers demand control of their journey. Empowering them with the knowledge of how long the wait times are can help set the expectations and help airports ease the bottlenecks by reassigning workforce.

(ii) Personalized Passenger experience: Any information that can be customized and catered specifically to a passenger will not just enrich their experience at your airport, but will also add to your operational efficiency. Bluzone gives you heat maps and visibility into passenger’s history of movement so you can provide customized information on flight delays, gate changes, baggage information, promotions to a previously visited store or food joint etc., to an individual.

(iii) Ensure your assets (personnel & equipment) are where they need to be: Do you know where your baggage carts, wheelchairs or personnel are at this precise minute? Having the right asset at the right place at the right time is crucial for the smooth flow of operations. Being able to track an individual or a cart in an airport is a herculean task but with Bluvision’s sophisticated tracking you can not just track your assets but do so remotely through their cloud solution.

(iv) Avoid lost capacity: Picture the chaos a failed motor in an escalator can cause during the peak traffic season. Motors fail. You cannot stop that from happening but you can predict when it is about to fail and take remedial actions to mitigate downtime. Again with Bluvision beacons and Bluzone, you can create user-defined policies and alerts to let you know when a motor is overheating or has slowed down and is showing signs of breaking down.

(v) Directional guides at airports: A simple yet invaluable information to equip your passengers with are path-finding solutions and directional guides. Information on how to navigate through the airport, how far they are to the gate, an F&B spot, or a retail outlet, not only help with frustration-free navigation but can also encourage non-aeronautical revenue for airports. This is also a great opportunity to use passenger’s proximity and location to push relevant promotions.

Airports are complex environments to begin with and the holidays just add to challenge of providing optimum passenger experience. However, gaining visibility to and understanding that long queues will happen, motors will fail and assets will be misplaced or go missing, and keeping the passenger informed will make the nightmare of travel a merry one for your passengers!

Sources:

Best and worst days for travel in 2015
US Holiday Travel

Editor Bluvision5 tips for airports to guarantee passenger satisfaction this holiday season
read more