ibeacon Spoofing Security and Privacy Implications of ibeacon Technology Karan Singhal

Similar documents
ARUBA LOCATION SERVICES

A Simple Smart Shopping Application Using Android Based Bluetooth Beacons (IoT)

Comparison ibeacon VS Smart Antenna

Senion IPS 101. An introduction to Indoor Positioning Systems

The definitive guide for purchasing Bluetooth Low Energy (BLE) Beacons at scale

DYNAMIC BLUETOOTH BEACONS FOR PEOPLE WITH DISABILITIES

USER GUIDE CUBEACON TOOLS MOBILE ANDROID APP

How to implement proximity marketing campaigns without an app

Beacons Proximity UUID, Major, Minor, Transmission Power, and Interval values made easy

1. Product Introduction FeasyBeacons are designed by Shenzhen Feasycom Technology Co., Ltd which has the typical models as below showing: Model FSC-BP

IoT. Indoor Positioning with BLE Beacons. Author: Uday Agarwal

eventzee Scavenger Hunt Guide

Round shape, white case with 3M adhesive sticker, including 2pcs ER12450 battery and industrial package, special for indoor location, RoHS

Indoor Positioning 101 TECHNICAL)WHITEPAPER) SenionLab)AB) Teknikringen)7) 583)30)Linköping)Sweden)

CSRmesh Beacon management and Asset Tracking Muhammad Ulislam Field Applications Engineer, Staff, Qualcomm Atheros, Inc.

Paper number ITS-EU-SP0127. Experimenting Bluetooth beacon infrastructure in urban transportation

Splunking ibeacon (BLE) for Profit and Pleasure

Hack Your Ride With Beacon Technology!

Pervasive Indoor Localization and Tracking Based on Fingerprinting. Gary Chan Professor, CSE HKUST

CYBER SECURITY GUIDELINES FOR COMPUTER BASED GAMING APPLICATIONS

DocuSign for ios: For Field Sales & Field Services

Enhancing Bluetooth Location Services with Direction Finding

Design of MDM System using BLE Beacon and Extended Kalman Filter

Pixie Location of Things Platform Introduction

Apple created ibeacons utilizing Bluetooth low-energy (BLE) technology, offering a new

Concept of the application supporting blind and visually impaired people in public transport

Geo-fence Tracking Device User Manual

Beacon Indoor Navigation System. Group 14 Andre Compagno, EE. Josh Facchinello, CpE. Jonathan Mejias, EE. Pedro Perez, EE.

Technical Disclosure Commons

AP Computer Science Principles

of Nebraska - Lincoln

IOT: IMPACT OF THE PHYSICAL WEB AND BEACONS

TRBOnet Mobile. User Guide. for ios. Version 1.8. Internet. US Office Neocom Software Jog Road, Suite 202 Delray Beach, FL 33446, USA

A CASE FOR CONNECTION:

Introduction to Mobile Sensing Technology

Smart Beacon Management with BlueRange

THE BASICS OF BEACONS

THE ETHERNIA PROJECT

TaleBlazer: Using ibeacons for Indoor Location-Based Augmented Reality Games. Ellen Yongin Finch

Running head: THE IMPACT OF COMPUTER ENGINEERING 1

AIMICT.ORG AIMICT Newsletter

International Journal of Scientific & Engineering Research Volume 8, Issue 5, May ISSN

INTRODUCTION CHAPTER 1 CRITIQUING DESIGN Practice Questions CHAPTER 2 DESIGNING A DESKTOP APPLICATION... 21

Introduction. What is Kraken Coin. Why invest in Kraken Coin

Lecture 7 Ethics, Privacy, and Politics in the Age of Data

Always stay in touch with your home!

MOBILE COMPUTING 1/29/18. Cellular Positioning: Cell ID. Cellular Positioning - Cell ID with TA. CSE 40814/60814 Spring 2018

ibeacons Bible 1.0 For the latest version of this document, please visit

WELLCORE R ibeacon Series

BTLE beacon for 8262 DECT handset Engineering Rules

Bluetooth Low Energy Sensing Technology for Proximity Construction Applications

Indoor Navigation System with Beacons

Workplace Service. Contents

FastPass A Harmonized Modular Reference System for Automated Border Crossing (ABC)

SHOPPING IN MOTION HOW POSITIONING, INDOOR NAVIGATION AND PERSONALIZED MOBILE MARKETING SET STATIONARY TRADE IN MOTION.

Parents Guide to Fortnite

Catalog

TABLE OF CONTENTS. Introduction 1. Abstract 3. Features 5. What makes the DixiHub project different 6. The Gaming Industry 8. Roadmap 9.

