LiteBeacon Proximity Marketing App provides Android app source code and server php source code to implement a proximity marketing system. It creates ad campaigns with Firebase push notifications and has a visual advert composer. Compatible with iBeacon and Eddystone.
As we have previously mentioned, nRF Connect is the the best app for detecting if a Bluetooth LE device such as a beacon is working. The Android version has always had more features than the iOS version but that is changing. nRF Connect for iOS has been completely re-written and now has a very pretty UI.
We still recommend using the Android rather than the iOS version because iOS apps can’t see Bluetooth MAC addresses due to some peculiar decisions made by people at Apple. Scanning also can’t see an iBeacon UUID, major and minor in the advertising. It’s more difficult to uniquely identify Bluetooth devices in apps such as nRF Connect on iOS than it is on Android.
DE-TASK is a task management app (source code) that uses Firebase. Create users, locations, beacons and tasks and assign users to tasks. When users enter an area the app detects the associated beacon and they are notified about the tasks.
EgiGeoZone Geofence is a useful app for Android with over 10,000 users that allows you set up triggering based on location. There’s also a Bluetooth version that allows triggering in the vincinity of iBeacons.
The app is also open source on GitHub. Note that the app doesn’t yet work with the Android 8.0 background changes. The author is hoping someone else will fork the code and keep the app alive.
Beneath the hyperbolic alliteration is some research (pdf) that Bluetooth MAC randomization isn’t foolproof. Researchers have found that similarities between the non-MAC information in advertising allows devices to be uniquely identified:
“What is perhaps even more concerning, say the Boston Uni trio, is the message Bluetooth vendors are putting out to the public when they advertise Bluetooth LE as being an untrackable standard.”
In actual fact, very few vendors do MAC randomization. The majority of beacon manufacturers don’t because the whole idea of a beacon is that it can be identified via MAC address or iBeacon id. For the same reason, most Bluetooth accessories don’t as they want to be identified via apps. Android smartphones don’t do MAC randomization but iOS and Windows 10 do to improve end-user privacy. It’s mainly iOS devices that will be moving around and possibly tracked in-store or on-site via the ‘vulnerability’ described in the paper.
A problem with many IoT projects is the need to connect the device to WiFi. It’s a ‘chicken and egg‘ situation in that you need to connect to the device in order to set the WiFi settings but you can’t connect because you aren’t WiFi connected. This is usually solved in one of two ways. The first relies on a WPS button on the WiFi router which sets it into a mode where it will accept a new device without the user having to enter or select anything. Security flaws in WPS and the possibility of anyone pressing the WPS button mean this isn’t a great solution for IoT applications. The second method involves the IoT device itself acting as a WiFi router in ‘station mode’ while the user on a phone, laptop or other device connects and uses a http web interface to set the WiFi settings and reboot. Upon reboot, it’s no longer in station mode and connects to the assigned access point. However, users need simpler mechanisms.
Android used to support WPS but this has been deprecated in favour Wi-Fi Easy Connect. The latest Android Q documentation explains that the Wi-Fi Direct connection information (a URI) needs to reach the device somehow such as through a QR Code scan NFC receipt or a Bluetooth scan. Hence, it’s possible for an unprovisioned device to be scanning for a particular beacon that provides a connection URI that’s used for provisioning the WiFi. This allows retailers’ Android apps or Android IoT devices to easily connect to location-specific WiFi.
The API mentions that Easy Connect does not require Location or Wi-Fi permissions which is a bit misleading. It will need the Location permission if you use a Bluetooth scan to provision.
Amazon has recently announced support for Bluetooth Low Energy in Amazon FreeRTOS. Amazon FreeRTOS is an IoT operating system for microcontrollers. Support for Bluetooth LE allows you to see Bluetooth devices and extract sensor data. Amazon’s implementation also allows you to subscribe to MQTT topics over Bluetooth Low Energy through an iOS or Android mobile device.
There’s an example how to Perform OTA Updates on Espressif ESP32 using Amazon FreeRTOS Bluetooth Low Energy. It shows how to connect Amazon FreeRTOS devices using Bluetooth Low Energy to AWS IoT Core via Android and iOS devices.
Shiny is a Xamarin framework (iOS, Android and UWP) library for backgrounding and device hardware services that has recently added support for beacons. The library has recently been updated to support beacon ranging and monitoring.