is there any API that allow the decryption of the secure UUID on the server side?
Since the device acts merely as a “proxy” or a “middleman”, it never
knows the Beacon Key. Otherwise, a malicious party could extract the key
from your app, and be able to decipher all future Visible Beacon IDs
A malicious party could not get the Beacon Key but after the decryption will it not be possible for someone to get the real beacon UUID from the device, that never changes, and don’t even need to decipher future visible UUIDs ? Just use this UUID to send requests to the server? Will it not make sense to decrypte the UUID on the server side and not in the mobile device?
Regarding secure UUID I would also like to know if it’s possible to determine when the rotation will/did occur. Is it based in the Timestamp? For example if I set a rotation time of 2 seconds, will the rotation occur at 1477850000, 1477852000, 1477854000, 1477856000 … or it depends on when I started the secure UUID ?