You are watching your favourite series on TV and there is a break, an advertisement comes on. You decide to check the messages on your smartphone. As soon as you unlock it, a pop up from the same advertisement you were seeing on your TV appears on your smartphone.

This scary technology, called ultrasonic cross-device tracking, uses a high frequency inaudible to the human ear  to speak with smart devices that carry the same technology.

The high-frequency sound is embedded in the advertisement itself; sometimes it is hidden in the code of the advertisement and gets picked up by the microphones in smart devices. It helps the smart devices understand when to display the advertisement.

A few companies offer special awards to users who allow microphone permissions to grant ultrasonic cross-device tracking. There are companies that blatantly use the technology to profit from the advertisement without caring what the absentminded users think.

Many companies use ultrasonic cross-device tracking to know if the users are watching their advertisements; and if they do, how long are they watching their advertisements for, and are they buying the advertised products. This way the intrusive technology helps companies create targeted advertisements.

Companies like Pepsi, Nestle, and Google are investing in ultrasonic cross-device tracking or are working with companies like Silver Push or Signal 360 to use it.

Recently, cyber security experts at the Black Hat security convention demonstrated how the ultrasonic cross-device tracking technology was used to trace TOR users by discovering their real IP address.

The TOR users were tricked into opening a page or link having the advertisements that omit ultrasonic cross-device tracking. They were probably caught because their smart devices were placed near their computers. Once their devices received the frequency, they would link to the advertisements from the computer, which were used to trace their location.

What Can We Do

For Android devices, you should go to Settings then to Apps then you should click on Icon Gear. Then click on App Permissions to check and edit the permission you have granted to each application.

For iOS, you need to go Settings, then Privacy, and then Microphone to see which applications have requested access, and which ones you’ve granted it to.

A few security researchers have developed a Chrome extension, called Silver Dog. This beacon blocker filters the HTML5 codes used to transmit the audio used by the ultrasonic cross-device tracking technology. However, this beacon-blocking extension does not block frequencies used by the Flash Player.