COMPATIBILITY TESTING FOR MOBILE GAMES

Using ibeacon for Intelligent In-Room Presence Detection

On Practical Selective Jamming of Bluetooth Low Energy Advertising

Accurate Real-time Indoor Navigation

A Beacon of Hope: The Event Intelligence Revolution

1.1. INTRODUCTION PURPOSE COIN SPECIFICATION ALGORITHM COIN TYPE MASTERNODE FEATURES

Book Searching Navigation in Libraries Based on ibeacon Technology

BI TRENDS FOR Data De-silofication: The Secret to Success in the Analytics Economy

Table of Contents. Introduction 3. How it Works 4. Who Can Benefit From GPT Sites 5. Getting Started 6

PEAK GAMES IMPLEMENTS VOLTDB FOR REAL-TIME SEGMENTATION & PERSONALIZATION

Make Your Local Government A Lean, Green, Constituent-Centric Machine

Aruba Beacons Validated Reference Design

clash of clans gem hack download no survey mac ACCESS GENERATOR HERE

Presented by JOHN RAVLIC Ravim RBC

idocent: Indoor Digital Orientation Communication and Enabling Navigational Technology

Evaluating the Impact of Malicious Spoofing Attacks on Bluetooth Low Energy Based Occupancy Detection Systems

PS4 Remote Play review: No Farewell to Arms, but a Moveable Feast

SHOP&NAV: ibeacon based indoor assistance and Navigation System

Project Marvin: A Social Networking Program for Android

How to Pair AbiBird Sensor with App and Account

River slots app download

11 ASTONISHINGLY SIMPLE WAYS TO ATTRACT CUSTOMERS USING POKÉMON GO

GOOD GAME PLATFORM GAMING IS ALWAYS BETTER WITH FRIENDS

WHITE PAPER A Global Crypto currency

Decentralized Protocol for Self-Sovereign Identities with Embedded Compliance

Design and Implementation of Distress Prevention System using a Beacon

Experimental Evaluation of Precision of a Proximity-based Indoor Positioning System

PSoC Academy: How to Create a PSoC BLE Android App Lesson 9: BLE Robot Schematic 1

20 WAYS TO IMPROVE YOUR FINANCES IN UNDER 20 MINUTES

User Guide. PTT Radio Application. ios. Release 8.3

Performance Evaluation of Beacons for Indoor Localization in Smart Buildings

NETWORK CONNECTIVITY FOR IoT. Hari Balakrishnan. Lecture #5 6.S062 Mobile and Sensor Computing Spring 2017

Specification history

How to Configure ibeacons in Jamf Pro

Lavalier microphone for smartphones USER MANUAL

QuizeRo - Recipe for a successful QR-Code Scavenger hunt

Healthcare Solutions

Q1 Under the subject "Future of Work and the New Economy", which topics do you find important?

SPTF: Smart Photo-Tagging Framework on Smart Phones

Beacons Collect Information from Users : Unpacking People s Misunderstandings of Bluetooth Beacon Technology

08/2017 Technical application guide EINSTONE module Light is OSRAM

5 Drawing Management Mistakes You re Making. And How to Avoid Them

Transcription:

ibeacon Spoofing Security and Privacy Implications of ibeacon Technology Karan Singhal ABSTRACT Apple introduced ibeacons with ios 7, revolutionizing the way our phones interact with real- life places and objects. ibeacons leverage Bluetooth Low Energy (BLE) to broadcast a unique identifier and two 8- bit integers known as the major and minor numbers. These components are used to identify the ibeacon. Typical use cases include indoor micro- location and interaction with real- world objects. However, it is trivial to spoof a beacon by broadcasting the same UUID and same major and minor numbers. Thus, Apple stresses that ibeacons should not be used to transfer sensitive details such as credit card information they should only be used for identification of objects or places. To safeguard against spoofing, beacon detection can be verified by additional security measures (such as physically scanning a QR code). Apart from the security implications of using an easily spoofable Bluetooth signal, ibeacons also create a privacy concern. As an example, retail stores could tag products with ibeacons and record which users pick up which products. They could later use this data to create targeted advertisements or track your location in their store. My research shows that current ibeacon implementations in the wild are not widely used for sensitive data, limiting the potential motivation for exploiters. However, the privacy concerns with the platform are warranted and could result in dire consequences.

