I know we can pair any bluetooth device without promoting on user screen but it is not secure. I guess as passkey will remain same for such connections for all the devices so anyone can sniff or do eavesdropping. How can we reduce the risk or make it more secure?
I heard somebody is saying user public/private key to generate the link key but is that possible for such insecure connections?? Ref Secure Simple Pairing
I hope I am able to put the question clearly !
I've only been working with Bluetooth Low Energy, so I'm not sure about the other. I know you can pair two devices without a PIN and then switch to a secure connection which I believe encrypts the communication between the devices. I haven't used the secure connection yet, but I think it uses some form of public key exchange to encrypt the communications.
So, this would only be secure in that you can't eavesdrop. There's no restriction preventing someone else connecting to the device as there's no PIN.