Welcome!

Mobile IoT Authors: Yeshim Deniz, Shelly Palmer, Liz McMillan, Ed Featherston, Carmen Gonzalez

Related Topics: Mobile IoT, Agile Computing, Wearables, @ThingsExpo

Mobile IoT: Article

iBeacon Protocol, #API and the #InternetOfThings | @ThingsExpo #IoT #BigData

How Beacons and the iBeacon Protocol Fit With the API and the Internet of Things

How Beacons and the iBeacon Protocol Fit With the API and the Internet of Things

By Jennifer Riggins

Forbes called 2015, the Year of the Mobile Beacon.  AdWeek talks about how beacons are already influencing the way we networkget drunkvacationshop, and even how we buy sausage. Ten experts at Marketing Land predicted that this year the whole world of mobile marketing will become acutely location-aware. Plus, if Google, Apple, and Facebook are betting on it, shouldn't you? We'll dive in and learn how beacons interact with APIs, how the different beacon protocols work, and what makes for a quality beacon experience. But First:

[session] Internet of Things and ‘The Physical Web'
[blog] Beacon, Oh Beacon, Wherefore Art Thou Beacon?

Beacon API Use

What are Mobile Beacons?

Beacons are small, often inconspicuous pieces of hardware that allow indoor communication and enable customized mobile marketing, all via low-energy Bluetooth or BLE.

So, are beacons a part of the Internet of Things? Some people have argued no, but I think it's apparent that beacons are IoT because, literally speaking, they are things that connect to the star of it all-the smartphone-with the end objective of an improved experience. That's the essence and value of IoT, right?

Sort of.

Dana Blouin, a PhD student researching power-constrained center-node networks and general IoT thought leader, beautifully calls beaconing "user experience plus user interaction."

User Experience Plus User Interaction

"We don't work with the beacon directly. It's very passively there but it's giving us a very active experience," Dana said. "It's a proximity center, worked over BLE, with push notification, but we're not actually directly interacting with the beacon, the beacon is interacting with our mobile device. Some app is driving that user experience. The beacon is the context for that. The beacon is there to gain more insight into what we're doing." This is an apparent trend throughout the Internet of Things-machines talking to machines and acting upon that interaction, humans aside.

Blouin gives the example that, if you are in the shaving aisle, you could receive a push notification for 20 percent off Gillette razors if you buy This Item in Aisle Y. "You're collecting data from X to give to Y." Talking about how brands can collaborate, he says it's all about using a beacon to understand "what each other is getting and you want the other to know."

But, if we look at beacons as a part of the Internet of Things, it can be easy to look at it as another security and privacy complication in the already complicated seven-layer stack. It's important to look at it as another opportunity for testing and quality assurance.

Beacons and APIs work together?

We talked to Oscar Guillen Mateu, big data platform engineer, and Ivan Gonzalez Gutierrez, mobile developer, about their experience with beacons at MOCA Platform, a big data analytics platform that combines insights from open data, BLE beacons, GPS, WiFi, user settings, and user behavior via Android and iOS software development kits (SDKs).

In the case of MOCA, we have things like ‘Oh, I'm next to a beacon, that means I'm in this place.' If you're in this place that means the application knows that you're in this store and this store has offers and discounts for beverages. It asks the server, ‘What are the discounts?' The server responds back: ‘Coca-Cola is ten percent off'."

Guillen went on to describe the process of how the two application programming interfaces or APIs interact. The SDK searches for any beacons in the area. The beacon notifies the smartphone, then the mobile API sends information about where you are along with analytics for future machine learning, and, in return, it asks if there is information to share. The end user then receives a push notification.

On the other side of the cloud layer, the console API is found on the MOCA Platform website. The store owner is able to ask questions like:

  • How many users have been in the store today?
  • How many people with this profile have been here?

"Imagine that you're the store owner, every time a user interacts with a beacon, this user is here," Guillen said. This locational information combines with other data to uncover behavioral patterns that can be turned into highly segmented marketing campaigns.

