iPhone BLE Privacy Feature

When you scan for BLE devices, you probably notice a lot of no name devices.
More likely, there are iPhones. It’s good privacy feature as you don’t want to advertise your phone name to everyone.

In addition, Apple uses new Bluetooth 4.0 Privacy Feature, which changes its ID on a frequent basis. Thus, you can’t track.

  • The only way to tell if it’s iPhone is using Manufacturer data. But you can’t track a particular one.
  • Per Bluetooth Core Specification, Manufacturer data is type 0xFF.
    Note: You can see this value from Core Bluetooth API \ didDiscoverPeripheral function \ advertisementData \ kCBAdvDataManufacturerData.
  • 1st 2-byte is Company ID in little endian.
  • If the is “0x004C”, which indicates Apple, Inc.
  • Complete list here: https://www.bluetooth.org/en-us/specification/assigned-numbers/company-identifiers
iPhone BLE Privacy Feature

Notes on Apple Core Bluetooth Peripheral ID

  • The only peripheral ID that Core Bluetooth API offers after discovery is CBPeripheral.identifier.
  • Not MAC address.
    You can’t get MAC address via Core Bluetooth. There is no public API for this. If this is an internal or jailbreak application you can get the value of the kLockdownBluetoothAddressKey key via liblockdown.dylib.
  • It’s obtained via callback function didDiscoverPeripheral. (iPhone acts as central device)
  • Type is NSUUID, not CBUUID. UUID is deprecated as of iOS 7.0.
  • identifier has been moved to CBPeer class, which is base class of CBPeripheral. So net effect is the same.
  • A different central will return a different id for the same peripheral.
  • A central will return the same id for a peripheral. Thus, it can be stored and used later per Apple doc.
    However, I don’t know how long it will return the same id.
    Important: assuming the peripheral doesn’t use Bluetooth 4.0 Privacy feature, which changes its ID periodically.
  • Peripheral MAC & central id (& possible time) is used (by Core Bluetooth) in generating this CBPeripheral.identifier.
Notes on Apple Core Bluetooth Peripheral ID