WO2022173320A1 - Method and system for collecting user device identifiers in the form of mac addresses - Google Patents

Abstract

The present technical solution relates in general to the field of computer engineering, and more particularly to methods and systems for collecting user device identifiers. When a user device receives a response to a request with a randomized MAC address, it initiates connection to an access point, believing the point to be close by. Under international standards, the user device must use its real MAC address for connection. The present technical solution responds to all personal requests on behalf of the point to which it has been assigned. Thus, the user device begins to think that the access point for which a request was initiated is close by and discloses its real MAC address by one of the methods described above. The technical result is that of more accurately and reliably obtaining the real MAC address of a device, given in the firmware thereof, by circumventing the randomization mode.

Description

METHOD AND SYSTEM FOR COLLECTING USER DEVICE IDENTIFIERS IN THE FORM OF MAC ADDRESSES

FIELD OF TECHNOLOGY

[001] This technical general relates to the field of computing, and in particular to methods and systems for collecting user device identifiers.

BACKGROUND OF THE INVENTION

[002] The technical solution "Sniffing Beacon Frames" is known from the prior art. In this technical solution, using the Scapy Python library, you can receive Beacon packets that contain the MAC addresses of devices sent over the air in search of WiFi networks. The disadvantage of this solution is that if a random MAC address of the device was sent to the air, then using this solution a random MAC address is obtained.

[003] The solution "802.11 Sniffer Capture Analysis - Management Frames and Open Auth" is also known from the prior art. This solution scans a Wi-Fi network using Cisco equipment. In the received data, you can get packets containing the MAC addresses of user devices. If the user's MAC address is randomly generated, then this random address will be displayed in the analysis.

[004] The closest analogue of this solution is the technical solution "Openwrt-probe-request-sniffer". This solution is a firmware for OpenWrt, which allows you to directly collect the MAC addresses of devices by listening to Wi-Fi - the air. A similar disadvantage is that if the user's MAC address is randomly generated, then this random address will be displayed in the analysis.

SUMMARY OF THE INVENTION [005] The technical task or technical problem solved in this technical solution is to obtain the real MAC address of the device, as well as derandomization of the MAC addresses of user devices.

[006] The technical result achieved when solving the above technical problem is to increase the accuracy and reliability of obtaining the real MAC address of the device, which is specified in the device firmware, bypassing the randomization mode.

[007] An additional achievable technical result is a reduction in transmitted traffic, which directly affects the minimum Internet speed requirements for connection.

[008] The specified technical result is achieved due to the implementation of a method for collecting user device identifiers in the form of MAC addresses, performed by at least one computing device and in which a probe request is received on the device for collecting user device identifiers from at least one user communication device to search for wireless points access, containing a random MAC address of this device and a set of recent Wi-Fi networks to which the user's communication device was connected; generating a Wi-Fi network by means of a device for collecting user device identifiers based on the set of Wi-Fi networks obtained in the probe request in the previous step; sending a test response from the device for collecting user device identifiers, containing information that this device is trusted for the user and contains the ability to connect to it; receiving from the user's device an authorization request in the generated Wi-Fi network to the device for collecting user device identifiers, containing the real MAC address of this device; canceling the authorization request received from the user's device by the device for collecting user device identifiers; receive on the device for collecting user device identifiers a test request to search for wireless access points containing the real MAC address of this device. BRIEF DESCRIPTION OF THE DRAWINGS

[009] The features and advantages of the present technical solution will become apparent from the following detailed description and the accompanying drawings, in which:

[0010] In FIG. 1 shows an example implementation of a method for collecting user device identifiers in the form of MAC addresses in the form of a block diagram.

[0011] In FIG. 2 shows an example of the implementation of the scheme of interaction between a user communication device and a device for collecting user device identifiers for collecting user device identifiers in the form of MAC addresses.

[0012] In FIG. 3 shows an example of the implementation of the interaction between the system modules and the device for collecting user device identifiers. [0013] In FIG. 4 shows an implementation of a system for collecting user device identifiers.

DETAILED DESCRIPTION OF THE INVENTION

[0014] Below will be discussed in detail the terms and their definitions used in the description of the technical solution.