INTRODUCTION On June 10 th, 2013 Apple released ios 7 and unveiled ibeacons to the world. For many developers, this was a new and unique way to integrate real world objects into mobile applications. Apple provided ranging, proximity, and many other algorithms which abstracted away the complexities of finding or advertising Bluetooth Low Energy (BLE) devices. Because this technology is backward compatible to the iphone 4S, support and implementation occurred rapidly. Just a few months later, on July 24 th, 2013 Google released Android 4.3, with support for Bluetooth Low Energy in the central role and provides APIs that apps can use to discover devices, query for services, and read/write characteristics. 1 With both major smartphone platforms able to detect and broadcast as ibeacons, the adoption of ibeacon technology is on the rise. Of course, in order for any of the myriad of ibeacon applications to work, there has to be a beacon broadcasting. Any compatible device can be used 1 "Bluetooth Low Energy." Android Developers. Google Inc. Web. 1 Dec. 2014. <https://developer.android.com/guide/topics/connectivity/bluetooth- le.html>.

as a broadcasting ibeacon, and there are a growing number of companies that manufacture BLE hardware. Retail stores, supermarkets, and many other businesses are finding innovative ways to improve their customer experience by integrating ibeacons. The possibilities are endless airports are integrating ibeacons to save passengers time and money. 2 Simply by walking up to a checkpoint, your smartphone would recognize an ibeacon and automatically pull up your boarding pass. By walking by a currency exchange counter you could qualify for a special discount that other travelers would never receive. The possibilities for innovative ibeacon implementations are endless, but the security and privacy concerns could be immense as well. TO THE COMMUNITY 2 Virgin Atlantic Unveils New Airport Terminal Experience Powered by Apple's IBeacon." AppleInsider, 2 May 2014. Web. 2 Dec. 2014. <http://appleinsider.com/articles/14/05/02/virgin- atlantic- unveils- new- airport- terminal- experience- powered- by- apples- ibeacon>.

Since the release of ibeacon, over 270 million iphones 3 have been sold all compatible with the Bluetooth 4.0 standard, and thus ibeacon- enabled. When combined with BLE- capable Android devices, the number of ibeacon- capable smartphones is staggering. Since each of these devices can download and install applications that interact with beacons, most smartphone owners today could be vulnerable to security and privacy concerns of ibeacon. Common use cases of ibeacons typically employ the technology to facilitate indoor micro- location. Sometimes, the detection of a beacon is used to push special discounts or offers to the user if they pass a certain virtual checkpoints. In these scenarios, someone can simply spoof the ibeacon by using their own hardware and broadcasting the same UUID, major number, and minor number to their device thereby bypassing the purpose of the promotion. I believe that this specific ibeacon security issue has the greatest potential for abuse. 3 "Apple IPhone: Global Sales 2007-2014, by Quarter." Statista. Web. 2 Dec. 2014. <http://www.statista.com/statistics/263401/global- apple- iphone- sales- since- 3rd- quarter- 2007/>.

Here follows an example of a possible way to abuse this system. A new application called Howler is leveraging ibeacon technology to create realtime deals, notifications, and opportunities delivered directly to your device from businesses within eye sight. 4 Their cloud server accumulates this data and charges their business partners on a per- visit basis. It would be trivial to replicate the ibeacon from any given business and have your smartphone discover it several times, thereby causing Howler to charge the business for these fake visits. From a privacy viewpoint, ibeacons have a potential for abuse as well. Any interaction that an application has with an ibeacon can be recorded. This means, for example, that the retail store application that helps you find the right aisle in their store using indoor ibeacon micro- location can track your location. VULNERABILITIES AND DEFENSES 4 http://www.howler.at/

In 2014, the Consumer Electronics Show (CES) hosted a scavenger hunt that used ibeacon technology. They placed 9 ibeacons around the building, and offered a reward to those who could locate them all. Alsaidar Allan and Sandeep Mistry from Makezine outline an innovative way to win the hunt, without ever having to go to CES. 5 In their article, they demonstrate how someone can duplicate the ibeacons, set up some BLE hardware broadcasting identically to the 9 official beacons, and claim the prize from anywhere in the world. To do so, they downloaded the Android version of the CES mobile application and decompiled it. Without too much digging they were able to find the UUID with which the beacons were broadcasting, because the application must know the UUID to recognize and identify the beacons. The decompiled source also shows the minor numbers that the app was waiting to recognize (major number was ignored in the Android CES ibeacon implementation). Instead of decompiling the application, Apple notes that since a beacon device is advertising using BLE, it is possible for the UUID to be sniffed off the air and once that UUID is 5 Allan, Alasdair, and Sandeep Mistry. "Hacking the CES Scavenger Hunt." Makezine. 3 Jan. 2014. Web. 2 Dec. 2014. <http://makezine.com/2014/01/03/hacking- the- ces- scavenger- hunt/>.

