Aptilo’s vendor agnostic 3GPP AAA in a Wi-Fi Calling solution goes beyond the standards with innovative features that allow you to always have the best-of-breed offering. The result is happy customers and reduced cost.
Below you will learn more about our next-generation Wi-Fi Calling solution and what makes Aptilo’s 3GPP AAA stand out from the crowd. Don’t miss our separate section what is Wi-Fi Calling if you want to better understand the concept of Wi-Fi Calling and what the benefits are for operators and their subscribers. Or to get a full perspective download our Wi-Fi Calling White Paper written by Tefficient.
What is a next-gen Wi-Fi Calling solution?
The next-generation Wi-Fi Calling solution uses devices with a native IMS stack and native VoLTE and VoWiFi applications (Voice over LTE and Voice over Wi-Fi). Connection over any Wi-Fi network is secured using the “untrusted” 3GPP Wi-Fi Access method. Don’t be fooled by the name “untrusted;” the connection is secured end-to-end through an IPSec tunnel between the device and the ePDG in the mobile core. The IPSec connection is automatically triggered anytime the device connects to a Wi-Fi network and has access to the Internet. The device is authenticated for Wi-Fi Calling through a secure SIM Authentication via the 3GPP defined SWm interface.
This brings two benefits to the operator: the connection is highly secure and the user can be reached for Wi-Fi Calling whenever he/she is connected to the Internet. Below we will discuss the Wi-Fi Calling architecture in more detail and Aptilo’s role in it.
The next-generation Wi-Fi Calling solution requires IMS support with VoLTE/VoWiFi. Operators that are using circuit-switched GSM for handling voice can still use the next-generation Wi-Fi Calling solution but there will be no seamless transfer of the calls between Wi-Fi and LTE. The IMS support is still required in this case for the VoWiFi.
Wi-Fi Calling Solution – Device support
The next-generation Wi-Fi Calling solution is supported in all newer smartphones models from leading vendors such as Apple, Samsung, HTC, Motorola and Nokia. Next-generation Wi-Fi Calling requires four things from the device:
- A native IMS stack.
- A native VoWiFi application.
- A native VoLTE application (optional for seamless call transfer).
- Support for SIM Authentication using EAP-AKA.
With this support the voice calls will continue without any interruption as the user moves between the Wi-Fi and LTE networks.
The role of the Aptilo SMP Wi-Fi Calling™ 3GPP AAA
It is not enough for the subscriber to be connected to a Wi-Fi network. They also need to be authenticated and authorized to use the Wi-Fi Calling service. Our advanced 3GPP AAA, which is the core component in the Aptilo SMP Wi-Fi Calling™ application, performs the critical functions of authenticating users through the SIM card and applying any necessary policies to the Wi-Fi Calling service.
The Aptilo SMP Wi-Fi Calling server application offers innovative features such as support for non-SIM devices, policy lookups and VoWiFi / VoLTE entitlement support. These features go beyond the 3GPP standards. As the leading vendor in carrier Wi-Fi service management, with 100+ customers in more than 75 countries, we have learned that this type of extended functionality often is required in real-world deployments.
We have built the Aptilo SMP Wi-Fi Calling product around the advanced 3GPP AAA in the Aptilo Service Management Platform™ (SMP). Real-world deployments often call for pragmatic and innovative solutions that go beyond the standards. Wi-Fi Calling is no exception. Below we will go into more detail about some of the innovative features that make Aptilo’s Wi-Fi Calling solution stand out from the crowd.
Providing innovative features for your Wi-Fi Calling solution
As described above the real beauty with Wi-Fi Calling is that it will work seamlessly over any Wi-Fi network. Wi-Fi Calling works the same way regardless of whether the users are connected over a Wi-Fi network belonging to the operator or whether they are connected to their home networks or hotspots where the operator has no control. The same IPSec tunnel is established either way.
First the user needs to be authenticated to the Wi-Fi network to get access to the Internet. Then the user needs to be authenticated to the Wi-Fi Calling service and get the IPSec tunnel established — this part will always be an automatic process for the user.