[0015] In this invention, the system refers to a computer system, a computer (electronic computer), CNC (numerical control), PLC (programmable logic controller), computerized control systems and any other devices capable of performing a given, well-defined sequence of operations (actions, instructions), centralized and distributed databases, smart contracts.

[0016] A command processing device refers to an electronic unit or an integrated circuit (microprocessor) executing machine instructions (programs), a smart contract, an Ethereum virtual machine (EVM), or the like. An instruction processing device reads and executes machine instructions (programs) from one or more data storage devices. The role of a storage device can be, but not limited to, hard disk drives (HDD), flash memory, ROM (Read Only Memory), Solid State Drives (SSD), Optical Drives.

[0017] A program is a sequence of instructions intended to be executed by a computer control device or command processing device.

[0018] WiFi is a trademark for wireless computer networks. Indicates the wireless communication technology of the IEEE 802.11 standard.

[0019] M AC-address - a unique identifier of user devices in computer networks and wireless networks.

[0020] A router is a device that provides a WiFi connection and handles requests from user devices.

[0021] Embodiments of the present invention will now be discussed in detail, examples of which are illustrated in the accompanying drawings. In the following description, reference is made to the accompanying drawings, in which the same reference numbers in different drawings represent the same or similar elements, unless otherwise indicated. The embodiments presented in the following description of the exemplary embodiments do not represent all embodiments of the invention. Instead, they are only examples of devices and methods corresponding to aspects related to the invention as set forth in the appended claims.

[0022] In FIG. 1 shows an implementation of a method for collecting user device identifiers in the form of MAC addresses by means of a flowchart and the described steps.

[0023] Step 110: receive on the user device ID collection device from at least one user communication device a probe request to search for wireless access points, containing a random MAC address of this device and a set of recent Wi-Fi networks to which the user communication device connected .

[0024] A device for collecting user device identifiers is sometimes referred to in the art as a Wifi radar. The device needs to be connected to the Internet in order to work. Without connection to Internet, the device does not transmit MAC address data to the server. If the connection is interrupted (working via an LTE modem), the device will still send the accumulated statistics. For successful sending, you must have access to the DNS server 8.8.8.8 or 1.1.1.1.

[0025] In accordance with the 802.11 (Wi-Fi) standard, any mobile device periodically sends out probe requests to search for wireless access points. The response to such requests is a message from a wireless access point (English "probe response") indicating its characteristics and connection parameters. In some embodiments, a mobile device may perform an associated device discovery process by transmitting/receiving a Probe Request and a Probe Response defined in the IEEE 802.11 specification, with information indicating the associated specific application added to the probe request, Probe Request, or Probe Response. [0026] The IEEE 802.11 standard is commonly referred to as Wi-Fi. It is an association access system that uses Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA). The CSMA/CA process defines random backoff procedures for all nodes that are waiting to transmit. Therefore, the transfer becomes possible only after the release of the environment. Nodes have to wait for some time, which greatly reduces the chance of collisions. 802.11 networks also use link layer acknowledgments to confirm the successful receipt of a frame. If the sending station does not detect an acknowledgment frame because the original data frame or acknowledgment was not received, the frame is retransmitted. This accurate confirmation helps overcome interference and other problems associated with radio transmission.

[0027] As a communication device of a user or a mobile device, a mobile phone, a tablet computer, and the like can be used. The WIFI frame may include a data frame, a control frame, and a control frame, and the probe request refers to one kind of control frame. In the following description of the solution proposed by the present invention, will be used an example where the WIFI frame is a probe request, the predefined field is the network ID field.

[0028] In some implementation, the user's communication device may be compliant with the IEEE 802.11 specification that allows P2P (Peer to Peer) connections. With this arrangement, a wireless connection can be established by using wireless communication devices compatible with the IEEE 802.11 specification that allow P2P connections.

[0029] The timing of broadcast requests is determined by the user device and depends on the operating system, software version, wireless chip model, and other factors.

[0030] A probe request may be prepared to perform a scan of existing 802.11 networks in an area. The device may initiate sending a probe request and wait for a response to the probe request from the access point (AP), thus discovering the access point.

[0031] The probe request includes a network identifier field (content of the network identifier element), which can generally be specified as a network identifier of a specific network or a network identifier of any network, and has a maximum allowed field length of 32 bytes. In embodiments of the present invention, setting data may be placed in this field.

