iOS 18's Rotate Wi-Fi Address and Its Impact on Hospitality Wi-Fi Networks

It’s been a few years since we last wrote about MAC randomisation, but with the advent of the iOS 18 beta, understanding the implications of the new “Rotate Wi-Fi Address” option on your guests iPhone is critical. In this post we’ll explore what we know about MAC rotation and randomization in 2024, with a specific focus on iOS 18 and potential developments we might see in September 2024. We will delve into the technical aspects of this technology, its impact on Hospitality Wi-Fi networks and the Guest experience, and we’ll offer potential solutions to address the challenges it presents.

Furthermore, by providing practical solutions and insights into future developments, we hope to empower Hospitality professionals to navigate the evolving landscape of MAC randomization effectively and ensure seamless connectivity for guests in the years to come.

How are MAC Addresses Used for Wi-Fi Networks Today?

Historically, Captive Portal providers have utilized static MAC addresses for both beneficial and questionable purposes. On the negative side, unscrupulous providers have exploited static MAC addresses to track users' locations and serve them targeted advertisements. On the positive side, known devices could be automatically authenticated for seamless Wi-Fi connections. Many prominent hospitality brands have implemented automatic authentication programs for loyal customers by storing and recognizing their devices' static MAC addresses. In the hospitality and multifamily markets, the use of static MAC addresses is extensive in current solutions.

In recent versions of MAC Randomization both Google's Android and Apple's iOS maintain the same MAC address on a per-network basis which means the traditional device recognition approaches still work. Even Apple keeps the MAC the same as long as devices connect to a network every six weeks.

What is Changing with iOS 18 on Apple Devices?

Apple has enhanced MAC address randomization in the recent iOS 18 beta, providing increased privacy for Apple devices. The updated setting, labelled “Rotate Wi-Fi Address”, replaces the previous “Private Wi-Fi Address toggle”. Details are still emerging at the time of writing but initial testing on iOS18 (22A5282m) of  the “Rotate Wi-Fi Address” feature has found that it:

  • Is disabled by default on existing saved PSK networks
  • Is disabled by default on new saved PSK networks
  • Is enabled by default on new open portal networks
  • Doesn’t rotate the device MAC address when you toggle Wi-Fi on and Off

Originally, the Private Wi-Fi feature in iOS 14 beta randomized MAC addresses by default. This randomized MAC address would rotate every 24 hours after connecting to a wireless network. However, this caused inconvenience as each guest device connection appeared as a new unknown device, prompting guests to go through to a guest portal at least once per day instead of seamlessly re-joining a network. To balance privacy with convenience, the Private MAC feature in the final release of iOS 14 was made less aggressive by Apple. Our latest investigations suggest that in the iOS18 Beta the following behaviour is expected: When joining open networks or networks using security older than WPA2 with a private Wi-Fi address, the private address is automatically changed every 2 weeks.

Only time will tell whether Apple get it right in the September 2024 general release of iOS 18. Most hospitality experiences still depend on a MAC address that doesn’t change frequently.

Example of Apple's new Rotate Wi-Fi Address Feature.

What Does This All Mean for the Guest Wi-Fi Experience?

The increasingly dynamic nature of the MAC Address is one of the reasons Eleven has invested in Passpoint and in our patented cloud-based PSK solution, Personal Pass Key. Neither  solution relies on a MAC address for identity or authentication, but instead uses a profile based approach to identify and automatically authenticate a device onto a network. These solutions are available as API’s for our customers to integrate into their guest experiences. Passpoint works best when integrated into an App and Personal Pass Key can be embedded in all kinds of scenarios (and is also the foundation of our Multifamily / Residential solutions).

Roaming Auto-Connect & Loyalty

Together, Passpoint and Personal Pass Key (PPK) are the basis for Eleven’s Roaming Auto-Connect solution, which provides a secure, seamless Wi-Fi connection experience for guests who are members of the brand loyalty program.  Combine the Roaming Auto-Connect experience with Eleven’s captive-portal-based loyalty onboarding solution to make your guest network an end-to-end, closed-loop loyalty onboarding and rewards experience.