Apple AirTag and Samsung SmartTag Security

The new paper Securing the Invisible Thread: A Comprehensive Analysis of BLE Tracker Security in Apple AirTags and Samsung SmartTags by Hosam Alamleh, Michael Gogarty, David Ruddell, and Ali Abdullah S. AlQahtani, looks into the security of Bluetooth Low Energy (BLE) trackers, particularly Apple AirTags and Samsung SmartTags. The research identifies a broad range of attack vectors, including physical tampering, firmware exploitation, signal spoofing and cloud-related vulnerabilities. It examines the security measures and cryptographic methods used in these devices, revealing that while they provide considerable utility, they also introduce significant security risks.

Apple AirTags and Samsung SmartTags differ in their approach to security and privacy. Apple prioritises user privacy, leading to authentication challenges and successful AirTag spoofing instances. Samsung’s design aims to prevent beacon spoofing but raises concerns about cloud security and privacy. The study highlights the trade-off between battery life and security in the design of Bluetooth trackers, noting the absence of secure boot processes as a vulnerability.

The paper concludes that future developments in Bluetooth tracking technology will likely focus on enhancing security features. This is crucial as these devices become more integrated into the IoT ecosystem and subject to evolving privacy regulations. The research underscores the importance of addressing the security challenges presented by BLE trackers to balance functionality and security in next-generation systems.

Beacon Settings for Asset Tracking

Bluetooth beacons are increasingly being used for asset tracking. Their use in this context differs significantly from their conventional role of in-app triggering. In asset tracking, gateways rather than smartphones are used as detection devices, requiring different configurations for optimum efficiency.

iGS03E Bluetooth to Ethernet gateway

Changing Bluetooth beacon settings requires the manufacturer’s specific application custom-tailored for their devices. These apps adjust the beacon parameters according to specific needs.

A most important setting when using beacons for asset tracking involves is the advertising period. This is the time interval between the broadcasted signals. In the the app detection usecase, a frequent advertising period is required to ensure constant detection by nearby smartphones and particularly for iOS. However, in asset tracking, the scenario is different.

Since gateways, not smartphones, are used for detection, a lower advertising period, ranging from 1 to 10 seconds, is sufficient. Less frequent advertising has the advantage of conserving the beacon’s battery life. It also ensures the server isn’t flooded with duplicate data.

The beacon’s advertising type is another key consideration. iBeacon or Eddystone UIDs are usually used for detection by smartphones due to their compatibility and detection by mobile operating systems. However, when using gateways and servers, the Bluetooth MAC address of the beacon is usually used for identification. Consequently, any advertising type can be selected, eliminating the need for specific compatibility.

Where multiple advertising types are available, it’s essential to ensure that only one advertising type is selected. Even though gateways can utilise any advertising type, using multiple types simultaneously can lead to increased energy consumption by the beacon and more redundant data at the server.

Bluetooth for Locating

The Bluetooth SIG, the organisation that produces Bluetooth standards, has a recent post The Myths & Facts About Bluetooth Technology as a Positioning Radio. It talks about the location services in general and how they have evolved over time. It explains how Bluetooth helps solve key enterprise pain points to save tens to hundreds of billions of dollars globally through enhanced operational efficiencies, increased worker safety, and loss prevention.

In manufacturing facilities, billions of dollars are lost through unplanned downtime thanks to being unable to locate assets, tools, and equipment. In warehouses, RTLS can help automate the tracking of assets, such as pallets, which is becoming more essential with the ever-increasing size, complexity, and amount of assets stored

Despite the gains thus far, this only represents as small proportion of the opportunity because only a very small percentage of the potential addressable market in the enterprise is using RTLS.

The article continues with a summary of the myths we covered in a previous post.

ABI Research expects that will be a 2.5x increase in total Bluetooth RTLS deployments over the next five years, with the fastest growing segments being healthcare, warehouse and logistics, manufacturing and smart building.

Asset Tracking For Manufacturers

Today’s just-in-time and busy manufacturing processes means that manual tracking of pallets for inbound and outbound shipments often can’t keep pace with the speed of production. Production and assembly requires the quick locating of components. Delays and inaccuracies due to lost components lead to increased costs, employee frustration and ultimately customer disappointment.

Competitive pressures are also driving the need to reduce labour thus reducing the capacity to manually search for items. Customisation using configured options and demand-driven production is also increasing the degree of inbound component searching that exacerbates the problems.

Even those companies using legacy tracking solutions find that location is only as good as the last barcode or RFID scan. Humans get lazy, make mistakes and don’t scan, causing pallets, crates and boxes to get lost. Many RFID readers don’t work reliably near metal components. Relying on a system that can’t find just a few items can be worse that a manual system that works but is slower. Bluetooth asset tracking solves these problems because the location is automatically collected in real-time and is continually updated.

Asset tracking can be applied to items such as components, pallets, cases, tools, returnable assets such as racks and cages as well as items on loan to ensure they are returned on time. It can improve worker safety and provide alerts in cases of congestion, perimeter deviation and lone worker distress. It can ensure forklifts are being fully utilised, are taking an optimum route, haven’t crashed into racking and haven’t gone out of an area.

The real-time visibility allows connected systems to generate confirmation and exception alerts and automatically trigger shipping processes, replacing costly manual workflows. Tracking outputs also allows confirmation that the correct things are loaded on the correct transport.

A Bluetooth-based real time location system (RTLS) increases visibility and allows the manufacturing process to adapt in real-time to short term business needs. It provides cost savings, greater efficiency and business intelligence that can be used to derive larger scale changes based on data rather than gut instinct. Overall reporting of input and outputs provides input to management reporting to monitor the business.

