Using iBeacons to Disable Apps and Phone Features

iBeacon Endpoint Protector MDM
iBeacon Endpoint Protector MDM

Sometimes it isn’t what an iBeacon will let your phone DO, it’s what it will PREVENT your phone from doing.

In a use case I’d never frankly thought about, Endpoint Protector proposes a promising line of thinking: having iBeacons trigger phones to disable features or lock off usage of certain apps.

For the corporate-minded security type, it’s a way to lasso in all those personal phones running around your top secret R&D lab…but there are also encouraging use cases in healthcare and education.

What is an iBeacon?
iBeacons are small devices that do little more than transmit a small data signal to the world around them. Phones that have Bluetooth LE enabled will ‘listen’ for these signals and if it hears them will wake up any apps that have iBeacon detection built in. The beacon and the phone do a sort of digital handshake, and if they recognize each other then different events can happen.

The benefit of iBeacons is they’re cheap, can run on batteries for months or years at a time, and will soon be ubiquitous (every iPhone made in the last 2 years is a potential beacon).

“OFF” is the New Black (which is the old Orange)
When we think of iBeacons, we usually think of what they make a phone DO. Because an iBeacon allows you to geolocate a phone down to a few feet, they can trigger events when you walk into a store or when you stand in front of a painting in a museum.

But what if instead of a beacon triggering your phone to turn content ON, it triggers it to turn content OFF?

By pairing iBeacons with Endpoint Protector’s Mobile Device Management (MDM) software, you can suddenly imagine all kinds of scenarios where you want to create a specific mobile device environment.

One example they give is employees in a corporate conference room – an iBeacon in the corner could trigger employee phones to turn off their cameras, giving assurance that there won’t be any photos leaked over on Gizmodo as you plan your next widget design:

“With an iBeacon placed at the door or a specific area of the office building, each employee can automatically receive wi-fi settings or have certain security restrictions based on the company’s internal policy.”

iBeacons in the Classroom
I actually like their example of a classroom even more. As more classrooms (well, the ones who can afford it anyways) give iPads to kids, iBeacons could end up being a secure way to avoid distractions when in class:

“Using a beacon, when the teacher enters the classroom with an iBeacon in the pocket, all iPads are forced to allow access only to a textbook app and Wikipedia website. Entering the library, the iOS mobile device is automatically switched to silent.”

So when it comes to iBeacons, sometimes it’s what they can STOP as much as what they can start. And like most of iBeacon technology one advantage to consumers is that it’s opt-in (unless your phone or tablet is owned by your employer, of course).

So if you’re taking photos of Apple’s new TV set feel free to send them my way, just be sure you’re using your personal phone when you take the snaps.

Endpoint Demos the MDM Concept:

7 Responses to “Using iBeacons to Disable Apps and Phone Features”

  1. Jerod Christopher

    Sounds like there are some really interesting possibilities with ibeacons. The question I have is: what’s to stop someone from turning off the beacon in their settings? I was under the impression that it’s fairly easy to do so, which would make it difficult to enforce these security measures.

    Reply
  2. Note that iBeacon comes with no security at all, so if someone implements this to disable a feature on peoples’ phones when they are in range of a beacon anyone who can detect the beacon UUID (potentially much further away than you may expect if they have a good antenna) they can disable the feature at any time they want, and since the proximity detection is based on power measurements, from any location where they can send data to the devices, which can be much further than you expect because they could be using a good antenna and high transmitting power.

    Note also that an iPhone 4s or higher can be used as an iBeacon using a free app and send any UUID the user wants, so access to the hardware is not limited.

    If you implement this in a school setting, prepare for continuous interruptions by students messing with each other.

    And as far as enforceability goes: iBeacons are only detected by iPhones when bluetooth is on.

    Reply
  3. Hmmm – well, don’t usually comment on anonymous posters, but your understanding of how iBeacons work seems to be limited.

    First, the use case as described requires that the kids in the class have Bluetooth LE enabled in order to access the content on the app. So, sure, you can turn Bluetooth LE off….but then you wouldn’t be able to see the content that your class needs to cover. Second, because the apps ‘report’ that they’re connected, the teacher would be able to see which kids are connected to the network – through a simple dashboard on the teacher’s app, they’d be able to see that “Jimmy”, say, isn’t logged in.

    Second, this idea that kids could ‘spoof’ the beacon is erroneous. Bluetooth LE offers three types of connection one of which includes secure pairing, broadcasting an anonymous and constantly changing UUID number. It’s erroneous to state that you can spoof the beacon because it simply isn’t true if the beacon is set to private/secure pairing.

    So, I’m not sure where you’re getting your information about how beacons work, but I’d suggest it isn’t from this site.

    Reply
  4. What’s to stop someone from turning off the beacon in their settings? I was under the impression that it’s fairly easy to do so, which would make it difficult to enforce these security measures.

    Reply
  5. Nothing prevents them from turning off Bluetooth LE. The security is provided not by the connection to Bluetooth but by preventing access to content if Bluetooth LE is off, and by keeping track of students/employees.

    So, if you’re an employee or student using textbooks or whatever, your access to those books is turned off if Bluetooth LE is off, and a dashboard records whether you’re in class/in the office based on the presence of your device.

    It’s not the Bluetooth LE that protects anything – it’s the ability to access cloud-based content and to be logged in to the attendance/presence dashboard which enforces keeping it on.

    Reply
  6. I think that iBeacon comes with no security at all, so if someone implements this to disable a feature on peoples’ phones when they are in range of a beacon anyone who can detect the beacon UUID they can disable the feature at any time they want, and since the proximity detection is based on power measurements, from any location where they can send data to the devices, which can be much further than you expect because they could be using a good antenna and high transmitting power.

    Reply
  7. Hi,

    i completely understand the concept but i don’t understand how ibeacon technology is possible to disable e.g. Camera App to be opened on an iPhone.

    Could you please explain that concept ?

    Reply

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>