The Wi-Fi Alliance, mobile operators, and hardware makers have agreed on a standard for secure and greatly simplified cell-to-Wi-Fi handoffs and cross-networking roaming: The various parties have worked together to create a certifiable method of allowing handsets to access carrier Wi-Fi networks with much less fuss. The standard will also allow simple roaming across carrier networks without the current necessity of creating an account or entering account details. The whole thing is backed by WPA2 security for the Wi-Fi connection, obviating Firesheep, sidejacking, and other compromises on the wireless connection.
For carriers, this means avoiding re-inventing the wheel for every handset or platform. Carriers can buy and integrate gear from companies that have achieved this certification, and that should take them a long way towards allowing every device a carrier offers with Wi-Fi to be able to offload traffic from mobile broadband to Wi-Fi as efficiently as possible.
The Wi-Fi Alliance cites research group Informa as predicting 4.6 yottabytes (4.6 million terabytes) of data will be consumed on cellular networks in 2012 worldwide. The Wi-Fi Alliance predicts its current count of 750,000 hotspots worldwide (which must be measuring only paid and managed locations) will double by 2014. There are millions of less formal hotspots available which won't be affected by today's announcement.
One of the tidbits in the announcement, not particularly emphasized as a pair, is that certified devices will connect to appropriate networks "in many cases" using cellular credentials like SIM cards, and using WPA2 security. What that says to me in big flashing letters is WPA2 Enterprise with EAP-SIM. That's just how geeky I am about Wi-Fi.
WPA2 Enterprise is a Wi-Fi version of the 802.1X port-based access control that limits access to a network quite effectively until proper credentials are presented. In WPA2 Enterprise, only WPA2 (AES-CCMP) encryption is allowed. EAP is a simple communications language that's used by 802.1X to send messages back and forth. It's not secured by default, and must be, because the messages contain credentials. PEAP, EAP-FAST, and EAP-TLS are all popular corporate methods of securing the handshake for logging in.
EAP-SIM is one of the required methods for any approved Wi-Fi device for several years, and uses the SIM (or, I believe, similar modules on other networks) to provide the identity wrapped in a secure method.
Using EAP-SIM with WPA2 Enterprise would allow a feature phone, smartphone, or other cell-embedded device or modem to create a secure connection across the local Wi-Fi connection without a user being involved in any part of the login procedure.
The financial side of roaming across carrier networks wasn't discussed today. I confirmed with the Wi-Fi Alliance that that's a separate discussion as any kind of mobile and data roaming is today. I fear for that particular area. Cellular carriers outside of the same home country charge unjustifiably high rates for roaming: the carrier allowing a non-native customer to roam marks up its service enormously, and the roaming customer's provider adds on top of that. In the modern world, the cost is fairly tiny on the back-end to allow roaming. It's simply a high-margin profit center, and one that European Union regulators have slashed away at. Regulators in other countries lack the cross-border controls or the regulatory interest to get involved.
My fear therefore is that carriers will act like carriers do, and charge extremely high amounts of money for something that benefits from greater use rather than higher prices. Carriers should be encouraging the roaming use of Wi-Fi, a resource that's much cheaper to operate and has vastly more bandwidth in small areas than a cellular network can more expensively provide.
It will probably be more of the same, no matter how technically elegant.
T-Mobile’s Throttled Limit Didn’t Change from 5 GB
Atom Feed (xml)