Wi-Fi is a Passion


Hotspot 2.0

The wireless network needs to be faster and more efficient. Most SOHO environments use nowadays the 802.11n standard, but we have already had a while the possibility to move to a newer amendment, 802.11ac. In an enterprise environment you can use protection mechanisms for better security, but what about public areas? Think about hotels or venues, like Cisco Live. Or even schools use open WiFi networks, so everybody can easily connect. Yes like I said, EVERYBODY. Hotels use normally a splash page and give you a password when you check in, most hotels use the same password for years, so even if you are not a visitor anymore, you still can use the WiFi. HotSpot 2.0 is maybe the solution for those public areas.

Hotspot 2.0

Hotspot 2.0 uses auto-join, and that uses the traditional PEAP or EAP-SIM. PEAP uses a certificate and EAP-SIM uses the SIM card that is in the mobile phones to communicate with the authentication server. So you don’t need any passwords to join, everybody can join, but you will have more control, since the client identifies itself with the SIM or the certificate. Hotspot 1.0 is what I mentioned in the beginning, you unlock your device and you visit a splash page. Hotspot 2.0 is auto-join as already mentioned, you unlock your device and it connects directly to the AP. One of the advantages is hotspot 2.0 uses an unknown, but trusted SSID, so device tracking is not possible.

First you need to download and/or configure on your phone a new WiFi profile. The new devices from Apple and Samsung already have the hotspot 2.0 certificate—Apple already uses this automatically, with Samsung it depends on the carrier. The AP doesn’t send the SSID, since this was unknown, but it sends a name as identification, for example the venue name (MiCo, for Milano Conference). As soon as you unlock your phone, your phone will connect the hotspot 2.0 AP. The device knows nothing of the AP, only the venue name. It uses 802.11 u.

Cisco has, at the moment of this writing, 66 certified HS2.0 AP’s, also including the Meraki MR series. Other vendors are coming too with this ‘new’ technique. For now the only devices that are HS2.0 ready are Samsung Galaxy S3 and newer, Samsung Note 2 and newer with Andriod 4.1.2. Apple supports it from iOS 7+ and MacOS 10.9+. Also Sony eXperia Z series has begun supporting HS2.0.

Samsung requests more information, from the AP, then makes a better decision which AP is the best using information like how many connections, RF Load, and WAN speed. Apple doesn’t do this and makes the decision on its own.


HS2.0 doesn’t have only technical advantages, but also business. For example in malls with tons of stores that have all their own HS2.0 APs. You walk with your HS2.0 device through this mall with all those AP’s. You enter, or pass by, a store and your devices connects with the store AP. At that point the AP can use the push notification and send the devices welcome messages with promo codes or other marketing related news and location tracking. That’s nice for the business, the question is, is the client ready/waiting for this.

The technical advantage is for sure a better secure public WiFi network with SIM or certificate-based authentication.

For the customer, will it be easier to connect and find the best performed AP, and auto-join in public environments like airports, malls, conference buildings. Also, no big data bundles if you cross the border to another country.