[0032] In the present embodiment or other embodiments of the present invention, the setting data may include: a network ID and a connection password.

[0033] In some implementations, the user's communications device sends a set of recent Wi-Fi networks to which the user's communications device has connected in the probe request. These networks, for example, may be five or ten, not limited.

[0034] You can summarize the most common cases where the distribution of probe requests, which are disclosed below.

[0035] Enabling the Wi-Fi module consists of the following steps:

• launching a (manual) scan for nearby access points; • awakening the device from sleep mode by pressing a button;

• wake up the device on command from an application or operating system;

• periodic mailing to update the list of access points. [0036] This mechanism is auxiliary, since information about the access points of the user's communication device is obtained by listening to the air for the presence of beacons, which also indicate information about the access point and its parameters.

[0037] In addition to broadcasting requests, the user device can send a personal request to the selected access point in order to verify its performance. Periodically, user devices broadcast for all saved Wi-Fi networks using a simple enumeration method, trying to find at least one point nearby.

[0038] Since the broadcast requests are made often enough, this allows you to track a specific device and even restore the path of its movement. However, this may allow attackers or intelligence agencies to conduct surveillance, as well as to attack a pre-selected device. To avoid such risks, a MAC address randomization technique is used. The main method is that when sending broadcast and personal requests, instead of the real MAC address of the device, a random MAC address is substituted into the frame, which is not in any way associated with this device. Such a MAC address is assigned at a time for the sake of scanning and its lifetime is from several seconds to several minutes. Next, the MAC address is replaced with a new random one and is never used again. Thus, devices can generate requests without revealing their MAC address.

[0039] Step 120: Generating a Wi-Fi network by means of a device for collecting user device identifiers based on the set of Wi-Fi networks received in the probe request in the previous step.

[0040] In this step, a Wi-Fi network is generated based on the set of Wi-Fi networks that were in the probe request of the user's communications device. For active tracking in this technical solution, the MANA method can be used.

[0041] The essence of the MANA method is to respond to all personal requests on behalf of the point for which it was intended. Thus, the user's communication device begins to believe that the access point for which the request was initiated is nearby and, in one of the ways described above, reveals its real MAC address, as will be discussed below.

[0042] Step 130: Send a probe response from the device for collecting user device identifiers, containing information that this device is trusted by the user and contains the ability to connect to it.

[0043] The MAC address collection radius is determined by the physical properties of the space in which the device for collecting user device identifiers is located, as well as its firmware version. In a space without walls and barriers, the device accepts requests from devices at a distance of up to 50 meters. The number of requests processed by the device from devices may decrease as the signal strength from user devices decreases. The device may not work effectively in a space with barriers, walls, or when it is isolated by metal structures, objects. With complete isolation, you can completely eliminate the possibility of collecting MAC addresses.

[0044] When installing multiple devices for collecting user device identifiers in one zone, each of the individual devices processes requests independently and transmits to the server for further processing.

[0045] If the user device receives a response to a request with a randomized MAC address, then it initiates a connection to the access point, as it believes that it is nearby. According to the standard, the user device must use its real MAC address to connect. In practice, devices either try to initiate a connection and, if unsuccessful, send a request with the real MAC address, or after receiving response, another request is immediately sent with the real MAC address.

[0046] For broadcast requests, the logic of the method is different. An access point that implements the MANA method collects statistics of the most popular networks and keeps a database, conditional TOP 10/30/100, etc. in memory. At the moment when a broadcast request comes from the user's communication device, a response with the most frequently encountered networks is sent in response to it. For example, for Moscow it will be MT_FREE, chains of fast food restaurants and other well-known chains. The user device with a high degree of probability finds at least one access point in its list, after which it initiates a connection to it and reveals its real MAC address in one of the specified ways, as shown in Fig. 2. The format of the received data from the user's communication device can be: Protocol | Login | challenge | Response.

[0047] Step 140: receive from the user's device an authorization request in the generated Wi-Fi network to the device for collecting user device identifiers, containing the real MAC address of this device.

[0048] An authorization request is an attempt to authorize on a Wi-Fi network.

[0049] The most common authorization methods are:

• the user must specify his e-mail or account in the social network Facebook and accept the terms of use;

• you just need to accept the terms;

• the network provider sends a QR code, which the user must scan and follow the link received.

