Reading through the yearly round-up and tech predictions articles before the holiday break, it was apparent (and very pleasing) that the popularity of Wi-Fi, specifically Wi-Fi for offload, in 2011 would snowball into 2012.

I’ve made the case in this blog before about both indoor and outdoor Wi-Fi coverage, usage and offload growing substantially. But there remain some barriers to uptake, not the least of which is ease of use.

In the home and office environment, ease of use is not an issue for anyone willing to spend a minute to log onto their router once, since devices remember passwords making connectivity seamless. But out in the wild, it is a different story.

Most free-to-access public Wi-Fi hotspots require some form of registration or log-on before granting access. While people are willing to spend a few moments entering details when they know they will spend most of their time at a location (like home), they tend not to bother when the location is more temporary, such as at a coffee shop.

In addition to the inertia caused by this fiddle-factor, mobile users and providers of free public Wi-Fi are also concerned with security. Unfortunately, the open access that enables a person to find a hotspot quickly becomes the security hole through which hackers capture data as it flies through the air. 

It seems obvious, but if carriers can find a way to simplify and quicken the process of secure log in to public Wi-Fi hotspots, then it is likely more people will offload onto Wi-Fi. Carriers can enable end users to choose and prioritize traffic to be offloaded to Wi-Fi, according to whether they are offloading to a public or private hotspot. Then, carriers and users can avoid the offload of particularly sensitive traffic to public hotspots. This will eliminate inconsistent performance, while enabling automatic offload of all traffic when users are logged on to a reliable private hotspot.

Sounds easy in principle, but how can his work in practice?

There’s been a lot of work behind the scenes by industry standards bodies to address these deficiencies in the public Wi-Fi market. Rather than viewing the Wi-Fi access point as an end-point, it needs to be viewed as a proxy, a gateway for devices to access services from a variety of providers. 

Step one is to help devices know what they are getting. An SSID of “coffee_shop” is quaint for local access, but in reality this coffee shop access point (AP) could become a proxy for service providers like iPass, Boingo, the Cloud or even AT&T.  Rather than broadcasting an open AP name, the device would query the AP to determine a whole range of information, including authentication and security mechanisms.

Second step is authentication.  Perhaps the coffee shop has agreed to proxy service for a range of providers. A device may have the username and password credentials pre-loaded to use Boingo’s service. Rather than being the endpoint, the AP takes the Boingo credentials from the device and then queries Boingo’s servers directly to enable (or reject) connectivity. For smartphones or other SIM-based devices, the process may rely on the SIM credentials, thus moving to a completely automated authentication process. 

The last step is security.  A key security hole in today’s networks is that APs need to be open (unencrypted) for a device to begin to attach. It’s this ‘over the air’ interface which is most vulnerable. Next-generation APs will appear locked, but will have the ability for the device to query for specific information about the AP and begin the authentication process securely.

These capabilities are all inherent in the cellular network today. Applying the same principles to the world of public Wi-Fi will only serve to ease connectivity, increase security and begin transforming Wi-Fi into a credible sidekick to the outdoor macro network.