Tag: Passpoint hotspot authentication

Article

Free Wi-Fi networks in SF, San Jose join hands through Hotspot 2.0 | PC World

My Comments

The Wi-Fi Passpoint or Hotspot 2.0 technologies have been made available to allow those of us with mobile devices to benefit from public-access Wi-Fi without having to deal with Web-based sign-in routines every time we want to use these facilities. But they have been pitched primarily at mobile phone operators and ISPs who want to offer Wi-Fi service for their subscribers.

But San Francisco and San Diego have implemented this technology as part of their free public-access Wi-Fi setup, which I see as being a first for this class of public-access Wi-Fi. Typically these services implement a Web-based login routine which occurs at the start of each session and this may be provided in order to assent to the service’s terms and conditions. With these setups, it becomes impossible to continue a usage session even if you move out of the network’s scope temporarily and it also becomes impossible to roam between the different locations ran by the service without having to log in again.

What they have done is to prove that the Wi-Fi Passpoint or Hotspot 2.0 technology can work well with single-location or multi-location public-access Wi-Fi setups whether free-to-access or pay-to-access. For example, a chain of restaurants, a public-transit system or a community Wi-Fi setup can benefit from this by allowing the users to move between locations without a need to log in again.

The next question that may be raised is to simplify the provisioning experience, especially when it comes to provisioning the same service across multiple devices owned by the same user. This may range from setups where you simply assent to terms and conditions through services where you establish a session-based account like most docket-based hotspot setups to the services offered by WISPs and telcos which are based on an existing customer account.

Who knows, this could be the trend for easy-to-use secure public-access Wi-Fi as different scenarios are being tested.

Article

Wi-Fi Alliance Begins Certification For Automatic Hotspot Connection – SmallNetBuilder

My Comments

The Wi-Fi Alliance are taking proper steps to make the user experience for wireless-hotspot services more user friendly and secure. This is based on the “Passpoint” standard which covers logging in and a secure usage session.

It has been driven by wireless-broadband providers who want to use these hotspots and their wired-broadband backhauls as a data offload in busy areas. One key improvement is to implement WPA-Enterprise security with session-unique security parameters rather than the common WPA-PSK security which uses a common password.

The login experience has also been tackled through the provision of a consistent experience that isn’t depending on a Web-based form. Here, the credentials could be a username/password combination that is presented by the device’s native user interface, or credentials held on the device or in a SIM card.

This may open up hotspot access to headless or limited-display devices like digital cameras, car infotainment systems or handheld games consoles. But a question that could be raised is whether it could be feasible to have a group of devices seen as a logical network that can exist through the hotspot’s space. This issue may play in to setups like multiplayer multi-machine gaming amongst a group of teenagers or young adults in the same cafe or bar.

Another question worth raising about Passpoint is whether a venue is able to have control over its Wi-Fi access? This would be of concern with anyone in the food-beverage-hospitality industry who would rather that patrons who use the venue’s Wi-Fi are the ones who are buying food and drink or renting a room.

This function has also been extended beyond just logging in to the network and Internet service. A Passpoint setup has also had the ability to factor in application-level authentication needs like content access. An example of this application is the in-room movies service offered by nearly every hotel. Here they could allow a person to stream a movie to a tablet or laptop and view this anywhere around the premises such as the lobby lounge.

One risk that I see for Passpoint or any other “easy-setup” standard promoted by the Wi-Fi Alliance is that the same old situation will repeat itself. This is where Apple won’t implement the standard in their products or platforms even though they consider themselves the “super-cool” IT brand. I have seen this for myself with WPS where just about everything except a MacBook Pro or an iPhone will enroll with a Wi-Fi segment using this “push-button” setup routine.

These standards could be implemented not just with an operating system but also in a software form which is based around a program that can be loaded on to a device by its user and that such software is available through device platform’s app store without any need for the device to be jailbroken.