Bluetooth Security 101
Over three billion Bluetooth products will ship this year, with nearly five billion projected to ship by 2019. That’s a lot of Bluetooth devices being used for a wide variety of applications – in cars, consumer electronics, personal computers, health and fitness products, wearables, smartphones, and more. It’s no wonder that privacy and security concerns are top of mind for consumers like you.
By 2017, the average consumer will own five connected devices, so it’s understandable that consumers are ever wary about potential vulnerabilities in their wireless connections. We often see this more general concern morph into specific concerns about Bluetooth when, in actuality, Bluetooth technology provides a strong, government-grade encryption that more than meets consumer needs. In fact, Bluetooth 4.2 introduced the most secure Bluetooth connection to date with advanced privacy capabilities and government-grade AES 128-bit encryption. But what does that mean? Let’s break it down to the security basics.
Bluetooth provides three basic security services:
Authentication & Authorization: This is the process of determining who is at the other end of a Bluetooth link and if their device should have access to yours.
Encryption & Data Protection: Bluetooth encrypts your data and only allows approved devices to decrypt it, making it much more difficult to for unauthorized users to capture and decipher your personal information.
Privacy & Confidentiality: In addition to encrypting the data being transmitted, the latest version of Bluetooth also makes it possible to encrypt the address of the Bluetooth device itself. This makes it nearly impossible for someone else to track a device, like your phone or fitness tracker, as it moves from place to place.
Bluetooth adheres to U.S. federal security regulations, ensuring that all Bluetooth devices are capable of meeting and exceeding strict government security standards.
- NIST Compliant: The National Institute of Technology develops security standards and guidelines for federal agencies to protect their information and information systems.
- FIPS Approved: These Federal Information Processing Standards are developed by NIST in accordance with the Federal Information Security Management ACT (FISMA).
We’ve implemented these security and privacy standards as building blocks for manufacturers to use as a foundation for their products and apps. Not every application needs the same level of security, so Bluetooth provides the flexibility for a manufacturer to make the best security choice for his or her implementation. This means that Bluetooth technology can be used to secure anything from the most basic of applications – think wireless keyboards – all the way through to highly secure applications, like Bluetooth enabled door locks. In short, if it's Bluetooth, you can rest assured it's up to the task of protecting your wireless communication.
We will continue to take a closer look at the ins and outs of Bluetooth security, the advancements we’ve made, and our plans for the future of wireless security in future installments of this series. We’ll also be addressing some of the common Bluetooth security myths you may have seen floating around – Bluesnarfing, anyone?