By NHI Mgmt Group Editorial TeamPublished 2025-08-05Domain: Best PracticesSource: Comarch

TL;DR: UWB delivered better stability and average accuracy than Bluetooth Channel Sounding in noisy real-world conditions, according to Comarch’s office tests, while Bluetooth could improve but often at higher power cost. The practical takeaway is that ranging quality is now a trade-off between accuracy, stability, and energy budget, not a simple protocol choice.


At a glance

What this is: This is a real-world comparison of UWB and Bluetooth Channel Sounding for distance measurement, showing UWB as more stable and accurate in a noisy office environment.

Why it matters: It matters to identity and security practitioners because wireless ranging is increasingly used in proximity-based access, device trust, and physical security workflows where measurement error becomes a governance and assurance problem.

By the numbers:

👉 Read Comarch's comparison of Bluetooth Channel Sounding and UWB distance measurement


Context

Bluetooth Channel Sounding and UWB both aim to estimate distance between devices, but the measurement problem is not just protocol capability. In practice, the quality of ranging depends on environment, interference, tuning, and the trade-off between accuracy and power use.

That matters wherever wireless distance becomes an access or trust signal, including proximity-aware IoT, device authentication, and physical security workflows. The article is a hands-on comparison of how the two technologies behave in a normal office, not a lab-perfect setup, which is closer to how many real deployments actually operate.


Key questions

Q: How should teams use wireless ranging in access decisions?

A: Use wireless ranging as a signal, not proof. Distance estimates can support proximity checks, device trust, or indoor workflows, but they should never act alone. Teams need a policy layer that combines the ranging result with device identity, state, and context before allowing access. That keeps noisy radio measurements from becoming a direct security control.

Q: Why do UWB and Bluetooth Channel Sounding produce different results in offices?

A: Offices create reflections, interference, and signal variation that affect ranging accuracy. UWB usually handles those conditions better because of its bandwidth and time resolution, while Bluetooth Channel Sounding depends more on tuning and implementation details. The result is that environment matters as much as protocol choice when the measurement is used operationally.

Q: What do security teams get wrong about proximity-based trust?

A: The common mistake is assuming a distance measurement is objective enough to justify access on its own. In reality, ranging output is an estimate with error bounds that vary by environment and configuration. Security teams should decide what level of error is acceptable, then limit how much trust the system can derive from that signal alone.

Q: How do teams choose between UWB and Bluetooth for ranging?

A: Choose based on the business requirement, not protocol reputation. If you need stronger stability and tighter distance accuracy, UWB is the safer fit. If you need a flexible Bluetooth ecosystem and can tolerate more tuning and variance, Channel Sounding may be enough. The key is to match the protocol to the control objective.


Technical breakdown

Why office interference changes ranging quality

Wireless ranging depends on the stability of the radio path, not just the protocol specification. Reflections from glass, metal, furniture, and adjacent wireless traffic can distort the signal and make short-distance readings jumpy. UWB generally tolerates multipath better because it uses wide bandwidth and fine time resolution, while Bluetooth Channel Sounding depends more heavily on configuration choices such as connection interval, antenna paths, and the ranging algorithm. In a crowded office, those variables become visible in the output, which is why real-world validation matters more than idealised claims.

Practical implication: test ranging in the actual deployment environment before using it for access, proximity, or trust decisions.

Bluetooth Channel Sounding configuration is the performance lever

The article shows that Bluetooth Channel Sounding is highly tunable. Parameters such as connection events, subevent duration, antenna paths, and whether the module uses phase-based ranging or round-trip time all change both accuracy and current draw. That flexibility is useful, but it also means the result is not a fixed property of Bluetooth itself. Two modules with the same underlying protocol can behave very differently depending on the vendor implementation and tuning choices. For teams, the real question is not whether Bluetooth can range, but whether it can range consistently enough for the intended use case.

Practical implication: treat Bluetooth ranging as a tuned system, not a default trust signal.

Accuracy, stability, and power form the real design triangle

The experiment makes clear that distance measurement is a three-way trade-off. UWB delivered better stability and average accuracy, but Bluetooth could approach strong results when configured aggressively, often with higher current consumption. That means the right choice depends on whether the use case values battery life, measurement precision, or repeatability more. For product teams, this is a system-design decision, not a marketing comparison. For security and identity teams, it matters because access decisions made on weak or noisy ranging data can create false confidence.

Practical implication: define the acceptable error band and power budget before selecting the protocol.


NHI Mgmt Group analysis

Proximity-based trust is only as strong as the measurement model behind it. Wireless distance is often treated as a near-physical fact, but the article shows that the reading is a negotiated output of environment, tuning, and device implementation. That means proximity-based access should be treated as probabilistic assurance, not a binary proof of presence. For security and identity programmes, the practitioner conclusion is simple: never let a distance estimate carry more trust than the measurement system deserves.

Bluetooth Channel Sounding is not a drop-in substitute for UWB. The article makes clear that the protocol can improve substantially, but only with careful configuration and still with more variation in edge cases. That places it in a different governance category from a mature, purpose-built ranging technology. Teams evaluating access, device attestation, or indoor location workflows should judge the control by its error profile under interference, not by feature parity on paper.

