• It is a wireless technology therefore susceptible to spying and remote access.
• Bluetooth offers several security modes.
• Bluetooth users can establish "Trusted devices"that can exchange data without asking permission.
• When any other device tries to establish a connection to the users gadget,the user has to decide to allow it.
• "Service level security" and "Device level security" work together to protect Bluetooth devices from unauthorized data transmission.
• Security methods includes authorization and identification procedures that limit the use of Bluetooth services to the registered user and require that users make a conscious decision to open a file or accept data transfer.

Services can have one of 3 security levels:-

Level 1: Open to all devices,the default level.

Level 2: Authentication only,fixed PIN

Level 3: Requires authentication and authorization PIN number must be entered

Link level security:

This is implemented bye symmetric keys in a challenge response system.

Critical Ingredients: PIN, BD_ADDR, RAND(), Link and encryption keys.

PIN: It is up to 128bit number,can be fixed.Can be entered in both the devices.

BD_ADDR: Bluetooth device address-It is unique 48 bit sequence.Device must know the address for communication.

Link key: 128 bit random number is used for authentication purposes.Paired devices share a link key.

Private encryption key: 8-128 bits key regenerated for transmission from link key.

RAND: Frequently changing 128 bit,Random number generated by the device.