People are increasingly aware of, and concerned about, security—in particular, their privacy in both the physical and the digital world. The term “privacy” alludes to various types of issues, depending upon the context. One privacy issue concerns the possibility of being tracked “where you go” in the physical world without your awareness or consent. “Where you go” could mean the places you drive or the route you walk.

There is a capability within Bluetooth® technology concerned with safeguarding your privacy as it relates to any physical route you travel. This capability has been available since the release of the Bluetooth 4.0 core specification and the introduction of Bluetooth Smart. We’ve recently made some improvements to it in version 4.2.

Before looking at the Bluetooth Smart privacy feature, let’s examine the issue. To illustrate the risk of being tracked, we’ll first look at an example involving issues concerning wireless connectivity and privacy that potentially could happen today.

Imagine spending a day in various parts of your local town or city, visiting shops, having lunch with a friend and seeing a doctor before returning home. Your smartphone is in your pocket helping you navigate your day. If you’ve been using a hotspot to gain high-speed access to the web, chances are your phone has been broadcasting its MAC address to connect to those wireless networks. The MAC address is synonymous with your phone—and potentially “you”—and goes with you as you travel. It’s possible for malicious devices, hidden away in the environment, to receive these messages and log the date, time, location and MAC address in some remote web server. All that needs to be done now is linking the MAC address to your personal identity and that’s it…you’re being tracked.

Bluetooth® technology, on the other hand, is different.

Bluetooth Smart peripherals, such as activity trackers, announce their presence to other devices through a process known as advertising. Bluetooth Smart advertising packets also contain a MAC address to identify the device. To safeguard user privacy, manufacturers can make use of a Bluetooth Smart feature known as Bluetooth LE Privacy. This feature causes the MAC address within the advertising packets to be replaced with a random value that changes at timing intervals determined by the manufacturer. Any malicious device(s), placed at intervals along your travel route, would not be able to determine that the series of different, randomly generated MAC addresses received from your device actually relates to the same physical device. It actually looks like a series of different devices, thus, it will not be possible to track you using the advertised MAC address.

When Bluetooth LE Privacy is in use and advertising packets contain randomly generated MAC addresses disguising your device’s identity, the real MAC address remains hidden away. But what use is this if the outside world sees your device as having a different address?

The answer lies in the Bluetooth pairing process—Bluetooth® users are familiar with this process. Pairing indicates you trust the other device and want to interact with it. For example, if you pair your activity tracker with your phone, from that point on, the phone will have a special, trusted relationship with the tracker. What happens is much more involved but after pairing, the two devices will possess various encryption keys, one of which is concerned with privacy. This key is called the Identity Resolution Key (IRK). IRK allows the first device to translate those special, random MAC addresses which appear in the advertising packets from the second device, to the real MAC address in the second device. This capability is only in devices you have explicitly trusted.

Everything I’ve described about Bluetooth Smart privacy so far has been in place since the first release of Bluetooth Smart in version 4.0 of the core specification. So, what changed in 4.2?

In general, those random, private MAC addresses change according to a timer that the manufacturer implements in their product’s firmware. As such, they know exactly how often the MAC address will change. But there’s one special situation designed to make it possible for devices that have previously connected with each other to reconnect really quickly, where that timer is not used.

Devices may perform something known as “directed advertising.” In directed advertising, the advertising packets indicate both the MAC address of the device doing the advertising and the MAC address of the device being advertised to. This is like sending an invitation to a specific device with which you’ve had a previous relationship saying, “Hey, if you’re there, please reconnect to me!” The MAC address used by the advertising device is a random address if LE privacy is in use but for this situation, it’s a special type of private address called a “reconnection address.” Reconnection addresses differ from the private addresses used in other circumstances in that, they do change but not by a timer. Instead, a user’s actions, like switching the device on and off or the establishment of a new connection, triggers the change of address. In order to provide manufacturers more options, Bluetooth 4.2 now allows private reconnection addresses to also change to a new, random address using the same timer-based mechanism so manufacturers have complete control over how their product behaves with respect to privacy and private addresses.

Resolution of private addresses using the cryptographic IRK key back to the device’s real MAC address is now much faster and much more power efficient because it takes place in the Controller and not the Host in the Bluetooth® Smart architecture.

All in all, with release 4.2, we’ve made Bluetooth Smart Privacy both smarter and faster!

FEATURED INFOGRAPHIC

Build a Smarter Building with Blue

See new data on how building with blue can increase reliability, reduce costs, and enhance the ROI of smart building solutions.

