Out of a reflex of distrust, I refuse to participate in any kind of loyalty program of the outlet of the large retail store around the corner.
I tell myself that by refusing to join the loyalty program (which basically comes down to scanning an anonymous loyalty card every time I make a purchase), I prevent them from adding my correlations (what products I buy, in what combos, at what time) to their data.
But since I normally pay by card, I guess they can (and do) already do that with my bank account information?
If I would pay with cash, they can still see those correlations per purchase, but they can’t track my purchases over time?
IPhone/android randomize their MAC addresses now to prevent this kind of long term tracking.
Stores will see you walking the store anonymously and be able to create a general customer heatmap, but since this virtual MAC rotates, they won’t be able to correlate this to you indivdually long term.
I believe phones broadcast a sort of fingerprint when searching for wifi and/or Bluetooth connections. No MAC address needed!
The MAC is generally the fingerprint. Looks like Apple handles this when searching as well:
https://support.apple.com/guide/security/wi-fi-privacy-secb9cb3140c/web
I haven’t heard of anything else besides MAC being broadcast during the searching phase. Can you give an example or technical term?
Phones routinely look for specific SSIDs by their names. Imagine you’re strolling through a mall while your appearance changes every 2 seconds, but you keep yelling out the names of 5 other peoole. People will not know who you are really, but they will be able to follow you around because they will know that it’s you who yells those 5 names no matter what you look like.
That, and things like Apple Pay randomize the card number when you pay. It’s why my local grocery store refused to switch to contactless payments for so long. They finally gave in and are piloting it on some stores now.
How does that work for broadcasts from your device, designed to prompt beacons from dorman aps you might have joined before? Once you join it provides a random mac, but before then?
They use randomized MACs there too.
You can set MACs to not randomize for specific WiFi, but by default it’s on and random.