[0050] Thus, user devices disclose their MAC address regardless of whether they are connected to any network and whether they have the randomization mechanism enabled.

[0051] If the client device uses the randomization option, when a unique random MAC address is generated for each SSID, then for a technical solution this will look like a multiple of the number of user devices. The difference between the "per SSID" randomization option is only that the binding is not carried out to device, and to a bunch of device + SSID. That is, virtually it can be imagined as a case where a particular user owns several dozen devices and uses each specific device to connect to only one network.

[0052] Graphically, the interaction diagram of the components of the technical solution is shown in Fig. 2.

[0053] The tracking (or tracking) module consists of a startup script, a daemon. During startup, the daemon reads options from the configuration file. The radarjd parameter specifies a unique device name, which can be a firmware router. The server parameter specifies the server to which the discovered MAC addresses should be sent. The port parameter specifies the port to which logs of discovered MAC addresses should be sent. Sending detected MAC addresses is carried out using the above device via TCP protocol using IP.

[0054] While the service is running, the daemon must be running. Starting and monitoring the health of the daemon is performed by external daemons and the tracking module does not affect this process in any way. The daemon writes the discovered MAC addresses to a file line by line. This file is located in the RAM of the device and its size is limited by a threshold of 5 MB by another daemon. If the file exceeds the specified threshold, then another daemon replaces the file with an empty one.

[0055] Another daemon performs a real-time scan of the detected MAC address log file. During each iteration of the main loop, the number of lines in the file is counted, all lines are sent since the last successful data transfer from the device to the server, and the current line number is saved if the transfer was successful. The daemon has been making an infinite number of attempts to send the accumulated log since the last successful send. If the accumulated log exceeds the allowable size of 5 megabytes, the daemon will replace the file and all unsent data will be lost.

[0056] By default, the service starts during the startup of the router OS.

[0057] To stop the service, you must execute a predefined command. [0058] The online module consists of a startup script and a daemon. During startup, the daemon reads options from the configuration file. The radarjd parameter specifies a unique device name. The onliner server parameter specifies the server for collecting statistical and technical data from the router, to which the current status of the device should be sent: processor load, memory consumption, the number of collected MAC addresses. The onliner_port parameter specifies the port to which the current status should be sent. During operation, the online module sends a signal that the technical solution is online and operational.

[0059] Additionally, the following parameters are transmitted from the device to the server:

• current device configuration version;

• configuration type;

• Radar ID;

• router model;

• firmware version.

[0060] Sending is carried out via the HTTP protocol with payload in JSON format to the specified server and port.

[0061] By default, the service starts during the startup of the router OS.

[0062] Step 150: Cancel the authorization request received from the user device by the user device ID collection device.

[0063] The user authorization request to the Wi-Fi network is canceled due to the fact that there is essentially no Wi-Fi network. The access point was simulated and the user has nothing to do with the device. If the authorization request is canceled, the user's communication device will send a test request to search for wireless access points containing the real MAC address of this device, which occurs in the next step.

[0064] Step 160: Receive, at the user device ID collection device, a probe request to search for wireless access points containing the real MAC address of the device. [0065] After real MAC addresses are received, they are transmitted to the server for further processing. Processing involves analyzing and filtering data from unsuitable for export to advertising platforms. [0066] Unsuitable data for export are MAC addresses that cannot be used to establish information about the device manufacturer, as well as data processed using a special algorithm. Devices spoof the MAC address to hide the real ID. This process is called "randomization".

[0067] The data collected by the device for collecting user device identifiers is exported to advertising platforms through a personal account after processing. In some implementations, data can be exported to Yandex, MyTarget, Facebook, etc., without being limited. The data can be exported to an email address and an FTP server. Data can be filtered by collection period and visitor type. It is possible to create updatable downloads. The minimum guaranteed period for updating data on the advertising platform is 24 hours. The data will be available to launch advertising in Yandex.Direct, YAN, Yandex. Display, MyTarget. To access data on advertising platforms Yandex, MyTarget, Facebook when exporting, you must specify the postal addresses or IDs to which the account is registered in the Yandex, MyTarget, Facebook systems, respectively. Uploading audiences to Yandex is possible for several accounts. For MyTarget and Facebook only one. The process of uploading and processing data from advertising platforms can take from 5 minutes to 24 hours, depending on the amount of data.

