The recent Super Bowl may have been a snoozefest for American viewers, many of whom likely tuned out as scoring got out of hand. But the game’s venue, MetLife Stadium, was the biggest proving ground so far for a potentially revolutionary technology – iBeacons, small sensors that communicate with mobile devices via Bluetooth Low Energy to deliver context-aware notifications and advertisements.
The NFL isn’t the only organization getting in on the location sensor craze, either. Major League Baseball plans to roll out its own iBeacons for Opening Day 2014, and retailers are keen to use them to gather richer information about how shoppers move about stores. Similar solutions such as the Estimote have also attracted significant developer interest, underscoring how individual smartphones and tablets will increasingly be integrated into complex, contextual networks.
While consumers may get access to more closely targeted offers, organizations will accumulate much larger, more granular troves of data than ever before. A user’s device could essentially become a homing beacon, and as such a particularly appealing attack surface for anyone who would compromise communication between iBeacons and smartphones and tablets. Getting a handle on sensor privacy may be the first major challenge of the Internet of Everything era for the security community.
How iBeacons work and why consumers should care
The rapid proliferation of smartphones means that millions of individuals now have a fast, Bluetooth-enabled device in their pocket, opening up a number of new contextual connectivity possibilities for brick-and-mortar businesses. When Apple unveiled iOS 7 last summer, it included support for iBeacons, making millions of iOS devices compatible with the indoor positioning system, which can be installed in supermarkets, retail outlets or any other establishment.
Despite the name, iBeacons aren’t proprietary technology – they’re built on top of open standard Bluetooth aerials, and Android devices running OS version 4.3 or later can pick up the same signals. Still, the most prominent iBeacon installations before the Super Bowl were at Apple Stores, wherein users who had installed the corresponding mobile app could receive in-store notifications. Information could range from product reviews to alerts about upgrade eligibility.
Grocery store chains have also been early adopters of the technology, using it to push coupons and discounts to customers. IBeacons pick up users’ locations, creating unique marketing opportunities such as giving out free merchandise only to patrons within a specific area.
“This has the potential to disrupt the retail experience as we know it,” InMarket CEO Todd Dipaola told AppleInsider. “Think about all of the benefits of online shopping, but applied to the real world. Shopping list reminders, specific coupons tailored to things you like, eventually mobile checkout. We’re in the top of the first inning right now with iBeacon.”
At the Super Bowl, iPhone owners who had installed the NFL Mobile app could receive notifications about NFL merchandise, in-stadium attractions or notably short concession lines. So far, the requirement that users install a particular app before tapping into iBeacon services is probably a good thing, since it makes information sharing opt-in rather than opt-out.
However, that only papers-over the fundamental risks of the technology – namely, that message broadcasts could be intercepted, or twisted to deliver malware instead of notifications. On top of that, sensors have the potential to collect an enormous amount of information, in a world in which even something as simple as a loyalty card can store sensitive data, as was demonstrated by Target discovering that a girl was pregnant before her father knew in 2012.
The risks of iBeacon come from its openness
Privacy advocates have already expressed concern about iBeacons, raising the prospect of businesses trying to map relationships between users that visit similar locations, or bombarding them with excessive advertisements. Companies have insisted that they will respect user privacy, and that people will eventually realize that handing over location data is an acceptable price for better offers.
Certainly, location technology has been around for a while in the form of Wi-Fi access points and GPS, but iBeacons bring something new to the table. They provide more precise data than WAPs, transmit signals that travel indoors much better than GPS and are more cost-effective than both. At the same time, BLE technology isn’t always accurate and can pick up lots of interference, yet this is unlikely to deter stores from rolling them out to learn more about customers.
It’s these retailers that are most likely to run into trouble with iBeacons, given the high data security and privacy regulations that they must adhere to. Contextual notifications are perfect for a public park or museum, but in commercial setting it’s easy to foresee a slippery slope of overzealous advertisements and persistent tracking. Speaking to The New York Times, Electronic Privacy Information Center executive director Marc Rotenberg worried that users wouldn’t know what information is being collected, nor how it was being used.
On a technical level, the open nature of iBeacons could make them into conduits for leaky or malicious applications and messages. Combined with location awareness, this porousness could open up new attack surfaces on mobile devices if not properly addressed.
“iBeacon’s fundamentally open design means that any mobile app could be designed to pick up a retailer’s location broadcast, including apps developed by competitors or unscrupulous third party developers,” observed Swirl CEO Hilmi Ozguc in a guest post for VentureBeat. “These apps could use that broadcast information to locate and track a user, possibly without [his/her] permission.”
The easiest way for consumers to stay safe is to opt-out of notifications by simply not installing the mobile app needed to access a particular store’s iBeacon services. This won’t be a realistic option for all users, however, so the onus is on stores to ensure that signals are encrypted and well monitored. Retailers such as Macy’s and Shopkick have already rolled out iBeacon implementations that appear to be secure, demonstrating that there’s hope for scrupulous use of this technology. The larger issue, though, may be giving users more transparency about how data is being used once collected – lengthy Terms of Service agreements aren’t always the ideal way to get this message across, and with more information being accumulated organizations should step up and offer insight into what they do with it.