iBeacon, Eddystone, Bluetooth, IoT sensor beacons, apps, platforms
If you are considering developing Bluetooth LE on Android, you should take a look at Stuart Kent’s Android Bluetooth Low Energy Resources on GitHub. He provides lots of links to introductions, videos, libraries, guides, questions on Stack Overflow and example app source code.
If you need more information take a look at the Android section of the BluetoothLE Wiki. If you need to rely on background processing read Don’t Kill My App.
If you have upgraded to Android 10 then you will find you are asked whether particular apps, especially those using maps or Bluetooth, can use Location permission (all the time, only while using the app or Deny). Something like:
You will find that this screen appears, for each app using Location, at a seemingly random time. Why is this? Why do apps you haven’t just started suddenly ask for the permission? What are they doing? How should you answer?
The change of Android location permissions to include ‘only while using the app’ is part of Android 10. For app architectural purposes, some apps get location or Bluetooth scan in an Android Service that runs in background. This Service can be started and stopped by the Android OS according to whether the OS needs resources and also when an app is upgraded. The starting of the Service might cause it to get location or do an initial Bluetooth scan, as part of startup, even though the app isn’t going to use this information. These things used to be transparent but now have the knock on affect of causing the OS to ask for the first-time permission seemingly at a random time.
If, for example in the above BBC Weather app, you need the app to show the latest weather for a location on a widget or otherwise use location-related data in background then select ‘Allow all the time’. Otherwise select ‘Allow only while using the app’. Beware of selecting ‘Deny’ as it’s likely it might cause the app to malfunction in some way.
Our empirical experiences are that Android 10 background restrictions do actually noticeably improve battery life, unlike previous Android ‘Doze’ and App Standby restrictions that seemed to create pain and no gain.
Pinpoint is a new platform and app to provide learning, safety and operational tasks to workers. Pin points based on beacons, geofences, QR codes or captured images trigger pre-defined tasks.
Pinpoint has been added to the BeaconZone Solutions Directory
A large number of Bluetooth LE apps don’t work on Android 10 because of a bug in permissions in Android 10 (API 29). This affects nearly all manufacturer apps used for setting up beacons or using Bluetooth LE devices. The only apps that will work are those that have very recently been developed and target Android 10.
Android 10 introduced the requirement to have the ACCESS_FINE_LOCATION permission when targeting (written for) Android 10. Older apps targeting previous versions of Android should not have been affected but, due to a bug, they no longer work.
App developers can make their app work by adding the permission. Note that the permission must also also be prompted for from the user using the request permission mechanism. Alternatively the user can set manually via Settings -> Apps & Notifications -> Your App Name -> Permissions.
If you are a user and need to use a particular app then you will need to use a device having an Android version prior to Android 10. Alternatively, use the iOS app version if possible.
This issue has been has been detected by us on build QP1A.190711.020 and QP1A.191005.007.A1 and is perhaps related to issue 136774949. We expect it to be fixed in the future via an Android OS update.
LiteBeacon Proximity Marketing App provides Android app source code and server php source code to implement a proximity marketing system. It creates ad campaigns with Firebase push notifications and has a visual advert composer. Compatible with iBeacon and Eddystone.
Read about Beacons for Marketing
As we have previously mentioned, nRF Connect is the the best app for detecting if a Bluetooth LE device such as a beacon is working. The Android version has always had more features than the iOS version but that is changing. nRF Connect for iOS has been completely re-written and now has a very pretty UI.
We still recommend using the Android rather than the iOS version because iOS apps can’t see Bluetooth MAC addresses due to some peculiar decisions made by people at Apple. Scanning also can’t see an iBeacon UUID, major and minor in the advertising. It’s more difficult to uniquely identify Bluetooth devices in apps such as nRF Connect on iOS than it is on Android.
EgiGeoZone Geofence is a useful app for Android with over 10,000 users that allows you set up triggering based on location. There’s also a Bluetooth version that allows triggering in the vincinity of iBeacons.
The app is also open source on GitHub. Note that the app doesn’t yet work with the Android 8.0 background changes. The author is hoping someone else will fork the code and keep the app alive.
The Register has an article Brilliant Boston boffins blow big borehole in Bluetooth’s ballyhooed barricades: MAC addy randomization broken.
Beneath the hyperbolic alliteration is some research (pdf) that Bluetooth MAC randomization isn’t foolproof. Researchers have found that similarities between the non-MAC information in advertising allows devices to be uniquely identified:
“What is perhaps even more concerning, say the Boston Uni trio, is the message Bluetooth vendors are putting out to the public when they advertise Bluetooth LE as being an untrackable standard.”
In actual fact, very few vendors do MAC randomization. The majority of beacon manufacturers don’t because the whole idea of a beacon is that it can be identified via MAC address or iBeacon id. For the same reason, most Bluetooth accessories don’t as they want to be identified via apps. Android smartphones don’t do MAC randomization but iOS and Windows 10 do to improve end-user privacy. It’s mainly iOS devices that will be moving around and possibly tracked in-store or on-site via the ‘vulnerability’ described in the paper.
A problem with many IoT projects is the need to connect the device to WiFi. It’s a ‘chicken and egg‘ situation in that you need to connect to the device in order to set the WiFi settings but you can’t connect because you aren’t WiFi connected. This is usually solved in one of two ways. The first relies on a WPS button on the WiFi router which sets it into a mode where it will accept a new device without the user having to enter or select anything. Security flaws in WPS and the possibility of anyone pressing the WPS button mean this isn’t a great solution for IoT applications. The second method involves the IoT device itself acting as a WiFi router in ‘station mode’ while the user on a phone, laptop or other device connects and uses a http web interface to set the WiFi settings and reboot. Upon reboot, it’s no longer in station mode and connects to the assigned access point. However, users need simpler mechanisms.
Android used to support WPS but this has been deprecated in favour Wi-Fi Easy Connect. The latest Android Q documentation explains that the Wi-Fi Direct connection information (a URI) needs to reach the device somehow such as through a QR Code scan NFC receipt or a Bluetooth scan. Hence, it’s possible for an unprovisioned device to be scanning for a particular beacon that provides a connection URI that’s used for provisioning the WiFi. This allows retailers’ Android apps or Android IoT devices to easily connect to location-specific WiFi.
The API mentions that Easy Connect does not require Location or Wi-Fi permissions which is a bit misleading. It will need the Location permission if you use a Bluetooth scan to provision.
Amazon has recently announced support for Bluetooth Low Energy in Amazon FreeRTOS. Amazon FreeRTOS is an IoT operating system for microcontrollers. Support for Bluetooth LE allows you to see Bluetooth devices and extract sensor data. Amazon’s implementation also allows you to subscribe to MQTT topics over Bluetooth Low Energy through an iOS or Android mobile device.
There’s an example how to Perform OTA Updates on Espressif ESP32 using Amazon FreeRTOS Bluetooth Low Energy. It shows how to connect Amazon FreeRTOS devices using Bluetooth Low Energy to AWS IoT Core via Android and iOS devices.