Well, we've all heard what happens when you assume and I've fallen victim to it... one more time. Turns out, when a WiFi device is not connected to a WAP it continually broadcasts probe requests to search for a WAP that it recognizes. If our cell phone recognizes a WAP, it then begins the authentication process. This is how our devices are able to register themselves with any network that does not broadcast its SSID.
Stores with multiple monitoring devices that are tuned to capturing probe requests can monitor and triangulate the location of a specific device's location within its premises. Each probe request contains the device's unique MAC address allowing stores to differentiate between all the probe requests. Below is an image of a wireshark capture of a probe request from aircrack-ng:
The source address field would contain the device's MAC address.
Thus, stores can monitor your cell phones' probe requests and watch your movements through the store. This provides a more granular peek at the behaviour of their customers and can be used to not only show how people move throughout their store but show which areas are more popular. It can provide more metrics on the success of particular campaigns. I can see large department stores or malls being particularly interested in this type of technology.
For the more privacy minded folks who want to avoid being tracked, the simple solution is to shut off your WiFi on your phone when you leave your home.
No comments:
Post a Comment