Force BLE connection & pairing inside my own mobile app

RE: Force BLE connection & pairing inside my own mobile app

Edvin — Wed, 21 Aug 2019 07:01:44 GMT

The easy answer is that this is not possible. A peripheral connects to a phone, and not an app. The softdevice doesn't have any method to ensure this.

But as I tried to say, you can try to do some tricks with the key handling, so that it would be more difficult, but it is not possible to restrict the use only with one app.

Let us say that your peripheral requires the phone to send a certain message every 5 seconds, or else it will disconnect. Let us say that your app does this, so when you use another app, it will disconnect. But if someone tries to sniff this connection, and they see what's going on, it will be possible to replicate in their own app.

RE: Force BLE connection & pairing inside my own mobile app

thoric_fish — Tue, 20 Aug 2019 18:53:20 GMT

Hi Edvin,

What about ensuring the Nordic peripheral only connects to my own app? Like you mentioned if other app have the same passkey as my own app then the other app can connect to the Nordic peripheral. Does SoftDevice support any method to make sure the Nordic device only can connect to my app, in addition to pairing with passkey?

For example the Nordic peripheral would first check a unique token from my app before successful connection and then check for a correct passkey before pairing.

RE: Force BLE connection & pairing inside my own mobile app

Edvin — Tue, 20 Aug 2019 10:42:59 GMT

Hello,

[quote user=""]There are options for whitelisting and scanning & filtering by addresses, UUIDs, and other identifiers but it seems like all of these can be spoofed.[/quote]

I would not be surprised if the fitbit pairing can be spoofed as well. Basically, you mention all the methods that prevent your device from pairing with the "wrong" devices. Passkeys probably being the most commonly used. This can be implemented in your app (that it will automatically fetch and send the passkey for you), but there is nothing stopping any other apps from sending the same passkey. I bet that the fitbit app checks the serial number of the device, fetch the passkey from the cloud and then sends it, allowing only the app to connect to it. If you sniff the connection being established (for the first time, since it probably uses bonding), you would probably be able to sniff up something, unless they use LESC on top of that). That being said, I have not tested the fitbit pairing. I don't know how they restrict it to be used with the app. It is only speculations.

So basically, you can refuse a connection if the connecting device doesn't have the right keys. It is also possible to do some "security by obscurity", but that will only work until someone figures out how you secure it.

So the only option I can think of is to use some Out of Band pairing keys which you need to store in a database in the cloud, which only your app can access. Then your app needs to fetch the advertising name, or some serial number that differs between each device to request that specific key to pair with your device. You can, of course, use the same key for every device, but again, if someone figures out that key, and this leaks, then anyone can connect to it.

Best regards,

Edvin