• State Not Answered
  • Replies 3 replies
  • Subscribers 74 subscribers
  • Views 1672 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 272556
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Constant Android Bluetooth Pairing Requests for ALREADY PAIRED device after new Android security update

veletron

Hi

Since a recent Android security update, I am experiencing issues with my 'Just Works' device based on NRF52832. Prior to this Android update, once paired, I would receive no further 'Pairing Requests' however, since the change (to Android), I get a brand new 'Pairing Request' for my already paired device every time the connection is lost and an attempt is made to re-establish it (eg when the central goes out of range of the peripheral).

My device is 'Just Works' Mode 1, security level 2 - unauthenticated pairing with encryption.

The issue is further exacerbated by the Peripheral which expects the central to handshake, reporting what it is within 10 seconds after beginning a connection. With this in place, if the user does not tap 'yes' on the new pairing request on the phone, then the peripheral kicks the central, and moves back to advertising and the whole process starts again!

This is 100% definitely due to a change in Android, iOS continues to work fine, older builds of Android continue to work fine.

I am not alone with this issue as the following threads show:

https://www.reddit.com/r/TheSilphRoad/comments/jvcocd/question_keep_getting_a_bluetooth_pairing_request/

https://www.reddit.com/user/Ritchie-2528

https://www.reddit.com/r/dexcom/comments/jj461v/android_11_issue_with_dexcom_g6_using_xdrip/

This is possibly the Android security update  that caused the issue:  https://source.android.com/security/bulletin/2020-11-01?hl=en

Posting here in the hope that someone else has and has found a way to resolve this issue?

Karen

  • 0

    Hi Karen,

    I have not come across this issue before, but if someone else has on this forum it would good with some feedback.

    It would be good to understand what actually happens here. Is it possible for you to make a sniffer trace? Also, what is the behavior like if you delete the bond on both the nRF and Android, and then bond again? Does the issue reappear, or does it only apply to devices that were bonded before the Android phone was updated?

    Einar

  • 0 in reply to Einar Thorsrud

    Sorry, I got bogged down with other stuff. Issue occurs on Android 11 no matter whether the bonding was done b4 the 10-->11 update or otherwise. EG, fresh clean phone already running android 11, install app, pair with device, appears under 'paired devices' but every time you leave and then come back into range you get another pairing request despite the identity  of the device not having changed and the keys exchanged during the initial pairing being identical to current. If I get time I'll try adding MITM to the peripheral and see if that 'fixes' it, seems that this is an ill-thought-out security fix in android to prevent tracking on 'Just Works' Mode1 level 2 devices.

  • 0 in reply to veletron

    Hi,

    Thanks for the information. We have not been able to reproduce this issue, though there is clearly something there. I suspect there must be something else needed to trigger this, in addition to Android 11 and just works pairing. Please let me know if you make any progress or if you can provide firmware for a DK that can be used to reproduce this issue with a specific Android device.

Related
Terms of service