UWB remains the stronger fit when stable ranging is the control objective. The office tests show that UWB produced better average accuracy and fewer extreme outliers, which is what matters when measurement output is used as an access input or security signal. The broader implication is that implementation guidance should prioritise stability under real conditions, not just theoretical precision. Practitioners should align the sensing method to the risk decision it is expected to support.

Distance measurement for identity use cases needs a control boundary, not just a protocol choice. The article highlights a named concept worth carrying into design reviews: ranging confidence gap: the difference between a protocol’s advertised capability and the level of assurance it can sustain in a real environment. That gap widens when wireless trust signals are used for more than convenience. The practitioner implication is to separate measurement from authorisation and avoid treating proximity as a standalone trust decision.

The market is moving from wireless capability to operational assurance. As Bluetooth gains Channel Sounding and UWB broadens beyond distance measurement, the differentiator is no longer who can range at all, but who can sustain reliable output under messy conditions. That pushes engineering and security teams toward evidence-based selection, not feature-led selection. The practitioner conclusion is to demand field validation, not brochure claims, before using either protocol in a governed workflow.

From our research:

  • The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to The State of Secrets in AppSec.
  • Only 44% of developers are reported to follow security best practices for secrets management, exposing a significant developer behaviour gap.
  • The broader signal is that identity and trust controls fail when operational reality diverges from policy, a pattern explored in Ultimate Guide to NHIs , The NHI Market.

What this signals

Ranging confidence gap: teams that use wireless proximity as an access or assurance input need to separate measurement quality from control authority. When a signal is noisy in the field, governance should treat it as one factor in a decision chain rather than a trust verdict, especially where indoor location or device proximity influences permissions.

The operational lesson is that protocol selection is now a control-design exercise, not a radio-standards debate. Teams should validate interference tolerance, repeatability, and battery cost together, then document the acceptable error band before wiring the signal into any policy path.

For programmes that already rely on device presence or nearby-device checks, field validation should become part of change control. That is the point at which security assurance, engineering realism, and user experience align instead of competing.


For practitioners

  • Define an acceptable ranging error band Set a maximum tolerated distance error before the signal can be used in access, device trust, or location logic. Validate that threshold in the real environment, not only in controlled bench tests.
  • Test in the noisiest deployment environment Measure performance where interference, reflections, and adjacent wireless systems are present. Use office, retail, factory, or campus conditions that match production instead of ideal lab conditions.
  • Separate sensing from authorisation Use ranging as one input to a broader decision model rather than a direct access grant. Combine it with device identity, policy state, and contextual checks before making a trust decision.
  • Tune Bluetooth before treating it as comparable If Bluetooth Channel Sounding is under evaluation, vary connection interval, antenna paths, and ranging mode to understand the accuracy and battery impact envelope. Record the configuration that produced each result so teams can reproduce it later.

Key takeaways

  • Wireless ranging is an assurance signal, not a standalone proof of trust, because the environment can distort distance readings in ways that matter operationally.
  • The experiment shows a clear stability and accuracy advantage for UWB, while Bluetooth Channel Sounding trades precision for configurability and, often, more power draw.
  • Teams should set an error budget, test in real conditions, and separate sensing output from access decisions before deploying proximity-based controls.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

NIST CSF 2.0, NIST Zero Trust (SP 800-207) and NHI set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
NIST CSF 2.0PR.AC-4Wireless proximity is being used as an access input in the article.
NIST Zero Trust (SP 800-207)Zero trust requires continuous verification, not blind trust in proximity.
NHINHI-03Identity-linked device signals can fail when operational conditions distort measurement.

Treat ranging as one access signal and combine it with policy, identity, and context before granting access.


Key terms

  • Bluetooth Channel Sounding: Bluetooth Channel Sounding is a distance measurement capability that estimates how far apart two devices are. It uses radio characteristics and configurable ranging methods, which means its accuracy depends heavily on implementation choices, antenna setup, and the radio environment around the devices.
  • Ultra WideBand: Ultra WideBand is a short-range wireless technology designed to measure distance with high precision. Its wide bandwidth and fine timing resolution make it well suited to ranging, especially where stability matters more than broad ecosystem flexibility.
  • Ranging Confidence Gap: Ranging confidence gap is the difference between a wireless protocol's advertised capability and the level of assurance it can reliably provide in real conditions. The gap widens when interference, reflections, or tuning choices change the measured output enough to affect security decisions.
  • Proximity-Based Trust: Proximity-based trust is a control pattern that uses nearby-device or distance information as part of an access or assurance decision. It can be useful, but only if the measurement is validated and limited by policy so that noisy readings do not become a false proof of presence.

What's in the full article

Comarch's full analysis covers the operational test details this post intentionally leaves for the source:

  • The exact module settings used for UWB and Bluetooth Channel Sounding during the experiments.
  • The full measurement table showing distance readings, error spread, and stability patterns across test runs.
  • The current consumption figures for each configuration, useful if you are balancing ranging quality against battery life.
  • The practical commentary on how SDK maturity and configuration choices influenced Bluetooth performance.

👉 Comarch's full article includes the test setup, configuration choices, and measurement table.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
NHIMG Editorial Note
Published by the NHIMG editorial team on 2025-08-05.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org