Imagine if Wi-Fi was just as easy as cellular roaming. Hotspot 2.0 with Passpoint certified devices is all about a seamless and secure user experience.
What is Hotspot 2.0?
Imagine if Wi-Fi was as secure, simple and seamless as cellular roaming. Just switch on your device and you are connected. This is the vision behind Hotspot 2.0 (HS 2.0).
It enables compatible devices to automatically and silently discover Wi-Fi access points that have roaming agreements with the user’s home network. The device will then automatically and securely connect. This will open up new business opportunities for carrier Wi-Fi when a critical mass of HS 2.0-enabled Wi-Fi access points, roaming agreements and devices have been rolled out.
The Wi-Fi CERTIFIED Passpoint™ program was launched by Wi-Fi Alliance through partnerships between mobile device manufacturers and network equipment vendors. The purpose was to certify devices based on the HS 2.0 specification.
At the same time the Wireless Broadband Alliance (WBA), of which Aptilo is a member, launched their Next Generation Hotspot (NGH) program. It primarily focuses on interoperability between service provider Wi-Fi networks for roaming.
The ingredients of a Hotspot 2.0 Wi-Fi network
The ingredients of a HS 2.0 Wi-Fi network include:
- An IEEE 802.11u-enabled Wi-Fi network that broadcasts capabilities of the network (ANQP)
- An IEEE 802.1x-enabled Wi-Fi network with WPA2-Enterprise air interface encryption
- Support for EAP-SIM/AKA or EAP-TLS/TTLS authentication
- Wi-Fi roaming with home operator billing
The encrypted radio transmission (WPA2-enterprise) and EAP-based authentication makes Wi-Fi as secure and seamless as any cellular network.
Wi-Fi Alliance Hotspot 2.0 specifications, the WBA’s work with Next Generation Hotspot (NGH), the latest 3GPP standards for Wi-Fi integration to the mobile core and CableLabs’ Wi-Fi roaming specifications. These initiatives all serve different industry needs and are complementary to one another. Hotspot 2.0 primarily focuses on a seamless network selection over a secure Wi-Fi connection. The 3GPP efforts concentrate on a seamless integration of Wi-Fi access into the mobile core. This enables the mobile network operator (MNO) the possibility to offer their subscriber base a more streamlined mobile data service.
For Mobile Network Operators (MNO) and Multi System Operators (MSO), the seamless user experience and the additional security that EAP-based authentication methods and 802.1x support provide has become a must. Neither of these features are mutually exclusive to Hotspot 2.0 or Passpoint. In fact, EAP-SIM/AKA, EAP-TTLS and 802.1x are in operation by a number of operators globally including many of Aptilo’s customers. Some industry players would have called these installations Hotspot 2.0 for marketing purposes. We do not, unless they utilise the full feature-sets of Passpoint and HS 2.0.
Aptilo SMP’s role in a HS 2.0 Wi-Fi service
The Aptilo Service Management Platform™ , which include EAP authentication support, provides all the necessary back-end service management functions for a Hotspot 2.0 Wi-Fi network. SIM-based devices are using SIM authentication (EAP-SIM/AKA) as the preferred EAP method.
Hotspot 2.0 release 2 (R2) focuses on provisioning of EAP-TLS/TTLS certificates in non-SIM devices and to support online sign-up for services.
Aptilo’s captive portal solution supports online sign-up for Hotspot 2.0. The certificates will automatically install when the user click on a link at the portal. This is a one-time process. From now and on, the user will be automatically and securely connected to the 802.1x SSID via EAP-TTLS. Furthermore, we also have customers that have developed a simple tablet/smartphone app that automatically provisions EAP-TTLS certificates in non-SIM devices.