The two specifications define the technical and policy requirements for devices that want to operate over Bluetooth connections. The Bluetooth Impersonation Attacks, or BIAS, allow attackers to impersonate a device and to establish a secure connection with a victim without possessing the long-term key shared by the impersonated device and the victim. This bypasses Bluetooth's authentication mechanism. "The BIAS attacks are the first uncovering issues related to Bluetooth's secure connection establishment authentication procedures, adversarial role switches, and Secure Connections downgrades," the researchers said. "Our attacks are stealthy because the Bluetooth standard does not require to notify end users about the outcome of an authentication procedure, or the lack of mutual authentication."