SEE THE INFOGRAPHIC

10 Must-See Networked Lighting Control Resources From 2021

Bluetooth® networked lighting control systems feature an intelligent network of individually addressable and sensor-rich…

Adopting AoA Direction Finding Provides a High-Precision Location Experience

From general proximity solutions to high-precision positioning, Bluetooth® technology provides a range of reliable…

Audio Industry Braces for Bluetooth Audio Sharing in 2021

Highly anticipated, Bluetooth® Audio Sharing will be a new, global consumer service that will…

A Preview of the Next Generation Assistive Listening System

Watch Chuck Sabin outline the key use cases Bluetooth® Audio Sharing will enable and…

The Need for Inclusion & Audio Accessibility for All

Watch Linda Kozma-Spytek, Senior Research Audiologist in the Technology Access Program, and co-director of…

Highly Scalable and Reliable, the Decentralised Approach to Lighting Controls for Smart Buildings

Since the light bulb was invented, one of the first things people asked was,…

Meeting Energy-Saving Needs of Today and Beyond with Bluetooth® Mesh

How can building owners and facilities managers make future-proofing decisions today that will enable…

Hands-On Debug of an LE Audio Stream

Join Ellisys for a 30-minute informative webinar to learn about Bluetooth LE Audio and…

Digital Key Builds on Past Practices to Create a More Secure Future

This excerpt was taken from an article that was recently published on helpnetsecurity.com. Too…

Getting Started With Bluetooth For High Precision Indoor Positioning

This white paper provides an introduction to Bluetooth high precision indoor positioning, explores what…

IoT, BLE Enable Emergency Response to Cardiac Arrests

HeartHero’s mobile automated external defibrillator, which comes with NB-IoT, GPS and Bluetooth Low Energy,…

Bluetooth Range and Reliability: Myth vs Fact

As Bluetooth is becoming more and more ubiquitous in smart homes, buildings, and factories,…

The 2021 State of Sound Report

The State of Sound Report is an annual study featuring research insights based on…

Mobile Access Senior Living White Paper

How advanced access technologies are working to equip senior citizens, their communities and facilities…

Achieving Room-Level Medical Device Tracking Using Bluetooth Low Energy Solutions

For healthcare providers, improving quality of care, reducing costs, and increasing patient satisfaction are…

Disneyland Resort App Offers Even More Magic, More Convenience at Your Fingertips

Earlier this spring, the Disneyland Resort introduced a new online check-in service for our…

Bluetooth Low Energy Uses Phase Finding for Affordable RTLS Applications

Link Labs’ AirFinder Onsite solution provides low-cost indoor location, with BLE tags identifying where…

WiFi Or Bluetooth Beacons For Indoor Location?

We weigh the pros and cons of WiFi & Beacon technology for location-based services,…

SmartShepherd Improves Scalability For Their Smart Farming IoT Applications With Cassia’s Bluetooth Gateways

Learn how SmartShepherd partnered with Cassia Networks to enable real-time tracking and monitoring of…

2021 Bluetooth Market Update

Supported by updated forecasts from ABI Research and insights from several other analyst firms, the Bluetooth Market Update highlights the latest Bluetooth trends and forecasts.

How Bluetooth® Technology is Enabling Safe Return Strategies in a COVID-19 Era

This report shares insight into how Bluetooth® technology is being leveraged by organizations of all sizes to…

Designing and Developing Bluetooth® Internet Gateways

Learn about Bluetooth internet gateways, how to make them secure and scalable, and design and implement your own working prototype gateway and web application for use with either Bluetooth LE Peripherals or with Bluetooth mesh networks.

Reducing the Risk of COVID-19 Transmission

Learn how Philips partnered with Cassia Networks to help fight the spread of COVID-19…

Bluetooth Market Research Note - Assistive Hearables

Bluetooth Market Research Notes provide in-depth analysis of trends and forecasts highlighted in the…

POM Tracer Ensures Workplace Safety with Contact Tracing Solutions from Laird Connectivity

POM Tracer was looking to create an easy-to-implement product that would allow businesses and…

How to Deploy BlueZ on a Raspberry Pi Board as a Bluetooth Mesh Provisioner

This step-by-step study guide will teach you: How to rebuild the kernel on a…

The Bluetooth LE Security Study Guide

Learn about fundamental security concepts, the security features of Bluetooth Low Energy, and gain some hands-on experience using those features in device code.

Bluetooth Location Services

See 8 use cases for enhancing building efficiencies and creating a better visitor experience, discover new data that supports the latest trends and forecasts, and find out what’s driving the rapid adoption of location services solutions.

Overview – Bluetooth Technology

See how the global standard for simple, secure connection has expanded to meet the…

 Get Help