Tech viewpoint on beacon-hacking
A view from Dino Burbidge

Tech viewpoint on beacon-hacking

Picture the scene. You’re walking down the wine aisle in Sainsbury’s and stop in front of your favourite Chardonnay. Suddenly, your phone goes nuts. It’s Asda, two doors down, excitedly telling you it has a two-for-one offer on all Chardonnay, so come on over and save a bunch of cash. You discreetly dump the bag of crisps you were about to buy as well and head over to Asda. Result!

So what just went on there? Beacon-hacking is what went on. Not sure what beacons are? Here’s a crash course.

Beacons (or iBeacons, as Apple will have you call them) are just low-energy Bluetooth circuit boards in a funky-looking case. Pretty much all they transmit is a unique code and a distance to you. They don’t have any offers in them, they don’t transmit pictures and you can’t access websites through them. They just repeatedly shout out their name and their distance.

This is where apps come to the rescue. An app can listen for a beacon and do something specific depending on the beacon it is close to. If you own a shop and you install a beacon called XYZ123 next to the cereals, your app can hear beacon XYZ123 and know you’re in the cereal aisle. Simple. The app can then check a database or whatever it needs to do and ping you the best cereal offers. The key thing with beacons is that, unlike GPS or other location-based systems, they have the ability to automatically fire up any app associated with them. What could possibly go wrong?

Will companies (or governments) use networks of public beacon IDs to track your progress?

Quite a lot, as it happens. The (laudably) open standards that beacons are based on seem to lay them open to various levels of mischief. There is nothing to stop a competitor coming into your shop with a beacon-scanning app (yes, download one for free – there are loads), cruising around, locating all your beacons, noting their positions and storing their unique ID numbers. They can simply pop next door, enter them into their own app and, hey presto, their app lights up with your beacons too. Apple’s iBeacon tries to limit this but, with a bit of digging around, it’s still possible to achieve this on iPhones and Android alike.

So where will this go? Will we end up in a Blade Runner vision of industrial espionage, with companies set up to map and hack competitors’ beacons? Or will a standard be set to change beacon IDs every hour so only your app will know what to look for? Will companies (or governments) use networks of public beacon IDs to track your progress through physical spaces? Will ad networks finally do that Minority Report personalised ad thing? Or will we just buy cheaper Chardonnay?

Whatever happens, beacons are hot property right now. Buy some: they’re only £20. Stick them around the office. Put your mischief hat on and let the fun begin.

Dino Burbidge is the director of technology and innovation at WCRS