FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

4167 questions

4739 answers

3460 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
306 views
in Vehicle tracking by anonymous

We are considering using your FMB204 product.

I'm wondering how does this product authenticate against the server? In the configuration tool we can configure the server URL, but no authentication.

On the Codec Wiki page I see that the device identifies itself using it's IMEI. But it looks to me like anyone could send a package to a server using that IMEI, pretending to be that device - or am I missing something?

Ideally the packages would be signed on the device using a private key (non-retreivable, secured in hardware), so that the authenticity can be checked on the server side using the corresponding public key. Does such a mechanism exist? If not, how do you ensure authenticity?

1 Answer

0 votes
by anonymous
Hi,

If someone wants to send the data to your server,

they should know one IMEI from your data base,IP of your server and the port number.

But it's difficult to get these three details for someone who outside.

If someone took the hardware also, You can protect the device configuration file by setting password through configurator.

I think, for a normal vehicle tracking application, these security measures are enough.

Thanks in advance

Naveen