Are SDK's secure? Can your beacons only integrate with your software?

Hi, I’m keen to trial your beacons and purchase them for a project. My dev team raised some concerns stemming from an article spotted on Markzine. The article is a bit outdated, Jan 2014 but can you come back to us on the following extract so I can put my developers minds as ease …

Markzine Extract:

“Interestingly all of the Estimote beacons in all of their developer preview kits are shipping with identical UUIDs—the UUID for every beacon is fixed—and they’re not planning to add the ability to change the UUID any time soon. That means you can’t use them in a production environment the way Apple intended, or at least, not without some modification.You’re also effectively locked into using their closed source iOS SDK if you’re using their hardware, as other iBeacon hardware won’t work with their SDK, and if you use the lowest common denominator—Apple’s own Core Location and Passkit frameworks—to talk to a heterogeneous collection of iBeacon hardware, you’re stuck in read-only mode with the Estimote beacons themselves. That could be a real problem in the future, both for end users, and Estimote themselves.”

Thanks, Alice

A little dated indeed (:

To address the points from the article:

  • Since that time, we added an option to modify the UUID.

  • Our beacons broadcast the standard iBeacon packet, which means any iBeacon-compatible software can detect them.

  • iBeacon itself doesn’t specify any method of configuring the devices, so each beacon vendor usually implements this part themselves. And since re-configurating a physical beacon requires tight integration of software and hardware, it’s usually closed-source, for a variety of reasons.

The choice is all yours: you can build the “read-only” part of your app using any iBeacon-compatible SDK and software (there’s already a good bunch of CMS and analytics platforms for beacons, that work with any iBeacon devices) and use the Estimote’s stack (cloud, management apps, SDK) only for configuration (which in many cases is a one-time thing anyway).

We hope you’ll at least consider using our SDK for everything. Yes, it locks you in to our beacons, but that comes with a lot of value attached: we give you out-of-the-box analytics, remote beacon settings management, Indoor Location, rotating UUIDs for better security, etc.

(Think, native iOS app vs PhoneGap app: the former locks you in to the iOS platform, but can you benefit from tighter integration; whereas the latter gives you the freedom to port your app to other platforms, but that’s at the expense of having to forego iOS-specific features.)

thanks so much for getting back to me so quickly