This means that the Aptilo SMP 3GPP AAA+™ application can be involved in e.g. a SIM Authentication over an 802.1x Wi-Fi network belonging to the operator giving the user automatic access to the Wi-Fi network and the Internet. In the next step the Aptilo SMP Wi-Fi Calling™ application performs another automatic SIM Authentication in order to authenticate the user for the Wi-Fi Calling service and to establish the IPSec tunnel. The two processes are independent from one another. In another situation the subscribers can be in their home networks taking care of the authentication to the Wi-Fi network themselves and then the Aptilo SMP Wi-Fi Calling™ application will kick-in to authenticate the user for the Wi-Fi Calling service.
The Aptilo SMP Wi-Fi Calling™ performs the standard 3GPP AAA server functions for seamless authentication as mentioned above, but it also offers some valuable functionalities that may be needed in a real-world implementation:
Thanks to our many carrier Wi-Fi deployments we have already proven interoperability with all leading gateway vendors. If you do not see the vendor of choice in that list, rest assured that we have the experience and flexibility in our system to quickly adapt to new gateways.
Support not only for HSS but also for HLR
According to the standard EAP-AKA authentication for Wi-Fi Calling shall be performed via the SWx interface towards the HSS. In addition to this, the Aptilo SMP Wi-Fi Calling™ supports EAP-SIM/AKA authentication towards the HLR through the D’ / Gr’ interface.
Handling of Wi-Fi Calling Policies
Some operators may allow everything for anyone everywhere when it comes to their Wi-Fi Calling solution. Others may want to apply some restrictions and the best place to do this is where the user is authenticated for the Wi-Fi Calling service. The Aptilo SMP Wi-Fi Calling™ features an integrated policy engine to handle these types of Wi-Fi Calling policies. A more granular control over who is admitted to the service can be achieved with our integration with VoWiFi / VoLTE entitlement servers.
Need to control the user experience in your own or partner’s Wi-Fi network? The Aptilo SMP 3GPP AAA+™ application, which can be implemented in the same Aptilo SMP platform as the Aptilo SMP Wi-Fi Calling™, provides the operator with a tool to control the user experience in their own Wi-Fi footprint. The built-in Wi-Fi Policy engine has support for many vendor-specific attributes (e.g. for QoS control) that are unique to some gateway and Wi-Fi vendors. It can also handle Wi-Fi roaming and authentication with third-party Wi-Fi networks.
Policy lookups from multiple sources for your Wi-Fi Calling solution
The assumption that all policies reside in the PCRF is a theoretical one. For most operators, policies are distributed over several nodes and systems such as PCRF, CRM systems and other databases. Aptilo SMP Wi-Fi Calling™ can lookup policies from CRM and other databases. It can receive policies via the Gx Diameter interface from the PCRF and then combine all of these policies from multiple sources to figure out what to do with the user.
What about non-SIM devices and Wi-Fi Calling?
Due to the strict requirements on the device the next-generation Wi-Fi Calling solution will only work with the latest devices and definitively not with Wi-Fi-only tablets lacking native support for Wi-Fi Calling. Operators can choose to expand support for Wi-Fi Calling by installing a third-party app in the device and, in the case of Android, this app can be seamlessly integrated with the dialer.
However, Wi-Fi-only devices and a significant portion of the installed base of smartphones do not support SIM Authentication. This will be a major obstacle for Wi-Fi Calling for these types of devices. Without SIM Authentication (EAP-SIM/AKA) there will be no GTP tunnel between the ePDG and the P-GW. Here the Aptilo Wi-Fi Calling solution comes to the rescue. The third-party app can use EAP-TTLS instead of EAP-SIM/AKA for authentication and Aptilo SMP Wi-Fi Calling™ will then perform a EAP-TTLS authentication but receive GTP parameters from the HLR/HSS as if it were a SIM Authentication. Learn more about this award-winning feature which we call Aptilo 3GPP Wi-Fi Access Unified Solution.