[0068] In this technical solution, a personal account can be implemented for the user to view data about the collected MAC addresses. The personal account provides access to the monitoring of statistical information on the collected data.

[0069] The data can be filtered by the period and devices for collecting user device IDs, if more than one is set.

[0070] Explanation of statistical figures:

[0071] The total audience is the total collected MAC addresses.

[0072] New guests - the number of MAC addresses registered for the first time.

[0073] Permanent - the number of MAC addresses registered 2 or more times.

[0074] Passed by - the number of MAC addresses that within 1 minute sent consecutive requests in a period of less than 10 seconds.

[0075] Entered - the number of MAC addresses that were closer than 15 meters from the router and were in range for more than 10 seconds. [0076] These parameters are used by default. You can change them in the device card for collecting user device identifiers.

[0077] Referring to FIG. 4, this technical solution can be implemented as a computing system 400 for collecting user device identifiers in the form of MAC addresses, which contains one or more of the following components:

• a processing component 401 comprising at least one processor 402,

• memory 403,

• multimedia component 405, • audio component 406,

• interface 407 input / output (I / O),

• sensor component 408,

• component 409 data.

[0078] The processing component 401 mainly manages all operations of the system 400, such as processing the user data or network connection request, and managing the display, phone call, data transfer, camera operation, and recording operation of the mobile communication device. Processing component 401 may include one or more processors 402 executing instructions for completing all or part of the steps from the above methods. In addition, the processing component 401 may include one or more modules for convenient interaction between other processing modules 401 and other modules. For example, the processing component 401 may include a multimedia module for convenient, lightweight interaction between the multimedia component 405 and the processing component 401.

[0079] The memory 403 is configured to store various types of data to support the operation of the system 400, such as a user profile database. Examples of such data include instructions from any application or method, contact data, address book data, messages, images, videos, etc., all of which run on system 400. Memory 403 may be implemented as any type of volatile memory, non-volatile memory, or combinations thereof, e.g., static random access memory (SRAM), Electrically Erasable Programmable Read Only Memory (EEPROM), Erasable Programmable Read Only Memory (EPROM), Programmable Read Only Memory (PROM), Read Only Memory device (ROM), magnetic memory, flash memory, magnetic disk or optical disk, and others, without being limited.

[0080] The media component 405 includes a screen that provides an output interface between the system 400, which can be installed on the mobile communication device of the user and the user. In some implementations, the screen may be a liquid crystal display (LCD) or a touch panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive input from a user. The touchpad includes one or more touch sensors in terms of gestures, touching and sliding on the touchpad. The touch sensor can not only sense the subject's touch boundary or swipe gesture, but also determine the length of time and pressure associated with the touch and slide operation mode. In some embodiments, media component 405 includes one front camera and/or one rear camera. When the system 400 is in an operating mode, such as shooting mode or video mode, the front camera and/or rear camera can receive media data from outside. Each front camera and rear camera can be one fixed lens optics system or can have focal length or optical zoom.

[0081] The audio component 406 is configured to output and/or input an audio signal. For example, the audio component 406 includes one microphone (MIC) that is configured to receive an external audio signal when the system 400 is in an operating mode, such as a call mode, a recording mode, and a speech recognition mode. The received audio signal may be further stored in the memory 403 or routed through the communication component 409 . In some embodiments, the audio component 406 also includes a single speaker configured to output an audio signal.

[0082] An input/output (I/O) interface 407 provides an interface between the processing component 401 and any peripheral interface module. The above peripheral interface module may be a keyboard, steering wheel, button, etc. These buttons may include, but are not limited to, a start button, a volume button, a home button, and a lock button. [0083] The touch component 408 includes one or more sensors and is configured to provide various aspects of estimating the state of the system 400. For example, the touch component 408 can detect the on/off states of the system 400, the relative position of components, such as a display and a keypad, of a single component system 400, the presence or absence of contact between a subject and system 400, as well as the orientation or acceleration/deceleration and temperature change of system 400. Sensor component 408 includes a proximity sensor configured to detect the presence of a nearby object when there is no physical contact. The sensor component 408 includes an optical sensor (eg, CMOS or CCD image sensor) configured for use in rendering an application. In some embodiments, the sensor component 408 includes an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor. [0084] The communication component 409 is configured to facilitate wired or wireless communication between the system 400 and other devices. System 400 may access a wireless network based on a communication standard such as WiFi, 2G, 3G, 5G, or combinations thereof. In one exemplary embodiment, the communication component 409 receives a broadcast signal or broadcast related information from an external broadcast control system via a broadcast channel. In one embodiment, communication component 409 includes a Near Field Communication (NFC) module to facilitate near field communications. For example, the NFC module may be based on radio frequency identification (RFID) technology, infrared data association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.

