Are there any security concerns where your iBeacon signal can be hijacked by another app (i.e. competitor or hacker)?? #iBeaconWebinar

  • 1
  • Question
  • Updated 4 years ago
  • Answered
  • (Edited)
Photo of Chip Hysler

Chip Hysler

  • 1 Post
  • 0 Reply Likes

Posted 4 years ago

  • 1
Photo of Mike Vartanian

Mike Vartanian

  • 9 Posts
  • 3 Reply Likes
Unencrypted beacons can be hijacked by another app... The iBeacon protocol does not provide encryption. #iBeaconWebinar
Photo of Matthew Gast

Matthew Gast

  • 284 Posts
  • 63 Reply Likes
We didn't go into great detail on the webinar, other than a statement that the protocol does not support cryptographic integrity.  Anybody is free to copy your numerical identifier (UUID+major+minor), so it may be important to cross-check a proximity location against other data before proceeding with a "trusted" transaction.
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Basically, you cannot do anything security sensitive based on proximity and can only use the information in an app as a guide or convenience feature to improve the user experience. Traversal of an actual security boundary must entirely rely on other means.