In the modern era of constant connectivity, secure and reliable WiFi access has become indispensable for users on the go. Passpoint technology has emerged as a game-changer, revolutionizing the process of connecting to WiFi networks, especially in light of recent advancements in MAC randomization. However, the dynamic nature of the WiFi industry has led to significant changes in the Passpoint landscape.

Importance of Passpoint

Passpoint has traditionally been utilized by carriers primarily for data offloading purposes. However, with the recent advancements in MAC randomization and growing concerns about security, Passpoint is now gaining increased significance across all WiFi networks. Passpoint offers users automatic, secure, and portal-free access to WiFi networks through a one-time provisioning of the Passpoint profile on their mobile devices. Once provisioned, enabled devices automatically connect to the organization’s network whenever they are within range. Until now, users had two primary methods for onboarding into a Passpoint-based network: on-network onboarding through the OSU (Online Sign-Up) portal and off-network onboarding through the mobile app.

Discontinuation of OSU Portal

The fragmentation of OS platforms in terms of their support for the OSU feature has posed challenges for the implementation and widespread adoption of OSU. This has resulted in inconsistent and complex user experiences due to varying client support across devices. Additionally, integrating OSU with the devices’ security policies has proven to be a complex task. Furthermore, the decision of our Certificate Authority provider to exit the certificate market for business reasons has further influenced the need for alternative enrollment methods. As a result, on July 1st, the Wi-Fi Alliance officially announced the discontinuation of the OSU technology. This development emphasizes the importance of exploring alternative approaches to effectively enroll users on-site.

The new role of captive portal in Passpoint onboarding

Leveraging the power of captive portal is a viable alternative for Passpoint onboarding. With a captive portal, users gain access to a network through a dedicated portal where they can easily enroll in Passpoint by downloading the required profile onto their devices. This approach guarantees a smooth and effortless onboarding experience, eliminating any potential hassles. By utilizing captive portal technology, organizations can provide users with a seamless and user-friendly method to connect to Passpoint-enabled networks, ensuring a streamlined and hassle-free onboarding process.

Android devices
With a recent update (retroactive since Android 10), the “WiFi mini-browser” on Android now supports over-the-air downloading and provisioning of Passpoint profiles. This means that users are presented with the option to enroll in Passpoint before network authentication during their onboarding journey. The simplified process allows for a smooth transition, ensuring a seamless WiFi experience. Android is also actively working on an upgrade that will enable devices to automatically switch to the Passpoint network once the profile has been downloaded, further enhancing user convenience.

iOS devices
For iOS devices, the Passpoint onboarding process involves the CNA (Captive Network Assistant). While the CNA allows users to download a Passpoint profile, it forces the closure of the CNA before the user is actually authorized on the network. To optimize the user experience, it is advised to prompt iOS users to download the profile after network authorization, on the landing page that remains open in the CNA. Finally, iOS users need to finalize the activation of the profile in the Settings app. Though there are a few additional steps, the process remains straightforward and ensures secure WiFi access for iOS users.

Embracing captive portal for seamless Passpoint onboarding

Considering the discontinuation of the OSU technology, leveraging captive portal has become the go-to method for on-network Passpoint onboarding. By utilizing a captive portal, organizations can provide users with a simple and intuitive onboarding experience across various devices and operating systems. This approach offers a standardized alternative for onboarding users on-site.

Position your organization as an innovator by embracing Passpoint and delivering automatic, secure WiFi connectivity to your users. Discover how Cloud4Wi’s Passpoint solution can transform your organization. Request a demo now.