Versions Compared

Old Version 40

changes.mady.by.user Chandrakanth Pokuru

Saved on

compared with

New Version 41

changes.mady.by.user Chandrakanth Pokuru

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Automatic Network Selection

    • Devices equipped with Passpoint can automatically discover and connect to available Wi-Fi networks that meet specific security and performance criteria. This eliminates the need for users to manually search for and join a network.

  • Seamless Roaming

    •  Passpoint supports seamless roaming between networks, allowing users to move from one hotspot to another (e.g., from a coffee shop to an airport) without having to log in again.

  • Enhanced Security

    • Passpoint requires the use of WPA2-Enterprise (and more recently WPA3) security, which provides better encryption and authentication compared to open networks. It uses Extensible Authentication Protocol (EAP) for authentication, enhancing security for users.

  • Authentication via SIM, Certificates, or Username/Password (support all)

    • Passpoint supports multiple methods of authentication, including:
      • SIM-based authentication(for cellular subscribers), - Not in scope
      • Certificate-based authentication - Yes
      • Username and password authentication (e.g., credentials provided by an internet service provider). - Yes 
      • EAP-AKA - Not in scope

  • Efficient Data Management

    •  By prioritizing Wi-Fi over cellular networks for data traffic, Passpoint can reduce mobile data usage, particularly in areas with strong Wi-Fi coverage.

...

Hotspot vs wifi passpoint(Hotspot 2.0)

  • HotspotWifi passpoint(hotspot 2.0)
    • Definition: A Wi-Fi hotspot is a physical location or device that provides wireless internet access to users, typically through a local area network (LAN) connected to a router. It can be created using a mobile device (mobile hotspot) or a dedicated router.
    • Authentication: Users typically need to manually connect to a hotspot by selecting the network (SSID) and entering a password.
    • User Experience: The connection is often temporary. Users must re-authenticate every time they connect to the hotspot.
    • Security: Hotspots generally offer open or password-protected networks. Open networks (like those in public places) can be less secure, exposing users to potential threats unless extra protection (like a VPN) is used.
    • Use Cases: Public places like airports, cafes, or personal hotspots created using a smartphone.
    • Definition: Wi-Fi Passpoint is a technology that automates the process of connecting to secure Wi-Fi networks. It was developed by the Wi-Fi Alliance under the Hotspot 2.0 standard, making the connection process more seamless, secure, and automated.
    • Authentication: Passpoint networks use automatic authentication, often linked to a user’s cellular carrier, credentials stored on a device, or SIM card. Users don’t need to manually select the network or enter credentials each time.
    • User Experience: Once a device is configured to use Passpoint, it can automatically connect to available Passpoint-enabled Wi-Fi networks, providing a seamless and roaming-friendly experience similar to how mobile networks operate.
    • Security: Passpoint uses advanced encryption standards (WPA3 or WPA2-Enterprise), ensuring a higher level of security than typical public hotspots. It also supports seamless authentication via EAP (Extensible Authentication Protocol).
    • Use Cases: Common in places like airports, hotels, or city-wide networks where secure, automatic roaming is desired. Cellular carriers and ISPs also use Passpoint to offload traffic from mobile networks to Wi-Fi.

Appendix

  • SIM Based Auth(users moving between cellular and Wi-Fi networks)

...

        1. User Device with SIM detects a Passpoint-enabled Wi-Fi network.
        2. The device checks its Passpoint profile and determines that EAP-SIM is supported by the network.
        3. The device sends an authentication request using EAP-SIM, including the IMSI (International Mobile Subscriber Identity) from the SIM card.
        4. The Wi-Fi network’s AP forwards the request to the RADIUS server, which queries the user’s mobile network for authentication.
        5. The mobile network verifies the SIM credentials using the HLR/HSS and sends back an authentication challenge.
        6. The device responds to the challenge using the SIM card.
        7. Upon successful verification, the RADIUS server grants access to the Wi-Fi network, and the user is automatically connected.

  • Certificate-based authentication

This method allows with Wi-Fi Passpoint involves using EAP-TLS (Extensible Authentication Protocol - Transport Layer Security), where client devices authenticate to the Wi-Fi network using digital certificates rather than usernames, passwords, or SIM credentials. This ensures a high level of security, especially in environments such as enterprises, or public Wi-Fi hotspots

...