\nSpoofing<\/strong>– Spoofing a beacon allows someone to clone it, or in other words create a beacon with the same ID. When this happens, it allows someone else to take and send a beacon\u2019s signal in unattended places.
\nSpoofing example- A store entrance beacon that is triggering a welcome message could be copied by an attacker and replayed at the entrance to a train line. Consumers with the store app would receive the welcome message at the train entrance. Creating consumer annoyance and confusion.
\n
![\"Screen](\"https:\/\/dxjl3qy52c1o9.cloudfront.net\/wp-content\/uploads\/2016\/04\/05211501\/Screen-Shot-2016-03-30-at-10.04.29-PM.png\" "\\"\\"")
\nWhile most spoofing would end up being relatively harmless, Make Magazine used spoofing to win a scavenger hunt at CES 2014<\/a> and they weren\u2019t even present.
\nMalicious asset tracking<\/strong>– Asset tracking allows beacons to assist staff to quickly and accurately locate assets without having to search for them. If someone were to hack a beacon that was tracking an asset, they would gain the location of that asset. This could be especially harmful when assets are being shipped from one location to another.
\nMalicious asset tracking example- If a company were to track the arrival of their shipments via beacons, then a malicious hacker would known when a shipment has arrived. Potentially allowing them to steal a shipment.
\nReplay attacks<\/strong>– A replay attack allows an adversary to eavesdrop on the traffic, which gives them access to the data being recorded on the beacon network.
\nReplay attack example- If beacons in a retail environment were subject to a replay attack, an adversary would be able to see the interactions taking place with the beacon, giving them access to valuable consumer data.<\/p>\n
How does Eddystone-EID prevent these from happening?<\/h4>\n
Eddystone-EID takes advantage of something called rotating ephemeral identifiers(EIDs). In simple terms, the EID will rotate every broadcast with a different unique identifier. To anybody trying to track a beacon broadcasting with Eddystone-EID, the broadcast will appear random. This makes it where the beacon cannot be tracked\/spoofed. Since you are the only one who can see each of your beacon\u2019s broadcasts, this makes your beacons much more secure.<\/p>\n
Eddystone-EID opens up opportunity for more proximity campaigns<\/h4>\n
Security is a major concern for many adopters of beacons and the IoT in general. According to Jim Hunter from TechCrunch<\/a>, security is the second most important thing an IoT device needs (after enough power to function at all). Eddystone-EID allows companies to manage access to beacons for use-cases where privacy and security is a concern. This will allow for further implementation and innovation surrounding the proximity industry. This is a great step forward for IoT security. Proximity technology is growing fast and is being adopted by many different industries. A BI Intelligence<\/a> report predicted that beacons will directly influence over $44 billion worth of US retail sales in 2016. With growth like this, security will play a very important role in the long term success of not only beacons, but the IoT industry as a whole. As more companies like Google push to provide IoT security, we will begin to see more consumers and businesses trust the IoT and move to adopt this new technology. In July, Eddystone, an open beacon format from Google, was released with support for three frame types, Eddystone-UID, Eddystone-URL, and Eddystone-TLM. Due to the success and rapid adoption of these frame types, Google has now\u00a0released the technical specs on the fourth Eddystone frame type, Eddystone-EID. Eddystone-EID uses rotating ephemeral identifiers(EIDs) to broadcast a more secure […]<\/p>\n","protected":false},"author":8,"featured_media":9230,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15],"tags":[],"class_list":["post-9226","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog"],"_links":{"self":[{"href":"https:\/\/passkit.com\/blog\/wp-json\/wp\/v2\/posts\/9226","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/passkit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/passkit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/passkit.com\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/passkit.com\/blog\/wp-json\/wp\/v2\/comments?post=9226"}],"version-history":[{"count":0,"href":"https:\/\/passkit.com\/blog\/wp-json\/wp\/v2\/posts\/9226\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/passkit.com\/blog\/wp-json\/wp\/v2\/media\/9230"}],"wp:attachment":[{"href":"https:\/\/passkit.com\/blog\/wp-json\/wp\/v2\/media?parent=9226"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/passkit.com\/blog\/wp-json\/wp\/v2\/categories?post=9226"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/passkit.com\/blog\/wp-json\/wp\/v2\/tags?post=9226"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n![\"Hierarchy_of_Iot_Needs\"](\"https:\/\/dxjl3qy52c1o9.cloudfront.net\/wp-content\/uploads\/2016\/04\/05211454\/Hierarchy_of_Iot_Needs.png\" "\\"\\"")
<\/p>\nLooking ahead at IoT security<\/h4>\n
\nTo read more on Eddystone-EID, check out this post from the Google Developers Blog.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"