[0085] In an exemplary embodiment, system 400 may be implemented by one or more Application-Specific Integrated Circuits (ASICs), a Digital Signal Processor (DSP), a Digital Signal Processor (DSP), a programmable logic unit (PLU), a logic chip, field programmable (FPGA), controller, microcontroller, microprocessor, or other electronic components, and can be configured to implement a method 500 for collecting user device identifiers in the form of MAC addresses.

[0086] In an exemplary embodiment, the non-volatile computer-readable medium includes a memory 403 that includes instructions where the instructions are executed by the processor 401 of the system 400 to implement the methods described above for collecting user device identifiers in the form of MAC addresses. For example, a non-volatile computer-readable medium can be ROM, random access memory (RAM), compact disk, magnetic tape, floppy disks, optical storage devices, and the like. [0087] Computing system 400 may include a display interface that transmits graphics, text, and other data from a communications infrastructure (or framebuffer, not shown) for display on media component 405. Computing system 400 further includes input devices or peripherals. Peripheral devices may include one or more devices for interacting with a user's mobile communications device, such as a keyboard, microphone, wearable device, camera, one or more audio speakers, and other sensors. Peripherals may be external or internal to the user's mobile communication device. The touch screen may display, typically, graphics and text, and also provides a user interface (such as, but not limited to, a graphical user interface (GUI)) through which a subject may interact with the user's mobile communications device, such as accessing and interacting with with applications running on the device.

[0088] The elements of the proposed technical solution are in a functional relationship, and their joint use leads to the creation of a new and unique technical solution. Thus, all blocks are functionally connected. [0089] All blocks used in the system can be implemented using electronic components used to create digital integrated circuits, which is obvious to a person skilled in the art. Not limited to, microcircuits can be used, the logic of which is determined during manufacture, or programmable logic integrated circuits (FPGA), the logic of which is set by programming. Programmers and debugging environments are used for programming, allowing you to set the desired structure of a digital device in the form of a circuit diagram or a program in special hardware description languages: Verilog, VHDL, AHDL, etc. An alternative to FPGAs can be programmable logic controllers (PLCs), basic matrix crystals ( BMK), requiring a factory production process for programming; ASIC - specialized custom-made large integrated circuits (LSI), which are significantly more expensive for small-scale and single-piece production.

[0090] Typically, the FPGA chip itself consists of the following components:

• configurable logical blocks that implement the required logical function;

• programmable electronic links between configurable logic blocks;

• programmable input/output blocks that provide communication between the external output of the microcircuit and the internal logic.

[0091] Blocks can also be implemented using read-only memories.

[0092] Thus, the implementation of all used blocks is achieved by standard means based on the classical principles of implementing the fundamentals of computer technology.

[0093] As one of skill in the art will appreciate, aspects of the present technical solution may be implemented as a system, method, or computer program product. Accordingly, various aspects of the present technical solution may be implemented solely as hardware, as software (including application software, and so on) or as an implementation that combines software and hardware aspects, which may be referred to generally as a "module", "system", or "architecture". In addition, aspects of the present technical solution may take the form of a computer program product implemented on one or more computer-readable media having computer-readable program code embodied thereon.

[0094] Any combination of one or more computer-readable media can also be used. The computer-readable storage medium can be, without limitation, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or any suitable combination thereof. More specifically, examples (non-exhaustive list) of a computer-readable storage medium include: an electrical connection using one or more wires, a portable computer diskette; hard disk, random access memory (RAM), read only memory (ROM), erasable programmable read only memory (EPROM or Flash memory), fiber optic connection, compact disc read only memory (CD-ROM), optical storage device, magnetic storage device or any combination of the above. As used herein, a computer-readable storage medium can be any flexible storage medium that can contain or store a program for use by or in connection with a system, device, apparatus, or in connection with them.

