Beacon agnosticism and the real truth about beacons
By Dr. Michael Arner
Having learned dutifully that “hardware sales are a race to the bottom,” I was surprised when I first got into the business of location-based services to find so many startups that merely cobbled together a Content Management System and then tried to make their mark in the space by selling beacons: buying from China for $8-$12 each, marking them somewhere between $40 and $80, and then insisting that the customer purchase enough of them to blanket their space every few square meters.
It’s been less surprising to see how many of these “solutions” have fallen by the wayside in the last 18 months. There’s nothing particularly special about most beacons. The Bluetooth Low Energy Specification provides for beacons that transmit thermometer or barometer or moisture-meter or other sensor data, receive packets from phones or other beacons, detect motion, light, or sound. But for the lion’s share of the solutions out there, a beacon is simply a low-cost radio-transmitter that sends out a tiny packet of identification information every few seconds or milliseconds and then counts on the wizardry of your mobile device to do everything else. If you’re a beacon merchant, I suppose it’s great to have clients that are willing to shackle themselves to your super-special hardware, but if you’re the consumer, it’s usually best to avoid doing so when you can.
There is a perception out there (let’s go ahead and assume that it’s brilliant marketing over at Apple) that if you want to use the popular iBeacon protocol, you will need an Apple device. Some folks have heard of Eddystone, which is Google’s version. In reality, iOS and Android devices can both speak to both protocols and there are very few reasons why you shouldn’t be choosing a solution that’s beacon agnostic.
What about security? The truth is, the cost benefit of hacking (making it seem like a beacon isn’t there when it is) or spoofing a single beacon (making it seem like it’s somewhere it isn’t) is pretty low given that attack vectors we’re currently seeing in the field. If you do have special concerns, 99 percent of the time they are better solved with good software—which can do a much more holistic version of noticing when beacons are transmitting from places they shouldn’t be. For example, the GPS or WiFi signature doesn’t match or they have stopped transmitting from somewhere they should (this happens when nearby beacons are often detected normally but the beacon in question is never detected at all). There exist beacons which maintain proprietary end-to-end encryption, and these should be purchased, in the very rare case they’re needed from a large and stable provider. Therefore, you will still want to rely on a framework that brings flexibility to your custom implementation.
But aren’t there other reasons to prefer one beacon vendor over another? Yes, but they’re not the ones you think. For each model, they’ll publish a maximum range under “ideal conditions” (which, as far as I can tell, means “in outer space,” for even at maximum transmission strength and minimal interference, this number is rarely even approximated with any consistency). They’ll also “estimated battery life” — which is often longer than the company selling the thing has even been in operation. It’s important to note that some interesting things are being done with beacons that use non-battery power sources (USB, electrical outlets, lightbulb sockets, solar). If your space is outdoors, you will of course want a weather-resistant model; trilateration technology will let you turn the transmission strength up and purchase fewer beacons while proximity beacons will have you buying many more and then turning them down. These things matter model to model of course, but in general, you will always want to multiply-source your vendors and then you’ll discover that the decisive factor ends up being not the device stats but the customer service.
Will the vendor pre-configure device identifiers for you? And, if not, how hard is it to do yourself? A vendor I quite like once published an update to their configuration software that had a glitch in it which took long enough to rectify that we had to quickly shift to Vendor B to make an installation deadline. Will they label the devices with removable stickers that have the identifiers on them (this is hugely helpful)? Will they camouflage them for you? What’s the defect rate and how efficiently can they turn those around? Do big batch orders ship with or without batteries included? And, do they arrive quickly?
For some installations, GPS and WiFi alone may provide the precision you need to geolocate without using beacons at all. There is also a new WiFi technology available from Mist, that will create “Virtual BLE,” giving outstanding precision and flexibility for large deployments. Some providers are beginning to provide beacons along with their Access Points, making it easier to combine technologies These solutions, of course, will also be subject to the same needs for a powerful, flexible, software platform.
In short, beacons are primarily dumb infrastructure meant to support smart software. If your solution provider can’t tell they don't work with everything—even with a mix of everything—they’d better be prepared to tell you why.