Blog

Leading the Next Wave of Zero-Touch Wi-Fi IoT Innovation

The journey of Aptilo Networks, acquired by Enea in October 2020, has consistently pushed the boundaries of secure and seamless IoT connectivity. In 2018, Aptilo pioneered a groundbreaking concept: the idea of using existing Wi-Fi IoT device certificates to automate the onboarding to secure Wi-Fi networks (801.1x with WPA2/WPA3 encryption). This “zero-touch” approach unlocked new efficiencies for operators and enterprises by automating Wi-Fi network access for IoT devices from power on, earning industry recognition and numerous awards.

However, despite this recognition and proof of concept with Amazon AWS IoT Core, we knew we could never drive this to industry-wide deployment. Two challenges had to be fixed:

  • Devices support: IoT devices had to try to connect to a Zero-touch Passpoint (Hotspot 2.0) service at power on. Trying to convince individual vendors to add this support would be overwhelming.
  • Authentication: We would have to provide an authentication service and integrate with the certificate repository to verify the certificate.

Fast-forward to today and Enea is driving this innovative legacy forward, taking zero-touch onboarding to new heights. Through a collaborative effort within the Wireless Broadband Alliance (WBA) initiated by Enea, we are playing a central role in shaping a framework for seamless, secure IoT onboarding using WBA OpenRoaming and FIDO Device Onboard (FDO) by FIDO Alliance.

You can download the WBA report outlining this framework and learn more in the recent WBA press release.

This WBA initiative is a critical step toward realizing our original vision on a global scale, as it will solve the original challenges:

  • Device support: The likelihood that manufacturers will implement device support has increased significantly as it can be aligned with the general FDO onboarding processes.
  • Authentication: OpenRoaming, a growing global Wi-Fi network, is available for a seamless and secure IoT device onboarding process. The device owner can then optionally easily select another private Wi-Fi network for permanent use.

We foresee that once there is a critical mass of device support, device owners may create their own OpenRoaming Wi-Fi service, which can run on their corporate Wi-Fi network for the sole purpose of IoT onboarding. The device owner can choose to only accept access for their own devices to this OpenRoaming network. If the device owner does not want to act as an OpenRoaming Identity Provider (IdP), the authentication process can be outsourced to an IdP hub provider.

Our interest in IoT led to a completely different innovation for cellular IoT: the Enea IoT Connectivity Control Service (IoT CCS). Stay tuned as Enea continues to lead in transforming IoT connectivity with seamless, secure innovations that redefine or enhance industry standards.

Related insights

EAP and SIM authentication

EAP and Seamless Access with SIM Authentication

Read more

Tags: Wi-Fi Offloading

Wi-Fi Offloading How

New White Paper: Wi-Fi Offloading – How?

Read more

Tags: Wi-Fi Offloading

Secure Wi-Fi with 802.1x and WPA2/WPA3

Read more

Tags: Carrier Wi-Fi, Wi-Fi AAA, Wi-Fi Authentication, Wi-Fi Offloading

WBA proposes a ‘zero-touch’ onboarding for IoT via Wi-Fi

Read more

Tags: B2B Wi-Fi, Carrier Wi-Fi, IoT CCS, IoT Security, Wi-Fi Offloading

Wi-Fi Offloading – presentation at Wi-Fi World Congress 2024

Read more

Tags: Carrier Wi-Fi, MNO, MVNO, Wi-Fi Offloading