By Claus Hetting, Wi-Fi NOW CEO & Chairman
Note: This story has been updated with the latest test results as of September 20.
After some early confusion as to the details of how Apple’s iOS14 ‘Private Wi-Fi Address’ feature might work, testing of the actual iOS14 release has now confirmed what we suspected some weeks ago: No, the feature will not randomise the MAC addresses of your Wi-Fi devices (your iPhone for example) every 24 hours but it will scramble a few things for you and might make the life of Wi-Fi service providers mildly more difficult. Here’s the full story with thanks to Aptilo Networks for sharing their latest test results.
First Apple said they would introduce a 24-hour cycle for randomising device MAC (hardware) addresses, then they changed their minds. So what exactly is going on? We decided to ask our friends at Aptilo Networks to get us an update. They have now tested how the ‘Private Wi-Fi Address’ feature in iOS14 actually works based on the current iOS14 release.
“We initially thought that the MAC address of your Apple device would be randomised every 24 hours. This is what Apple said on their website. Fortunately, iOS14 doesn’t do that,” says Johan Terve, VP Marketing at Aptilo Networks. Instead Apple is randomising the MAC on a per-SSID basis, he says.
“Our tests show that for each Wi-Fi SSID – meaning each Wi-Fi network you connect to – your device will present a distinct randomised MAC address. The randomised MAC address for each network will not change over time, not even if you force the device to ‘forget’ the network, and then connect again,” Johan Terve says. He also says that toggling ‘Private Address’ on and off will indeed switch between the real MAC and the randomised MAC for that Wi-Fi network, but that the randomised MAC won’t change as a result of the toggle either.
‘Private Address’ is switched on as the default. But the resulting inconvenience is minor, Aptilo says. As a starting point the user experience will be the same as when logging onto a specific Wi-Fi network for the first time: A MAC-based account is created and from then on the user will auto-connect to that network using his or her MAC-based credentials.
“If users then toggle the privacy setting, the device will go back to the hardware MAC address, and they will then need to login again. This will create a new MAC account. So in the worst case the user will need to login to a Wi-Fi network twice using MAC-based authentication,” Johan Terve says.
Aptilo believes that the only companies likely to suffer from the ‘Private Address’ feature are those who have made it their business to track users across different Wi-Fi networks. Meanwhile mobile device evolution is unquestionably trending towards features for stricter privacy, Johan Terve says.
“We can expect to see a stricter approach to privacy in the future. For now Apple seems to have gone with a milder version, which is welcomed by the Wi-Fi industry. And of course we now hope this version will find its way into the final release of iOS14,” he says.