Smart beacon data security
First Claim
Patent Images
1. A secure beacon-based system comprising:
- a plurality of beacons, wherein each beacon of the plurality of beacons, is located in a sub-location of a geographic area, andeach beacon includes hardware comprising dynamic beacon identifier (ID) generation logic, a data storage, and a short-distance transmitter,wherein the dynamic beacon ID generation logic generates a beacon ID based on information in the data storage, and at least a portion of the beacon ID is dynamic and is varied at intervals or at least a portion of a payload of a beacon message is dynamic and is varied at intervals, and the short-distance transmitter periodically transmits the beacon ID,wherein the dynamic beacon ID generation logic generates the dynamic portion of the beacon ID or the dynamic payload based on at least one beacon ID calculation function, and an application server stores the at least one beacon ID calculation function to locally compute the dynamic portion of the beacon ID or the dynamic payload, andwherein each beacon determines input parameters for the at least one beacon ID calculation function, and at least one of the input parameters is a variable input parameter that varies per interval causing an output of the at least one beacon ID calculation function to vary per interval, and the application server determines the same input parameters to locally compute an output of the at least one beacon ID calculation function; and
a mobile application executed by a mobile device, wherein the mobile application receives the beacon ID of a beacon of the plurality of beacons via a short-distance communication interface of the mobile device, andthe mobile application;
determines presence parameters associated with presence of the mobile device at the sub-location of the beacon;
determines whether to send a request to the application server based on the presence parameters;
in response to determining to send the request, generates the request, wherein the request includes the beacon ID comprising at least the dynamic portion; and
sends the request via a network interface of the mobile device to the application server,wherein the application server receives the request via a network, locally computes the beacon ID comprising at least the dynamic portion based on the at least one beacon ID calculation function, compares the beacon ID from the request with the locally computed beacon ID, and determines whether the mobile device is located near the beacon based on the comparison.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure beacon-based system includes beacons that may generate dynamic beacon identifiers. A mobile device application may send a request to an application server, including a dynamic beacon identifier. The application server can locally compute the dynamic beacon identifier and compare it to the received beacon identifier to validate the request and determine whether to respond to the request.
49 Citations
17 Claims
-
1. A secure beacon-based system comprising:
-
a plurality of beacons, wherein each beacon of the plurality of beacons, is located in a sub-location of a geographic area, and each beacon includes hardware comprising dynamic beacon identifier (ID) generation logic, a data storage, and a short-distance transmitter, wherein the dynamic beacon ID generation logic generates a beacon ID based on information in the data storage, and at least a portion of the beacon ID is dynamic and is varied at intervals or at least a portion of a payload of a beacon message is dynamic and is varied at intervals, and the short-distance transmitter periodically transmits the beacon ID, wherein the dynamic beacon ID generation logic generates the dynamic portion of the beacon ID or the dynamic payload based on at least one beacon ID calculation function, and an application server stores the at least one beacon ID calculation function to locally compute the dynamic portion of the beacon ID or the dynamic payload, and wherein each beacon determines input parameters for the at least one beacon ID calculation function, and at least one of the input parameters is a variable input parameter that varies per interval causing an output of the at least one beacon ID calculation function to vary per interval, and the application server determines the same input parameters to locally compute an output of the at least one beacon ID calculation function; and a mobile application executed by a mobile device, wherein the mobile application receives the beacon ID of a beacon of the plurality of beacons via a short-distance communication interface of the mobile device, and the mobile application; determines presence parameters associated with presence of the mobile device at the sub-location of the beacon; determines whether to send a request to the application server based on the presence parameters; in response to determining to send the request, generates the request, wherein the request includes the beacon ID comprising at least the dynamic portion; and sends the request via a network interface of the mobile device to the application server, wherein the application server receives the request via a network, locally computes the beacon ID comprising at least the dynamic portion based on the at least one beacon ID calculation function, compares the beacon ID from the request with the locally computed beacon ID, and determines whether the mobile device is located near the beacon based on the comparison. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for mobile application validation, the method comprising:
-
receiving, at an application server, a request from a mobile application, wherein the request is associated with a beacon and includes a dynamic beacon ID or a dynamic payload of a message received, from the beacon, by a mobile device hosting the mobile application, and wherein the dynamic beacon ID or the dynamic payload is calculated based on at least one beacon ID calculation function, and the beacon determines input parameters for the at least one beacon ID calculation function, and at least one of the input parameters is a variable input parameter that varies per interval causing an output of the at least one beacon ID calculation function to vary per interval; in response to receiving the request, computing, by a processor at the application server, a locally computed beacon ID or payload, wherein the computing at the application server the locally computed beacon ID or payload comprises; storing the at least one beacon ID calculation function at the application server; determining the same input parameters used to calculate the dynamic beacon ID or a dynamic payload in the request; computing, by the processor of the application server, the locally computed beacon ID or payload based on the stored at least one beacon ID calculation function and the same input parameters; comparing the locally computed beacon ID or payload with the received dynamic beacon ID or payload; determining whether the request from the mobile application is validated based on the comparing; responding to the request with information associated with the location of the beacon if validated; and ignoring the request if not validated. - View Dependent Claims (10, 11)