known, it could be used by other apps. 6 Now, they could simply set up 9 custom beacons that spoof the official beacons, and their phone would recognize them. The CES mobile application then presents them with the prize. This example clearly depicts the biggest security flaw with ibeacons since the UUID and major and minor numbers have to be specified in order to find beacons, the source code gives away all three. Anybody can replicate any beacon from the comfort of their home and claim discounts, prizes, or other rewards, bypassing the intended goal of the promotion. So how do you safeguard against this vulnerability? The most practical way is to do a physical verification check that is similar to two- factor authentication (which is becoming a standard for OAuth and other forms of virtual authentication). For example, the CES application could have prompted the user to scan a QR code or enter a secret number written next to each of the CES beacons. This would verify that the user was actually on 6 "Getting Started with IBeacon." Apple Developer. Apple Inc., 2 June 2014. Web. 1 Dec. 2014. <https://developer.apple.com/ibeacon/getting- Started- with- ibeacon.pdf>.

location (or at worst he received the code/number from a friend there), so the risk of a spoofing attack could be significantly mitigated. Of course, physical verification doesn t eliminate the risk, but it removes the low- hanging fruit and deters hacking hobbyists from trying to exploit an ibeacon implementation. From the privacy standpoint there is only one real option that keeps your ibeacon interactions from being used maliciously but it is only possible on ios and comes with a big tradeoff. ibeacon applications will not work until the user allows the application to use Bluetooth. This is Apple s implementation and it appears as a simple popup that occurs when the application tries to use Bluetooth. Users can simply accept or deny the request. Of course, if you deny the request you miss out on the significant benefits of the technology.

SUMMARY All in all, ibeacons are an innovative and useful tool to integrate smartphone apps with the real world. Developers implementing ibeacon functionality must be extremely careful not to transfer sensitive data using ibeacons, or use physical verification to supplement the ibeacon transaction. The main vulnerability of ibeacon devices is the ability to spoof them using your own hardware and bypass their intended purpose. Implementing physical verification in addition to ibeacons can mitigate this risk. The privacy concerns cannot be overlooked either your interaction with ibeacons can be recorded by the application, and this data could be used to track your location without your knowledge or consent. It is very common and easy to overlook Apple s warning that the application uses Bluetooth, so users may be unaware that their application uses ibeacons at all, and that is the only safeguard preventing your privacy from being invaded. Users should take steps to be informed about why applications want to use their location or their devices Bluetooth capabilities and should trust the applications they approve to do so.

SUPPORTING MATERIAL Provided alongside this article is the source code for the ibeacon pairing component in an ios application that uses ibeacon technology to pair two devices. The full source code can be provided upon request. This is a proof of concept of the physical verification step that could mitigate the risk of a spoof attack. This application (SpotLight Parking) provides an on- demand valet service to park your car. A customer requests a valet at a specific location and drives there. Upon arrival, the customer s iphone looks for the valet s iphone, which is broadcasting as an ibeacon. When found, it prompts the user to enter a 4- digit verification code that is located on the valet s application and changes for each request. This step ensures that nobody can masquerade as a valet and steal the customer s car.

REFERENCES [1] "Getting Started with IBeacon." Apple Developer. Apple Inc., 2 June 2014. Web. 1 Dec. 2014. <https://developer.apple.com/ibeacon/getting- Started- with- ibeacon.pdf>. [2] "Apple IPhone: Global Sales 2007-2014, by Quarter." Statista. Web. 2 Dec. 2014. <http://www.statista.com/statistics/263401/global- apple- iphone- sales- since- 3rd- quarter- 2007/>. [3] "Bluetooth Low Energy." Android Developers. Google Inc. Web. 1 Dec. 2014. <https://developer.android.com/guide/topics/connectivity/bluetooth- le.html>. [4] Virgin Atlantic Unveils New Airport Terminal Experience Powered by Apple's IBeacon." AppleInsider, 2 May 2014. Web. 2 Dec. 2014. <http://appleinsider.com/articles/14/05/02/virgin- atlantic- unveils- new- airport- terminal- experience- powered- by- apples- ibeacon>. [5] "IBeacon Security Part 2: Beacon Privacy and Security." Twocanoes, 29 May 2014. Web. 2 Dec. 2014. <http://blog.twocanoes.com/post/87320735638/ibeacon- security- part- 2- beacon- privacy- and>. [6] Allan, Alasdair, and Sandeep Mistry. "Hacking the CES Scavenger Hunt." Makezine. 3 Jan. 2014. Web. 2 Dec. 2014. <http://makezine.com/2014/01/03/hacking- the- ces- scavenger- hunt/>.

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback