Kontakt.io Secure is a complete suite of beacon security technology which involves not only Kontakt.io beacons, but also our Proximity REST API, Proximity SDKs, Admin Apps for iOS & Android, and the Kontakt.io Proximity Web Panel.
Kontakt.io Secure has three main features: Secure Shuffling, Secure Communication, and Software Lock. Below is a brief overview of how these features work and what the major changes are compared to Kontakt.io Standard.
Secure Shuffling schedules your beacons (with firmware 4.0 +) to change the data that they broadcast (major, minor, MAC-address) on regular basis. This means that anyone who has captured the data that the beacon transmitted in the past can no longer use your beacon's information to piggyback or clone your device. Because Secure Shuffling makes beacons change identifiers independently without app knowing the exact timing, it fundamentally changes the way apps are built to react after detecting an advertising packet. Before enabling shuffling on your beacon (with FW4.0+), read more about Secure Shuffling and its requirements from app design point of view.
Secure Communication encrypts all the communication between your beacons and any device that configures them. This means that settings and configuration data are all transmitted securely without exposing the password, and thus beacons can’t be hijacked. Unlike the way configuring beacons worked in past (beacons with FW 3.1 or less), in Secure Communication configuring a device does not use passwords to connect to the beacon in order to change configurations. If you were earlier using Kontakt.io Admin App for configuring beacons, this won’t change anything for you other than making the configuration process much faster and more reliable. If, however, you were using 3rd party apps to configure Kontakt.io beacons, this won’t be possible with new secure beacons (with FW4.0). Read more about Secure Communication here.
Software Lock is feature that locks our beacons via Nordic Semiconducters’ on board firmware so data on Kontakt.io beacons can’t be read. Even if a hacker tries to extract data manually, he or she will be unable to, because the information is protected by a software lock on the device itself.
Learn more details about Kontakt.io Secure with our on demand webinars hosted by our CTO and Head of Software, or check out our in-depth blog posts.