The introduction of low cost location broadcasting beacon devices further opens the door for the IoT (Internet of Things). One of these devices attached to everyday physical objects bridges the vast amount of Internet information about the objects to end users with smart phones or other device receiving the beacons. The objects can also become the subject of e-commerce by automatically configuring a purchase for a nearby end user. Furthermore, the devices broadcast a location that is useful for tracking a moving object and for non-GPS location services.
The openness of these systems, many of which are unencrypted and do not require authentication credentials, is also a major vulnerability. These systems are relatively easy to spoof and can confuse a user as to which information is legitimate, especially during an e-commerce transaction involving sensitive personal data.
What is needed is a robust technique to enhance the security of location broadcasting beacons by detecting and warning of spoof attacks.