Provisioning

Here is why Bluetooth provisioning is still challenging !

Here is why Bluetooth provisioning is still challenging !
A major challenge in provisioning is that many IoT devices such as sensors, smart speakers, cameras, are “headless”, meaning they do not have an input user interface. While lacking direct input, headless devices can be easily controlled over a network such as Bluetooth, but only after they have joined the network. Configuring headless devices requires an initial pairing step for a transfer of credentials, often an unintuitive and unstable step that adds friction to the process. This creates a major user experience issue problem for consumer devices. One in three users faces a problem in device setup. Up to 22 % of device returns can be due to problems in device setup or provisioning in consumer space.

Bluetooth is the most common method to connect two devices nearby and is used for our daily-to-daily activities like playing music from your phone to car speaker system, transferring files from your one device such as mobile to say your other device such as a laptop.Bluetooth has seen an arduous and eventful journey, since its inception in 1990 by Ericsson Mobile. And soon, companies start seeing it as wireless alternatives to connect two devices and exchange sufficient bits of data. Once Bluetooth came into the foray, it stretched the imagination of developers and increased its commercial applications to use Bluetooth in applications that were completely unimaginable 5-10 years before e.g game consoles (such as Sony’s PlayStation 3, Nintendo Wii), Real-time location systems (RLTS), etc.

With widespread adoption, a lot of R&D went into developing better Bluetooth protocols that ensure higher data transfer speed, lower energy consumption, and a higher range of operation. One of the use cases of Bluetooth that emerged in the IoT and smart device segment is device provisioning. Provisioning through Bluetooth is the process of adding a new device to a Bluetooth mesh network, such as a light bulb or a smart camera. The process is managed by a provisioner and a provisioner is usually a smartphone or other mobile computing device. In 2010, a new version of Bluetooth (Bluetooth 4.0) was introduced, known as Bluetooth Low-Energy (BLE) used as connectivity for the Internet of Things. It is an emerging short-range wireless technology that has become a centre for the tech industry. Many smart devices such as Nest Cam, Amazon Echo, Google Hub are enabled with BLE (Bluetooth 4.0 onwards) for device provisioning. But even 3 decades later, the fragilities with Bluetooth still exist.

Now for a minute, imagine yourself as a consumer who just bought a smart device. Do you remember the times when you were trying to connect your new smart device to the smartphone through Bluetooth, and it just doesn’t connect, even in multiple tries, and failed to do device provisioning? That’s a little frustrating, right!The initial step of connecting the product to the access point must be seamless and comforting. IoT devices are essentially designed to help make our lives easier. However, looking at product reviews on e-commerce platforms like Amazon shows how several products get returned by customers because of their bad experience installing and using them. And one of the major reasons is device provisioning enabled through Bluetooth. Customers have complained about different problems associated with Bluetooth and these are:

I. Difficulty in identifying new devices

Ii. Difficulty in pairing

Iii. Paired devices disconnecting randomly

Iv. Resetting the new device

v. Calling customer care for support

Vi. In the worst case, return the product and avoid using these devices at all

The second major problem with Bluetooth is its vulnerability to cyber-attacks and hacking.As a recent article by Carnegie Mellon CERT Coordination Center points out-

“Devices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure that could allow an attacker to impersonate a legitimate device during pairing"

Bluetooth protocol is open to interference and attack due to wireless transmission/reception. Therefore, a challenging task is to protect the devices from attackers.  

Various vulnerabilities come along with the use of Bluetooth technology enabling to perform impersonation attacks during secure connection establishment-

1) Bluesnarfing-  Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops.

2) Bluetooth headsets vulnerability- This allows the hacker to eavesdrop on your conversation using your headset when the Bluetooth connection is on.

3) Lack of mandatory mutual authentication, overly permissive role switching, and an authentication procedure downgrade.

Bluetooth can be used to transfer files from one device to another, so if an attacker could access a device via the Bluetooth protocol they could also potentially access sensitive information on that device. These vulnerabilities put billions of IoT devices at risk.At this time, where Data is Gold and hackers are gold miners, businesses need to adopt countermeasures to prevent such problems. One may raise a question about the actual need for developing new solutions while some well-proven technology protocols have been in use already for decades. The answer is that these protocols are often not effective enough and not coping with the growing need for security, increasing sophistication in hacking, and not be able to work efficiently within the emerging IoT landscape.
A major challenge in provisioning is that many IoT devices such as sensors, smart speakers, cameras, are “headless”, meaning they do not have an input user interface. While lacking direct input, headless devices can be easily controlled over a network such as Bluetooth, but only after they have joined the network. Configuring headless devices requires an initial pairing step for a transfer of credentials, often an unintuitive and unstable step that adds friction to the process. This creates a major user experience issue problem for consumer devices.

One in three users faces a problem in device setup. Up to 22 % of device returns can be due to problems in device setup or provisioning in consumer space.

As a developer of the consumer goods in the IoT Industry, it’s important to how the provisioner’s initial communication can be made, their advantages, and disadvantages. When looking to implement provisioning, factors such as security and seamlessness must be the priority. Acknowledging the future of IoT and adapting prudent changes concerning a better network protocol is a favor to your organization as well as the consumer you are serving and that’s what Trillbit is promising to provide through its innovative technology of “data over sound”.

Trillbit makes provisioning easy but at the same time very secure. It bridges the gap to solving these challenges with a frictionless user experience. Data Over Sound uses modulation of inaudible sound waves to communicate via speakers and microphones on IoT devices, allowing them to communicate via encrypted messages without a network connection.