Telstra could usher in Australia’s first major deployment of next-generation hotspots as part of its plan to blanket the country with a public Wi-Fi network.
“We are actively looking at Hotspot 2.0 technology for our portfolio of Wi-Fi services,” a Telstra spokesman told Computerworld Australia. “We’ll share more detail on how Telstra Wi-Fi will operate closer to launch next year.”
Hotspot 2.0 is a new protocol for public Wi-Fi networks and devices that promises faster authentication and better security.
While there have not yet been significant deployments in Australia, various telcos and municipalities are driving the spread of the technology in the US, Europe and Asia.
Hotspot 2.0 has been developed by the Wi-Fi Alliance and is based on the IEEE 802.11u standard. There are three planned releases of Hotspot 2.0 – the first release is available now and the second is coming later this year.
Dave Wright, technical engineer at Ruckus Wireless, predicted that even small retail businesses will eventually turn on Hotspot 2.0 because it is more convenient and secure for users. He compares the growth rate of the technology to that of the first Wi-Fi hotspots.
“I firmly believe that the mom-and-pop coffee shop will want to deliver Hotspot 2.0 because at some point the customers are going to start expecting it.”
Hotspot 2.0 could reduce the security risks of connecting to public Wi-Fi networks, according to Gartner analyst Dionisio Zumerle.
“First, authentication will be the same over any next-generation hot spot, [so] it won't need additional provisioning and it will be transparent to the user,” Zumerle wrote in a Gartner report published in February 2013.
“Second, the level of security protocols used will be superior to the solutions available for public Wi-Fi networks today.”
When Telstra CEO David Thodey announced his company’s planned Wi-Fi network in May, he stressed it would be safe.
“Security is a really important aspect,” he said.
What is Hotspot 2.0?
The 802.11u standard that powers Hotspot 2.0 allows the exchange of significantly more information between the Wi-Fi client and the network before they connect. Before, a user could only see the SSID and whether the network was secured.
Because it can exchange more information, the standard allows faster, automatic connections to Wi-Fi – similar to how mobile devices can quickly connect to 3G or 4G networks with a SIM card.
“The client now receives a credential, and whenever that client is in range of a hotspot which can authenticate that client, it will just automatically connect – and the user really doesn’t have to be involved in that process,” according to Wright.
There are different types of credentials available. A SIM card can be used as the credential for devices that support mobile broadband. A TTLS username-and-password approach or security certificates provisioned can also be used.
Hotspot 2.0 requires an encryption level similar to that of corporate networks, said Wright. The security enhancements close vulnerabilities present in previous Wi-Fi systems that potentially allowed attacks and network highjacking, he said.
The next release of Hotspot 2.0 will add a public key infrastructure that will add additional security that will preclude rogue access points from being set up, he said.
The Wi-Fi Alliance has certified about 350 smartphones and tablets that work with Hotspot 2.0, said Wright. The certification is called Passpoint.
The figure does not include Apple devices that support Hotspot 2.0 because Apple has not gone through the process of obtaining certification, Wright said. Newer Apple devices running iOS 7, as well as MacBook Air and MacBook Pro laptops running OS X Mavericks support Hotspot 2.0, he said.
Support for Hotspot 2.0 is not provided directly in the Android OS yet, but the device manufacturer can choose to include it in Android devices. Samsung, LG, HTC and Sony are some of the device makers that support the technology.
Wi-Fi Sense, a feature of Windows Phone, is not based on Hotspot 2.0 technology. While it allows automatic connections to Wi-Fi through a form of password crowdsourcing, it does not address security concerns that have been raised with public Wi-Fi hotspots, said Wright.
“In most cases these will be open networks (no encryption), so while this can automate the connection experience it does not address the security concerns,” he said.
“And due to the fact that it relies on the crowdsourced information from other Windows Phone users – which is likely a very small percentage of the smartphone users in a geographic area – I’d be curious to see how effective it proves in actual use.”
“One of the many advantages of Hotspot 2.0 is that it is industry-standard and cross platform.”