The latest hype around Bluetooth is called Bluejacking. While I think it's more of a social phenomenon, some think it's a great marketing opportunity.
The name in itself is deceiving. As we'll see later in this article, there's no "hijack" in the sense that noone's phone is possesed by or under the control of someone else's device.
The Bluetooth platform is meant to be used as a wire replacement, creating a personal network (see our previous article What is Bluetooth?) between personal objects: mobile phone, computer, PDA, headset, printer are example of devices that can interact with each other using Bluetooth. For a good idea of what you can do with Bluetooth, I recommend watching this short presentation.
It also gives the user conditions to determine what devices can connect to each other: all, none, paired. A device is paired with each other through a manual process that requires the owner's intervention, i.e. entering a PIN in each device so they can exchange a security key.
For security reasons, Bluetooth allows the user to select different states for each device: off, on, discoverable. While on other Bluetooth devices that already know about it can request a connection. The discoverable state allows other Bluetooth devices to "see" this device and it should only be used when users want to allow someone to find their device so they can proceed with pairing. All very safe.
Once connected, Bluetooth devices exchange information using specialised protocols called profiles. When using personal computers and PDAs, the user has the option to turn on and off each one of these profiles and select if pairing is a condition to allow a connection. In general, on mobile phones there is only one switch for Bluetooth, but not for each individual profile. It means that for some services pairing is required while for other ones simply "finding" the destination is enough.
On mobile phones the DUN (dial up) service requires pairing in all mobile phones. Otherwise you could simply find someone with a Bluetooth phone in on mode and connect to the internet from your PDA using its GPRS account! However the PIM Exchange generally accepts any request.
The PIM Exchange is like swapping business cards. It works like this: you create an entry in your Address Book or Contacts application on your mobile phone, PDA or computer and select it as your Business Card. When another device comes in range you can initiate a Business Card Exchange, Request a Business Card or simply Send a Business Card.
Now the Bluejack comes into action. Some users don't realise (or know) that they have Bluetooth on and set in discoverable mode. The person about to perform the Bluejack simply goes to a busy place, uses the Bluetooth search function and when a Bluetooth mobile phone is found the person sends the Business Card with a joke or other comments. In general the recipient will hear a beep, and see a message with the first name in the card with the question "Accept card Y/N?".
That's it. This is the end of the Bluetooth part on Bluejacking. Now the recipient will look around trying to find who sent the joke or message.
Bluejack works most of the times with mobile phones because of the default settings, but will not work with PDAs and computers because of more restrictive default security.
Some think this is funny, and certainly can help creating some interesting situations. Some companies are already working trying to find a niche. A British company, Rainier PR published a paper exploring the opportunities this can create. It says:
"Bluetooth offers a new communications channel to marketeers. But the technology needs to be respected if they are to avoid alienating consumers.
Bluejacking offers three distinct opportunities for marketeers:
Viral communication: exploiting communication between consumers to share content such as text, images and Internet references in the same way that brands such as Budweiser, Honda, Trojan Condoms and even John West Salmon, have created multimedia content that has very quickly been circulated around the Internet
Community activities: dating or gaming events could be facilitated using Bluetooth as a channel to communicate between participants. The anonymous nature of bluejacking makes is a superb physiological tool for communication between individuals in a localised environment such as a cafe or pub
Location based services: Bluejacking could be used to send electronic coupons or promotional messages to consumers as they pass a high street shop or supermarket. To date SMS text messaging has been used with mixed success as a mechanism to send consumers location based information
Opt-in schemes can clearly be made to work as the plethora of loyalty cards such as Nectar in the UK show. Although this requirement clearly restricts the opportunity for the marketing community, it is essential to avoid alienating consumers."
An example of opt-in schemes is using a client software installed on a handheld device to connect to a server when the user wants it. In our article Content distribution using a point server application we discuss the concept of content distribution and show one solution called Jellingspot.
With Jellingspot the user decides when to receive messages, coupons, cinema schedule and other information, by starting the client program when needed. There's no unsolicited advertising in this context, simply because the user has the option to turn the program off.
Is Bluejacking something to worry about? Certainly, like e-mail spam it can be annoying, invasive and unwelcome. But Bluetooth users have the option to block Bluejackers. And in terms of security Bluejacking in itself is not like accessing someone's computer to find information. In this case information is sent, not extracted. It's more like a way to initiate a conversation in a cafe or perhaps play a prank.
The BluejackQ website contains tales, instructions and tips on how to do the "Bluejack".