Lately, two huge announcements were made by Apple and Android that in my opinion, will completely reshape the future of Guest Wi-Fi Networks and might impose key challenges on us as network engineers, Wi-Fi analytics or captive portal providers. The first announcement is great and it will actually help provide a better end user experience while the second will most likely result in issues for the seamless end users journeys that rely on mac-addresses! Keep reading if you are interested to learn more about these announcements.
SUPPORT FOR CAPTIVE PORTAL API
Apple announced its support for new Captive Portal API capabilities on iOS 14 and macOS Big Sur. Similarly, Android 11 announced its support for the Captive Portal API too. These new capabilities will definitely help provide a better experience for guest users since the user will no longer rely on the device to guess if a captive portal exists or not. The network will inform the device via a DHCP / RA option and provide the URL of the captive portal. As such, there will be no need for http/https MITM interception for captive portal to work. This will solve many of the issues that currently exist in Captive Portal setups and will provide a better experience for the end user. This is the good news and it is well explained in the below links.
- Apple Support for Captive Portal API
- Android Support for Captive Portal API
- Captive Portal API draft-ietf-capport-api-08
- Captive-Portal Identification in DHCP / RA draft-ietf-capport-rfc7710bis-07
BETTER PRIVACY WITH RANDOMIZED MAC-ADDRESS
On the other hand, Apple also announced new capabilities that will provide better privacy for the end users similar to the capabilities previously announced in Android 10. In particular, devices will not only support sending random mac addresses while scanning for wireless network, but also they will use random mac-addresses while joining the network. Yes, devices will use random mac-addresses while joining the network. This will cause many challenges for any guest journey that relies on mac-address and this will be very serious now since both Android and Apple devices will support it. For example, what will happen to the mac-caching options that we currently use? What will happen to our DHCP pools? The same device today will appear as a different device tomorrow! What will happen to the Wi-Fi analytics accuracy? Will we be confused from the network side and consider the same device as a different device? Yes, this feature is great from a privacy point of view but it is very bad for us as network admins or Wi-Fi analytics or captive portal providers.
If you are interested to learn more about this feature, check these specific announcements.
Do you have similar concerns? Feel free to share you thoughts on the above.
Why-Fi++ 
There was an update from Apple and they decided to change their intended privacy! At the end, it seems the market is not yet ready for this.
Apple’s latest iOS14 beta 4 now removed the 24-hour randomization, the operating system still creates a randomized, but unique per SSID MAC address just like Android’s operating system does today.
LikeLike