[0095] The program code embedded in a computer-readable medium may be transmitted using any medium, including, without limitation, wireless, wired, fiber optic, infrared, and any other suitable network, or a combination of the foregoing.

[0096] The computer program code for performing the operations for the steps of the present technical solution may be written in any programming language or combinations of programming languages, including an object-oriented programming language, for example Python, R, Java, Smalltalk, C++, and so on, and conventional procedural programming languages such as the C programming language or similar programming languages. The program code may be executed in whole, in part on the user's computer, or as a separate software package, in part on the user's computer and in part on a remote computer, or entirely on a remote computer. In the latter case, the remote computer may be connected to the user's computer via any type of network, including a local area network (LAN), a wide area network (WAN), or a connection to an external computer (eg, via the Internet via ISPs).

[0097] Aspects of the present technical solution have been described in detail with reference to block diagrams, circuit diagrams and/or diagrams of methods, devices (systems), and computer program products in accordance with embodiments of the present technical solution. It should be appreciated that each block from the block diagram and/or diagrams, as well as combinations of blocks from the block diagram and/or diagrams, may be implemented by computer program instructions. These computer program instructions may be provided to the processor of a general purpose computer, a special purpose computer, or other data processing device to create a procedure, such that the instructions executed by the computer processor or other programmable data processing device create the means to implement the functions/actions specified in block or blocks of a flowchart and/or diagram.

[0098] These computer program instructions may also be stored on a computer-readable medium that can control a computer other than a programmable data processing device or other than devices that operate in a particular manner such that the instructions stored on the computer-readable medium create a device including instructions that perform the functions/actions indicated in the block diagram and/or diagram.

Claims

FORMULA 1. A method for collecting user device identifiers in the form of MAC addresses, performed by at least one computing device and including the following steps: • receive on the device for collecting user device identifiers from at least one user communication device a test request for searching for wireless access points containing a random MAC address of this device and a set of recent Wi-Fi networks to which the user communication device connected; • generating a Wi-Fi network by means of a device for collecting user device identifiers based on the set of Wi-Fi networks received in the test request in the previous step; • send a test response from the device for collecting user device identifiers, containing information that this device is trusted for the user and contains the ability to connect to it; • receive from the user's device an authorization request in the generated Wi-Fi network to the device for collecting user device identifiers, containing the real MAC address of this device; • cancel the authorization request received from the user's device by the device for collecting user device identifiers; • receive a trial request on the device for collecting user device identifiers to search for wireless access points, containing the real MAC address of this device. 2. The method according to claim 1, characterized in that the probe request for searching for wireless access points is a WIFI frame. 3. The method according to claim 1, characterized in that the probe request for searching for wireless access points is prepared with the ability to scan existing 802.11 networks. 4. The method of claim. 1, characterized in that the probe request includes a network identifier field, which is set to a specific network identifier or an identifier of any network. 5. The method according to claim 1, characterized in that the probe request for searching for wireless access points has a maximum allowed field length of 32 bytes. 6. The method according to claim 1, characterized in that the MAC address collection radius is determined by the physical properties of the space in which the device for collecting user device identifiers is located, as well as its firmware version. 7. The method according to claim 1, characterized in that when installing several devices for collecting user device identifiers in one zone, each of the individual devices processes probe requests independently and transfers it to the server for further processing. 8. A system for collecting user device identifiers in the form of MAC addresses, comprising: a. at least one user communication device configured to i. sending a test request to the device for collecting user device identifiers to search for wireless access points, which contains a random MAC address of this device and a set of recent Wi-Fi networks to which the user's communication device was connected; ii. sending an authorization request in the generated Wi-Fi network to a device for collecting user device identifiers containing the real MAC address of this device; iii. sending a test request to the device for collecting user device identifiers for search for wireless access points containing the real MAC address of this device. b. at least one device for collecting user device identifiers, configured to i. generating a Wi-Fi network based on the set of Wi-Fi networks received in a probe request from the user's communication device; m. sending a test response, which contains information that this device is trusted for the user and contains the ability to connect to it; sh. receiving from the user's device an authorization request in the generated Wi-Fi network, which contains the real MAC address of this device; iv. canceling the authorization request received from the user's device; V. receive a test request to search for wireless access points containing the real MAC address of this device.