-
-
12. A secure beacon-based system comprising:
-
a plurality of beacons, wherein each beacon of the plurality of beacons is located in a sub-location of a geographic area, and each beacon periodically broadcasts a beacon ID via a short-distance transmitter; a mobile application executed by a mobile device, wherein the mobile application;
receives the beacon ID of a beacon of the plurality of beacons via a short-distance communication interface of the mobile device;determines presence parameters associated with presence at the sub-location of the beacon;
determines whether to enter a peripheral mode based on the presence parameters; and
in response to determining to enter the peripheral mode, broadcasts a peripheral mode signal announcing the presence of the mobile application,wherein the peripheral mode signal includes a peripheral mode ID, and at least a portion of the peripheral mode ID is dynamic and is varied at intervals, wherein the mobile application generates the peripheral mode ID based on at least one calculation function, wherein the mobile application determines input parameters for the at least one calculation function, and wherein at least one of the input parameters is a variable input parameter that varies per interval causing an output of the at least one calculation function to vary per interval; and a zone computer located in the geographic location of the plurality of beacons, wherein the zone computer; receives the peripheral mode signal, that includes the peripheral mode ID; determines whether the mobile device is in an area of validation of the zone computer; in response to determining the mobile device is in the area of validation, sends a message to the mobile application to authenticate the mobile application, wherein to send the message to the mobile application to authenticate the mobile application, the zone computer; stores the at least one calculation function; determines the same input parameters used to calculate the peripheral mode ID at the mobile application; computes, by a processor, a locally computed peripheral mode ID based on the stored at least one calculation function and the same input parameters; compares the received peripheral mode ID with the locally computed peripheral mode ID to invoke authentication of the mobile application; and in response to the authentication of the mobile application, sends a single-use code to the mobile application, wherein the single-use code is calculated according to a code generation function; wherein the mobile application receives the code from the zone computer via the short-distance communication interface of the mobile device and sends a request, including the single-use code and the beacon ID, to an application server via a network interface of the mobile device, and wherein the application server; receives the request via a network; generates a locally computed single-use code according to the code generation function; compares the locally computed single-use code with the single-use code in the request to validate the request from the mobile application; if validated, sends information to the mobile application via the network in response to the request; and if not validated, ignores the request. - View Dependent Claims (13, 14, 15)
-
-
16. A secure beacon-based system comprising:
-
a plurality of beacons, wherein each beacon of the plurality of beacons is located in a sub-location of a geographic area, and each beacon periodically broadcasts a beacon ID via a short-distance transmitter; a mobile application executed by a mobile device, wherein the mobile application receives the beacon ID of a beacon of the plurality of beacons via a short-distance communication interface of the mobile device, wherein the mobile application; determines presence parameters associated with presence at the sub-location of the beacon; determines whether to enter a peripheral mode based on the presence parameters; in response to determining to enter the peripheral mode, broadcasts a peripheral mode signal including at least one of service or characteristic of the mobile application, the peripheral mode signal including a peripheral mode ID, and wherein at least a portion of the peripheral mode ID is dynamic and is varied at intervals; generates the peripheral mode ID based on at least one calculation function; determines input parameters for the at least one calculation function, wherein at least one of the input parameters is a variable input parameter that varies per interval causing an output of the at least one calculation function to vary per interval; and a zone computer located in the geographic location of the plurality of beacons, wherein the zone computer; receives the peripheral mode signal including the peripheral mode ID; determines whether the mobile device is in an area of validation of the zone computer; and in response to determining the mobile device is in the area of validation, sends a message to the mobile application to authenticate the mobile application, wherein to send the message to the mobile application to authenticate the mobile application, the zone computer; stores the at least one calculation function; determines the same input parameters used to calculate the peripheral mode ID at the mobile application; computes, by a processor, a locally computed peripheral mode ID based on the stored at least one calculation function and the same input parameters; compares the received peripheral mode ID with a locally computed peripheral mode ID to invoke authentication of the mobile application; and in response to the authentication of the mobile application, sends information to the mobile application, wherein the information is associated with the mobile device being at a location of the beacon. - View Dependent Claims (17)
-
Specification