Read about BeaconRTLS™
Read about PrecisionRTLS™

New Beacon Usecases

When we started BeaconZone, our aim was to encourage new scenarios beyond the over-hyped and under-successful retail marketing scenarios. 

One of the issues with retail marketing with beacons is that it requires opt-in through the installation of an app. This is a large barrier if you are considering users who are ambivalent about using specific apps and beacons. The only way it’s usually viable is if you are a large brand who already has an app on customers’ smartphones.

The more interesting and successful uses of beacons involve scenarios that are ‘want-in’ or B2B rather than consumer ‘opt-in’. Here are just a few examples of where our beacons are being used:

  • Policing. There’s a move to what’s called evidence-based policing requiring proof of which police have visited which locations. Trials are taking place to replace paper based reporting with beacon-based automation.
  • Tours. Beacons have been purchased for use on guided walks and with museum information kiosks.
  • The Elderly. Several of our our customers are using beacons to keep track of elderly people in care homes and hospitals.
  • Smart Offices. Several of our customers are using beacons to enable the whereabouts of workers and equipment in smart offices including read time monitoring of room occupancy. We also have clients using beacons with checkin/out type applications.
  • Asset Tracking. We have two large-instrument manufacturer are using beacons for tracking assets. We also have a customer using beacons and gateways to track bicycles. Our beacons are also being used extensively at many sites that track location using Motorola TRBOnet two-way radio.
  • Events. Our long range beacons are being used outside for tracking BMX bike trials and power efficient beacons inside large arena events.
  • Gaming. Ingress players use our beacons.
  • Automotive. A large UK car manufacturer is using our beacons. Another customer, an undertaker, is using beacons with a car driving monitor app to log the time spent driving.
  • Security. Our beacons are being used in security systems at several sites including lone worker SOS scenarios.
  • Utilities. One of the largest UK water authorities is investigating the use of sensor beacons.
  • Insurance. We have customers using beacons for in-car presence detection.
  • Health. Our beacons are being used in apps/systems that help visibly impaired people find their way around buildings. Sensor beacons are being used in hospitals to monitor the temperature of refrigerated medicines.
  • Research. Our beacons have also been purchased by Google, Mozilla and many UK universities for use on their research projects.

Beacons have a multitude of further real uses waiting to be explored and exploited.

What are Beacons?

Ways to Use Beacons

Factory Asset Tracking

It’s interesting how many of our clients come to us with a problem to solve and in talking through possible solutions they often suddenly have the thought, ‘That’s IoT isn’t it?’. They weren’t looking for an IoT or Industry 4.0 solution but they got there by a different route. Indeed, it’s always best to start by solving problems rather than trying to fit technology into existing processes.

So what are the typical problems in factories? While companies usually have systems to take orders and invoice for them, what goes on in between is often a manual paper process. Knowing where an order is physically and hence how far it has been completed often requires lots of ringing round. Similarly, there are usually problems finding parts for jobs. Parts arrive in boxes or in pallets and are stored somewhere pending jobs. Finding the right pallet or box on a large site can be a challenge. It might be in storage, already on the factory floor somewhere or in transit between areas. Sometimes, delicate parts might be left in the wrong places and spoil due to excess humidity or in some cases incorrect temperature. Expensive tools and equipment tends to be shared between work areas and this can also get mislaid, lost or stolen.

All these problems cause delays in production, reduced productivity, incur penalties or future lost orders due to delayed work and cause employee frustration.

The solution is to better track jobs, parts, sub-assemblies and shared valuable tools so that they can be located on factory plans. This tracking needs to be continuous and real-time because merely scanning things in/out using barcodes is open to human error and location is otherwise only as good as the last scan. Historical data shows where things have been in the past. Analysis of this data allows blockages to be identified so that the process as a whole can be refined to improve efficiency and production.

The result is reduced downtime, less time re-ordering or re-making things that have been lost, optimum productivity and better use of skilled staff doing their job rather than searching for things.

Read about Beacons in Industry and the 4th Industrial Revolution (4IR)

Learn about Asset and Pallet Tracking for Manufacturers



IoT Priority and Asset Tracking

Gartner has a new report Hype Cycle for the Internet of Things 2019, in which they say:

“The Priority Matrix shows that many IoT technologies are 5 years from mainstream adoption. However only one innovation profile will reach maturity in 2 years, indoor location for assets.

So why is ‘indoor location for assets’ more likely to achieve mainstream adoption sooner than other technologies? It’s because there are clear benefits for most companies and off-the-shelf software such as our BeaconRTLS™ is already available.

Our work with companies shows they are nevertheless cautious. Companies are taking time to understand the competing asset tracking technologies and are performing, sometimes lengthy, trials to determine how new systems will integrate with existing systems. They are considering the implications of SAAS vs on-premise solutions, the availability of second-sourced beacon hardware and the compromises of accuracy vs system complexity and cost.

Reducing Asset Redundancy Using Beacons

There are many industries where the inability to find assets leads to the requirement to have many more of those assets. This is especially so in areas, such as hospitals, where not finding things can cost lives.

It also tends to be the case that such urgently required items are also expensive as they are critical pieces of equipment. When equipment is very expensive, lack of redundancy can end up causing key staff spending their time finding things rather than doing their main job.

Even when not finding things isn’t mission critical, a lot of time, human effort and hence cost can be wasted if assets aren’t available. Examples include vehicles in fleet management, tools in construction and equipment in manufacturing.

Beacons and locating systems allow you to reduce asset redundancy, save costs and make working processes more efficient.

Using Beacons, iBeacons for Real-time Locating Systems (RTLS)