Assuring beacon-based APIs are efficient in the face of stress and limited power

Guillen says that "You have to be efficient enough that you are able to have millions of phones sending data at the same time. You cannot be stuck processing that data. You have to have a process that's crunching data at its own pace. You are storing all the information, [and] you have to have all the preferences because the users have to have all that information right from the start to prioritize to some tasks and others."

He recommends using a stress simulator to generate a lot of fake users accessing the server at the same time, to see how far you go and to understand your limits. When you hit that limit, ask "Is that good enough? What happens if we add more servers, does it scale correctly? Maybe we have to think of another way to process that information perhaps horizontally." He says that it is always their target to have things as horizontally scalable as possible-one million users for one server, two million users for two servers, and so on.

MOCA had this when they provided the official app and beacons to more than 43,000 users at the 2015 Mobile World Congress. Gonzalez describes something that happened there: "You see four beacons. We send the information to our back-end to create a heat map-our server did crash but we had backups, so the architecture worked because they maintained the service."

But you not only have to make sure that your server doesn't crash, you have to make sure you aren't draining the phones either.

Your Software Impacts The Battery Life of Every Device It Runs On

The clients who have applications on users' phones need to make sure that the app doesn't use up too much energy, as the end users will simply uninstall the app that's draining all their battery. "It is very important that, when in range of beacons, we should perform efficient scannings, otherwise we will kill device the battery. iOS performs this scanning without our intervention, but in Android we have the control over the scanning frequencies," Gonzalez said.

Guillen recommends to have it pull once every 30 seconds or minute, or based on some specific data that arises during testing, and then tweaking once it's out in the wild.

He also suggests other ways that you can achieve the same level of data while preserving battery life. "Besides GPS, the mobile has other mechanisms to give you information about your location. Just by having the phone on, it can triangulate using the communication towers [for an] approximate position." You can also set frequency of information pulls based on short-term movement patterns. "Because you're moving very fast, I'll ask more frequently, but, if you are staying in one place," he'll instead ask infrequently over longer intervals.

The MOCA Platform includes a heat map to help determine the best times to pull based on movement. Guillen says that "for privacy and battery you [sometimes] can't follow an entire place-in an airplane, it moves fast, but if you're in a cafe for an hour, you can just send the data once."

Also, after the first pull to see if there are any messages to send back, a good way to save precious battery is that the mobile phone can store the info and then it'll group it into a package, only sending once more, perhaps when the phone is charging at home on WiFi.

This all makes it essential that you are testing any beacon-related program on multiple devices over multiple periods of time, preferably at multiple locations.

How can you assure beacons are efficient?

Like with everything IoT, it's important not only to test the viability and efficiency of your apps and APIs, but also the viability and efficiency of those "things." In this case, beacons can be quite finicky and imprecise things with the radio frequency being easily interrupted.

"In the SDK for this particular problem is reliability, determining whether you are close to the beacon or not. The signals have a lot of characteristics but are not stable. We have found a way to try to stabilize the signal so we can have reliable measurements from the beacon," Gonzalez said.

Not only do you need to test on different devices, but with different obstacles and obstructions that could make things worse.

"There's the reliability of the beacon itself because these things are quite sensitive," Guillen said fiddling with a beacon. "If you have walls in the middle, maybe the reach is shorter than you want. If you want to have a radius of 30 meters, how much power do you have to give it?" He recommends to ask multiple beacons to triangulate a more accurate position to get an average of distances.

You also need to test the reliability of the geolocation data, creating a balance between battery preservation, movement and precision.

"If you use multiple beacons to calculate location, you can be more precise about which part of your store your user is at, such as aisles, queues or sections if they are small. Also, you can't be asking for the user's position every five seconds, or you end up draining half of the phone's battery. The reliability of measuring the distance of the beacon, determining if you are in some of the regions-I think this has been one of the most challenging parts of the SDKs because it's a hand-off between reliability and efficiency."

