Kontakt.io Standard is the level of security which can be seen as the current industry standard. It’s a far cry from what we provide with Kontakt.io Secure, but if you’re not interested in protecting your infrastructure completely from attack, we continue to offer this for our clients.
Basically, it provides your beacons with a debug lock in the firmware on our Nordic chipset, as well a a 3-tier password protection for accessing and managing your beacons.
Each Beacon/Double Battery Beacon/Tough Beacon has two unique passwords;
- one changeable password for configuring beacons (major, minor, tx-power, interval, etc.)
- one unchangeable master password for major changes (firmware updates)
Every user account has a third password (or social login) you’ll need when using our Web Panel, and Kontakt.io Admin Apps.
Configuring beacons with firmware 3.1 or older. (Update: Firmware 3.x 4.0 and 4.x were introduced in 2017 and earlier after that in 2019 we changed firmware versioning schema. Current firmware version schema is 1.10 and 1.1x/1.x/2.x) A new configuration can be created via our beacon management platform (Web Panel) or directly via the API, and it will remain in a pending state until applied. Since beacons aren’t connected to the Internet, to update your beacons with your new configuration, you'll need to get in range of the beacon with a device running our Kontakt.io Admin App. It's worth noting when logged into the Admin App, the app will fetch beacon-specific passwords to provision them, so you don't need to type them in individually.
Read more about Configuring Beacons.
Security Caveats with firmware 3.1 or older (Beacons produced in 2016/2017)
Due to the nature of BLE technology, beacons communicate in the clear and don’t encrypt the data that is sent to them. Therefore when connecting to a beacon to apply its new config, someone in close proximity can see the password you sent to connect to your beacon and then use it and change it, so you can’t connect anymore.
Also Beacons with FW 3.X transmit unrotated identifiers, which means that anyone can listen and record them, and further use them for malicious purposes like creating clones of your beacons, using your beacon to trigger content in a 3rd party app, or just have 3rd party apps recording footfall traffic in your venues.
Read more about Security Threats.
Kontakt.io Standard beacons (with firmware 3.X) can be updated to firmware 4.0. Before upgrading, make sure you read and understand this!