Changes

==Solution description==

==Solution description==

GPS trackers provide valuable data for business efficiency and secure vehicles against thefts. At the same time, the tracking devices can be stolen with a purpose to sell them, sabotaged by reconfiguring with fault parameters, or hacked to steal sensitive data. To prevent unauthorized access to the trackers, it is necessary to have additional security measures for logging in through all possible devices. When a login fails, the user is denied access and trackers remain safe.

GPS trackers provide valuable data for business efficiency and secure vehicles against thefts. At the same time, the tracking devices can be stolen with a purpose to sell them, sabotaged by reconfiguring with fault parameters, or hacked to steal sensitive data. To prevent unauthorized access to the trackers, it is necessary to have additional security measures for logging in through all possible devices. When a login fails, the user is denied access and trackers remain safe.

*[https://wiki.teltonika-gps.com/wikibase/images/4/4e/FMBXX_TLSDTLS_encryption_configuration_v0.3.pdf TLS/DTLS prepare guide]<br />

*[https://wiki.teltonika-gps.com/wikibase/images/4/4e/FMBXX_TLSDTLS_encryption_configuration_v0.3.pdf TLS/DTLS prepare guide]<br />

==Installation==

==Installation==

[[File:Example Inst.jpg|thumb|Instalation|alt=|379x379px]]

[[File:Example Inst.jpg|thumb|Instalation|alt=|260x260px]]

For gain access to ability change default security state (for device from the factory) you need power up device (10-30V) and connect via USB to the PC. After device will be powered and LED indicators start work you can access to settings.

For gain access to ability change default security state (for device from the factory) you need power up device (10-30V) and connect via USB to the PC. After device will be powered and LED indicators start work you can access to settings.

====2.1. Set up Keyword:====

====2.1. Set up Keyword:====

[[File:Keyword use.gif|thumb|379x379px|alt=|Set up keyword]]

[[File:Sey up keyword.gif|alt=|thumb|365x365px|Set up keyword]]

====2.2. SMS security:====

====2.2. SMS security:====

[[File:SMS_Security.gif|alt=|Set up sms secutiry|thumb|365x365px]]

[[File:Set up SMS security.gif|alt=|thumb|365x365px|Set up sms secutiry]]

Essential fields in SMS/Call settings are Login and Password. The login and password are used with every SMS sent to FMB130. If login and password are not set, in every SMS sent to FMB125 device two spaces before command have to be used (<space><space><command>).

Essential fields in SMS/Call settings are Login and Password. The login and password are used with every SMS sent to FMB130. If login and password are not set, in every SMS sent to FMB125 device two spaces before command have to be used (<space><space><command>).

Phone numbers have to be written in international standard, using "+" is optional but not necessary (in both cases number will be recognized, but when number is without "+" symbol, IDD Prefix will not be generated, which depends on location of the phone). If no numbers are entered, configuration and sending commands over SMS are allowed from all GSM numbers.

Phone numbers have to be written in international standard, using "+" is optional but not necessary (in both cases number will be recognized, but when number is without "+" symbol, IDD Prefix will not be generated, which depends on location of the phone). If no numbers are entered, configuration and sending commands over SMS are allowed from all GSM numbers.

* at least 8 characters

* at least 8 characters

====2.5 BLE STANDARD AES-128====

====2.5 BLE STANDARD AES-128====

[[File:BLE_STANDARD_AES-128.gif|alt=|thumb|365x365px]]

[[File:BLE Standart AES-128.gif|alt=|thumb|365x365px|BLE standart AES-128]]

Since this version '''03.27.07''' there has been an implementation of BLE transferred data encryption with '''AES128 cipher'''. In '''Bluetooth 4.0 tab''' under '''Settings''' there is a field for a '''AES128 key'''. Which if left empty, the BLE outgoing data will not be ciphered and incoming data will not be decoded. AES128 key field settings showed below.

Since this version '''03.27.07''' there has been an implementation of BLE transferred data encryption with '''AES128 cipher'''. In '''Bluetooth® 4.0 tab''' under '''Settings''' there is a field for a '''AES128 key'''. Which if left empty, the BLE outgoing data will not be ciphered and incoming data will not be decoded. AES128 key field settings showed below.

If a key is present the outgoing data will be ciphered by the configured key and incoming data will be deciphered. The '''AES128 key''' must be in '''HEX format with a length of 16 bytes'''. As an example 11223344556677889900AABBCCDDEEFF is used.

If a key is present the outgoing data will be ciphered by the configured key and incoming data will be deciphered. The '''AES128 key''' must be in '''HEX format with a length of 16 bytes'''. As an example 11223344556677889900AABBCCDDEEFF is used.

==SECURE CONNECTION TO SERVER (TLS)==

==SECURE CONNECTION TO SERVER (TLS)==

[[File:TLS.gif|alt=|thumb|365x365px]]

[[File:Tls option.gif|alt=|thumb|365x365px|TLS]]

In 03.27.07 base firmware version, Transport Layer Security TLS functionality has been updated and implemented for Teltonika GPS device series FMB0YX, FMB9X0, FMB1YX, FMU1YX, FMM1YX, FMC1YX, FMB2YX, and the model FMT100.

In 03.27.07 base firmware version, Transport Layer Security TLS functionality has been updated and implemented for Teltonika GPS device series FMB0YX, FMB9X0, FMB1YX, FMU1YX, FMM1YX, FMC1YX, FMB2YX, and the model FMT100.

TLS is a cryptographic protocol that provides end-to-end security of data sent between server and tracker.

TLS is a cryptographic protocol that provides end-to-end security of data sent between server and tracker.

[[Category: Usage scenarios]]

[[Category: Usage scenarios]]