Apple and Google Join to End Unauthorized Tracking Alert System
Apple and Google have cooperate to work on a industrial design specifications designed to address security risks and alert users when they are being tracked without their knowledge or permission using devices such as AirTags.
“The first specification of its kind will enable Bluetooth locator devices to be compatible with unauthorized tracking detection and alerts across Android and iOS platforms,” the companies said in a joint statement.
While these trackers are primarily designed to keep tabs on personal items such as keys, wallets, luggage and other items, such devices have also been misused by criminals to criminal or malicious purposesincluding cases of stalking, harassment, and theft.
The aim is to standardize warning mechanisms and minimize opportunities for abuse across Bluetooth location tracking devices from different vendors. To that end, Samsung, Tile, Chipolo, eufy Security, and Pebblebee have all joined forces.
Accordingly, tracking devices manufactured by the company are required to comply with a series of instructions and recommendations and notify users of unauthorized tracking of iOS and Android devices.
“Formalizing a set of best practices for manufacturers will enable scalable compatibility with unwanted tracking detection technologies across multiple smartphone platforms and enhance privacy and security for individuals,” according to spec.
“Unwanted tracking detection can detect and alert individuals that a location tracker separate from the owner’s device is traveling with them, as well as provide a means to locate and disable trackers.”
An important aspect of the proposed specification is the use of an installation register, which contains verifiable (but obfuscated) accessory owner-identifying information (eg, phone number or email address) together with the serial number of the accessory.
Learn How to Stop Ransomware with Real-Time Protection
Join our webinar and learn how to stop ransomware attacks in their tracks with real-time MFA and service account protection.
In addition to retaining data for a minimum period of 25 days after a device is unpaired (at which time it is wiped), the installation registry is available to law enforcement upon submission of a valid request.
The company solicited feedback from interested parties, after which production implementations of the specifications for unwanted tracking alerts are expected to be released around the end of the year in both mobile ecosystems.
The last time Apple and Google worked together was to design a system-level platform that used a Bluetooth low energy (BLE) beacon to enable contact tracing during the COVID-19 pandemic without using location data.
