Sign up to our newsletter
The latest security news direct to your inbox
Logging into public Wi-Fi hotspots can be risky, particularly for business users with sensitive data on their devices – but a new breed of hi-tech hotspots may make things safer, the Wi-Fi Alliance claims.
Public appetite for the upcoming service – Passpoint – is high, according to a survey conducted by the Wi-Fi alliance. Thus far, it is unclear how many device manufacturers and networks will adopt it.
The service, also known as Hotspot 2.0, and based on the 802.11u specification, offers seamless authentication, WPA2 encryption, and allows users to sign into hotspots offered by their network, without using a password. It is currently under test by various cellphone companies and service providers, according to the Wi-Fi alliance.
A survey of 2,000 consumers in Europe found that 84% were interested in a new “version” of Wi-Fi which would offer seamless and secure authentication in hotspots. Eighty per cent agreed with the statement, ““I wish my service provider could be with me when I travel.” The first hotspot using the new specification launched at Chicago O’Hare airport this month.
“Today, for the most part, when we go on a public hotspot we are sending data without protection. With Passpoint the connections are secure and the communication is encrypted,” Figueroa said in an interview with ComputerWorld.
“The beauty of Passpoint is that the whole industry has agreed to do it this way. More than 70 devices have been certified.”
Currently, public Wi-Fi networks pose a serious security risk, especially to business users who may be carrying sensitive data on their laptops or mobile devices. Up to 10% of workers admit to using public hotspots with work machines, according to a recent survey by phone insurer ProtectYourBubble.
ESET Distinguished Researcher Aryeh Goretsky says, “Many coffee shops, bookstores, libraries and restaurants offer free Wi-Fi for visitors. But just because it is free does not necessarily mean you should take advantage of it. It is possible that someone might be monitoring and capturing network traffic going through the “free” Wi-Fi connection, for reasons ranging from questionable to illegal, (depending upon your jurisdiction, such as (injecting targeted advertising into web pages to the outright malevolent, such as stealing credentials for email, financial institutions and so forth.”
“If you must use the free Wi-Fi service, do not access log in to any sites for which you need a password, such as your email, bank or online shops. It is more secure to tether your tablet or laptop to your smartphone and make use of its data connection, or use a portable hotspot. While such connections may not be free, they do have the advantage of being far less likely to be intercepted.”
Thus far, only one location on Earth is offering the new Passpoint service, Chicago’s O’Hare airport – and it’s unclear how many other operators will sign up to the new service, according to Computer World. The new specification is due to launch fully next year.
“Wi-Fi Alliance has certified an extensive array of Passpoint network equipment and about 75 Passpoint client devices, including a diverse range of smartphones and tablets from a variety of vendors,” the organization says.
Author Rob Waugh, We Live Security