For this he says that the first thing developers using the MOCA Platform will test is the reliability of the SDK detecting beacons. You can read more about mobile testing strategies here.

How can you assure security and privacy with the openness of beacons?

The list of the IDs of beacons and approximation of distance are tied to the beacon protocols, but, so far, the majority of beacons are with fully open RF, which means multiple parties could be drawing information from the same beacon.

"Security is very important because you don't want your account or your privacy compromised, so you have to be able to give access to your app to all of your users, but the client has to be the only one able to retrieve analytics from his application," Guillen said.

This is where he says OAuth comes in. "You will need it because the information that the mobile retrieves has to be linked to a user in order to be useful. If anyone was able to hack information and send false data about beacons-maybe say that you were in this place and you weren't there-your profile is getting manipulated by someone else. And that's going to affect the client because he won't be able to get good analytics because the data is compromised," he continued.

Gonzalez jumped in to explain: "You can send a new profile with wrong data, but you cannot corrupt someone else's profile as its information is securely managed within the phone and in its way to our servers." He says this is why the user has to use OAuth to log into the app so that his information is just his and not mixed with anyone else. Also, on the client side, they have to be authenticated as well, because they don't want their information to be leaked out to competitors  to breach users and sell their product first."

OAuth and a secure platform to build on is the best way to assure security, privacy and accuracy of information that comes in via beacons.

iBeacon Logo

Is iBeacon the prevailing protocol?

Apple was the first big name to bring beacon to mainstream news with its iBeacon protocol back in 2013. "And after that, a lot of people adopted this protocol because it had a lot of traction," Gonzalez said.

Director of API architecture at the API blog Mike Amundsen says that the iBeacon real estate is in itself a pretty closed system, admitting that "One way to build a platform is to actually dominate the space so no one can get in." But he pointed out that this is limiting, saying that, across the Internet of Things, "Someone has to start thinking about the protocols or the formats, independent of some sort of the product or brand."

Amundsen says that "The challenge is the protocol is really good," but asks if one protocol can really do it all.

Perhaps that's why a year after iBeacon, Radius Networks released another standard called the AltBeacon protocol, which is quite similar to the iBeacon but created for the open source community with the goal of greater interoperability. Gonzalez says that AltBeacon "will still work with iOS but maybe in a different way than iBeacon."

The iBeacon and AltBeacon protocols are just about identifying the beacon itself and its location, but not what the beacon does.

At the start of this year, Google came out with the uriBeacon protocol which is related to URLs.

"Instead of just saying who you are we and where you are, now you can have a beacon directly linked with information to a website. You won't need anything else, read this info from the beacon directly," Gonzalez said.

"The great thing about this solution [uriBeacon] is it's open, it's pragmatic, and it's quite straightforward for a lot of people, but what you lose with this solution is you don't have a lot of flexibility to configure with a console because-imagine you had one thousand beacons in a mall, you would have to go there and program each individual beacon, and the maintenance would be quite high. Other solutions, like the one we're working on, you don't have to even go there."

What should QA keep in mind when testing beacons?

When it comes down to it, some of the things you will test for will be common-sense practices for all quality assurance, while others are tips just for the beacon-based world. Here is a checklist for what to test for the best beacon proximity experience-for your customers and for their end users:

  1. As always, keep developer experience as the priority when testing the API console.
  2. Assure back-end synchronization. Make sure that everything that you've saved in the console is going to your mobile users without any problem.
  3. Check, can it handle the stress?
  4. Battery consumption is an essential factor.
  5. Find the right beacon protocol that works for your needs.
  6. The SDK must prioritize security and privacy, always remembering that the code is actually running on on the mobile devices.
  7. A great proximity experience is about a great user experience. The pleasure comes in the details.

Have you worked with beacons and beacon protocols? Tell us about your experience below!

More Stories By SmartBear Blog

As the leader in software quality tools for the connected world, SmartBear supports more than two million software professionals and over 25,000 organizations in 90 countries that use its products to build and deliver the world’s greatest applications. With today’s applications deploying on mobile, Web, desktop, Internet of Things (IoT) or even embedded computing platforms, the connected nature of these applications through public and private APIs presents a unique set of challenges for developers, testers and operations teams. SmartBear's software quality tools assist with code review, functional and load testing, API readiness as well as performance monitoring of these modern applications.

@ThingsExpo Stories
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...
Artificial intelligence, machine learning, neural networks. We’re in the midst of a wave of excitement around AI such as hasn’t been seen for a few decades. But those previous periods of inflated expectations led to troughs of disappointment. Will this time be different? Most likely. Applications of AI such as predictive analytics are already decreasing costs and improving reliability of industrial machinery. Furthermore, the funding and research going into AI now comes from a wide range of com...
"When we talk about cloud without compromise what we're talking about is that when people think about 'I need the flexibility of the cloud' - it's the ability to create applications and run them in a cloud environment that's far more flexible,” explained Matthew Finnie, CTO of Interoute, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex software systems for startups and enterprises. Since 2009 it has grown from a small group of passionate engineers and business...
SYS-CON Events announced today that GrapeUp, the leading provider of rapid product development at the speed of business, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company, specialized in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market acr...
SYS-CON Events announced today that Ayehu will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara California. Ayehu provides IT Process Automation & Orchestration solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication, and recovery from cyber security breaches. Ayehu provides customers greater control over IT infras...
In this presentation, Striim CTO and founder Steve Wilkes will discuss practical strategies for counteracting fraud and cyberattacks by leveraging real-time streaming analytics. In his session at @ThingsExpo, Steve Wilkes, Founder and Chief Technology Officer at Striim, will provide a detailed look into leveraging streaming data management to correlate events in real time, and identify potential breaches across IoT and non-IoT systems throughout the enterprise. Strategies for processing massive ...
SYS-CON Events announced today that Cloud Academy named "Bronze Sponsor" of 21st International Cloud Expo which will take place October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara, CA. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud com...
In his session at Cloud Expo, Alan Winters, an entertainment executive/TV producer turned serial entrepreneur, presented a success story of an entrepreneur who has both suffered through and benefited from offshore development across multiple businesses: The smart choice, or how to select the right offshore development partner Warning signs, or how to minimize chances of making the wrong choice Collaboration, or how to establish the most effective work processes Budget control, or how to ma...
SYS-CON Events announced today that Enzu will exhibit at SYS-CON's 21st Int\ernational Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to focus on the core of their ...
We build IoT infrastructure products - when you have to integrate different devices, different systems and cloud you have to build an application to do that but we eliminate the need to build an application. Our products can integrate any device, any system, any cloud regardless of protocol," explained Peter Jung, Chief Product Officer at Pulzze Systems, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.
SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business - from apparel to energy - is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assista...
Multiple data types are pouring into IoT deployments. Data is coming in small packages as well as enormous files and data streams of many sizes. Widespread use of mobile devices adds to the total. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists looked at the tools and environments that are being put to use in IoT deployments, as well as the team skills a modern enterprise IT shop needs to keep things running, get a handle on all this data, and deliver...
In his session at @ThingsExpo, Eric Lachapelle, CEO of the Professional Evaluation and Certification Board (PECB), provided an overview of various initiatives to certify the security of connected devices and future trends in ensuring public trust of IoT. Eric Lachapelle is the Chief Executive Officer of the Professional Evaluation and Certification Board (PECB), an international certification body. His role is to help companies and individuals to achieve professional, accredited and worldwide re...
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
IoT solutions exploit operational data generated by Internet-connected smart “things” for the purpose of gaining operational insight and producing “better outcomes” (for example, create new business models, eliminate unscheduled maintenance, etc.). The explosive proliferation of IoT solutions will result in an exponential growth in the volume of IoT data, precipitating significant Information Governance issues: who owns the IoT data, what are the rights/duties of IoT solutions adopters towards t...