To prevent spoofing or cloning Beacons can rotate (shuffle) their iBeacon and Eddystone identifiers. Rotations take place in a constant time interval set to 24 hours of beacon operation.
This mechanism is based on the fact that both Kontakt.io Kio Cloud and Beacons share the same algorithm that, when provided with the same configuration keys (unique for each Beacon) will generate the same values. Once a beacon is configured as shuffled it broadcasts iBeacon an/or Eddystone identifiers generated by this particular algorithm, changing the values every shuffling interval.
To enable Secure Shuffling, a config with the shuffled parameter set to true must be created and applied to a Beacon. Similarly, turning it off requires the shuffled parameter set to false.
Warning
Highly recommended to configure Beacons before shuffling them.
When using a Kontakt.io SDK for iOS or Android resolving happens mostly automatically. The information below will help to understand what happens under the hood.
Resolving a Beacon identifier is done by simply requesting a device by either Proximity UUID, Major & Minor (bid parameter) or by Namespace & Instance ID (euid parameter), depending on whether the Device is advertising in iBeacon or Eddystone mode. The response will contain the deshuffled Device information.
Additionally, the next 7 shuffled values (for both iBeacon and Eddystone) for the requested Beacons are included in the response, specifically in the futureId attribute. However, please keep in mind that our backend assumes constant, uninterrupted operation of a shuffled beacon and it has no way to know when a Beacon e.g. had its battery removed. In a situation like this or when the device battery dies and is replaced after some time, shuffling will be resumed with last advertised identifier. Kio Cloud will still keep track of that beacon, since resolving is algorithm-based and not time-based. Nevertheless, the futureId array may return incorrect values until fixed. To do that, shuffling must be turned off and then on again.