Beacons have been mired in a no man’s land of emerging technologies ever since they came onto the scene, and their lethargic progress can’t be chalked up to any single deficiency. Developers don’t know all their use cases; retailers aren’t quite sure how to deploy them; shoppers can’t trust that the push notifications aren’t collecting information that’s only sent back to the merchant in question.
At the very least, Google’s latest upgrade to its Eddystone platform promises to address that last one.
Google — or Alphabet as the kids say these days — announced a new security protocol for its beacon format on Thursday (April 14) that goes by the name of Ephemeral IDs (EID). While that’s not a very sexy sentence for merchants on the hunt for new ways to create sticky experiences for in-store customers, the technology behind the EID protocol might.
Instead of previously available security standards that variously had sensors and devices automatically and periodically scan their environments for all potential communicable nodes, EID uses a more targeted and personal approach. Sensors on the platform broadcast encrypted keys that autonomously change as frequently as every other second, depending on the owner’s preference, and only devices with access to that same platform can decrypt the key. Without proper access, there’s no way to unscramble the eight-bit identifier code and no way for snoopers to eavesdrop on digital conversations.
Best of all, since the EID changes so often, Google says that there’s little to no chance it can be falsely reproduced or the signal tracked over time.
While this still might not be enough to get retailers’ motors going, it’s important to note that EID protocols don’t require consumers to authorize apps or verify that the inanimate beacon is communicating the right information to the right users; during installation, retailers set the access parameters themselves. Yossi Matias, vice president of engineering at Google, told Wired that this EID update achieves something in beacon technology that’s eluded researchers from the outset: enhanced security without increased friction.
“It’s very easy to provide security layers which compromise the user experience,” Matias said. “These are very easy to deploy from a technology point of view and are very bad experiences. The real challenge from a technology perspective is how to keep things simple but also add a security layer on top of everything.”
The Eddystone EID protocol is already seeing some real-world use. Google touted how in Hong Kong, the part-art studio, part-retail mall K11 is employing EID-upgraded beacons to deliver information on installations and targeted promotions as soon as customers come within a certain range of sensors. Stateside, Washington, D.C.-based Monumental Sports has rolled out Eddystone’s newest update to sensors all over the Verizon Center, allowing personalized updates on seat upgrades and secure transactions within a crowded (both physically and digitally) 18,000-seat stadium.
Matias himself has seen success with a somewhat new use case for beacons: personal belongings tracking.
“As we started this project, my favorite use case was the suitcase, since I travel so much,” he told Wired. “You can think about many benefits; my favorite one was getting a notification once it’s near the carousel, so I don’t need to waste time watching other bags … But the question is: How can I do that knowing that I’m the only one that can recognize my suitcase and that it’s not recognized by anyone else’s mobile device?”
It’ll likely take time to build up confidence in both consumers and retailers that a technology they can’t see is actually doing a better job of securing their data than all the previous architectures that have promised the same thing. But if beacons are ever going to work in the brick-and-mortar world, EID doesn’t seem like such a bad place to start.
Or, in the case of beacons: a place to start again.