Secure UUID / I don't understand how it works

#1

Hi

We are considering using the beacons and our app for tracking customers (opt-in) for a contest (most frequent bususers). The top 3 commuters should get some nice stuff each month.
I thought about sending the RegionEntered/RegionLeft events to the server to calculate who uses the busses most often. But everybody could buy his own beacon, copy the UUID and simulate busdriving to manipulate the contest.

The solution could be the Estimote Secure UUID, as far as I understood.
[This site](, see here https://community.estimote.com/hc/en-us/articles/201371053-Are-Estimote-Beacons-secure-How-does-Secure-UUID-work-) says:

Enabling Secure UUID causes rotation of the beacon’s ID (UUID, Major and Minor) so it’s broadcasting unpredictable, encrypted values. We

What I do not understand: When the UUID changes frequently, how can an iOS app monitor the becons? First, there is this 20 regions limit (defined by the UUID) and secondly, if I do not know the UUID, how can I subsribe to it?

Thank you,
Bernhard

#2

“It just works!”, try it (:

The actual implementation is something we have a patent on, and would rather not disclose the details, but it works, believe us (;

For you, you just use the “real” UUID/major/minor in your app, and the SDK automatically takes care of monitoring the rotating identifiers, fitting within the 20-region limit, and sending them to Estimote Cloud for decryption. That’s the beauty of our Secure UUID implementation—you use it just like the “non-secure” beacons, but it’s actually secure!

#3

Hi!

“It just works!”, try it

Hm, to try it, I would have to buy 7x"Estimote Development Kit with 3 Location Beacons" to get 21 Beacons to pass the 20 regions limit…
But I will show this post to my customer and they have to decide.

The actual implementation is something we have a patent on, and would rather not disclose the >details, but it works, believe us (;

Okay, I understand that you do not want to tell every detail (although as far as I know if something is patented, it is also officially documented, but I don’t care… :slight_smile: )

For you, you just use the “real” UUID/major/minor in your app

Okay, so I set the same UUID for all beacons then, right?

the SDK automatically takes care of monitoring the rotating identifiers, fitting within the 20-region >limit

What do you mean “within the 20-region limit”? So is there a 20 region limit with secure UUIDs or not, I don’t understand 100%.

Thank you,
Bernhard

#4

Okay, so I set the same UUID for all beacons then, right?

That’s usually a good practice, yes.

What do you mean “within the 20-region limit”? So is there a 20 region limit with secure UUIDs or not, I don’t understand 100%.

Our implementation of Secure UUID still has to operate within the 20-region limit imposed by iOS, but for you, there’s no limit. In other words, we will internally always monitor for max 20 regions (because we physically can’t monitor more), but in a way that will still make enter/exits work for all of your secure regions, even if there’s more than 20 of them.

#5

Is it work with other iBeacons but with estimote SDK?

#6

Secure UUID was our proprietary extension to iBeacon, so only Estimote Beacons support it.

Do note that we’ve since moved away from iBeacon, and Secure UUID. Our beacons still support it, but our focus right now is on our own Bluetooth-beacon technology we call “Estimote Monitoring”, and the Proximity SDKs to match. For Estimote Monitoring, we also have a secure variant called “Estimote Secure Monitoring”: