CRM Communication via Beacons with Security & Privacy in Mind

Written by

One of the latest and hottest trends in the retail world is the use of micro-location technology to provide personalized and highly customized communication to mobile app users, who are either inside a store or within its vicinity. With GPS not working inside buildings, and Wi-Fi triangulation being imprecise, beacons came into the spotlight. These are small battery-powered pieces of hardware, the only job of which is to emit a low frequency radio signal, thus notifying nearby mobile phones about their presence.

Beacon technology is becoming more and more popular within retailers, who actually gain a new channel for communication with their customers, to whose mobile phones they can push notifications when the device is detected entering or on the premises. Coupled with, for example, loyalty programs, retailers can use this technology to influence the behavior of customers even before they actually identify themselves by presenting a loyalty card during checkout. The same beacon infrastructure set up in a venue enables more practical functionalities, such as indoor guidance, thanks to which mobile app users can navigate on their own.

A well-designed mobile application, supported by well thought through marketing communication from a brand owner, drives sales and improves customer experience. The IT software platform enabling customer identification, push notifications based on beacon proximity, indoor navigation and analytics makes use of location-based services to fetch data and transform business logic into smart communication with customers.

However, although the security measures on the software side are widely known and have been rigorously tested, the physical beacons and their security is one issue that raises many questions, both from retailers and end customers.

The current market is already filled with beacons of many kinds, sizes, shapes and purposes. Are they all secure enough? Why do their prices differ so much? How do they communicate with the backend platform and mobile application? What about privacy? There are quite a few threats associated with the use of beacons. If security is compromised, customers’ private data is at risk. If beacons are hacked, an unauthorized third party can use this information to broadcast their own communication. So, how can this scenario be avoided?

Having security in mind, Comarch is now manufacturing own-brand Beacons, meaning that the software provider responsible for delivering the location-based services platform is also a hardware provider. In practice, this means full control of the production process, with no third-party devices being imported and integrated into the software. Instead of that, Comarch Beacons come with a patented Secure Element, which is physically mounted inside a beacon and which is responsible for secure encryption.

In addition, the IoT platform, which provides connectivity between beacons and the software, has its own micro-service responsible for beacon identification and verification. Critically, this is hosted in a Comarch Data Center, so data is not transmitted to any external cloud service and there is no chance of information being compromised during an exchange. Full control over an environment where decrypting algorithms are launched and security keys are stored provides extra protection against fraudulent actions.

The security provided in all three dimensions, namely application software, beacon devices and hosting environment, ensures data is kept safe, customer privacy is maintained and the highest quality is delivered.

Learn more about Comarch IT security solutions here

Brought to you by

What’s hot on Infosecurity Magazine?