Passpoint-what is it?

Commercial Hotspot 2.0 replaces Passpoint r1's first release (Hotspot 2.0).

The Wi-Fi alliance developed Passpoint as a way to allow users to easily move between partner networks. Users of mobile devices such as smartphones and laptops will be able to seamlessly switch between Wi-Fi networks as they travel and reduce their reliance on mobile data. Your phone's automatic connection to a new Wi-Fi network, without your intervention, was probably caused by Passpoint.


Hand pressing keyboard with high tech media icons and symbols-1


Passpoint vs Hotspot 2.0

There is sometimes an interchange between the two terms, although that is not 100% accurate. Commercial Hotspot 2.0 replaces Passpoint r1's first release (Hotspot 2.0). Even so, there have been a few new Passpoint generations since then, and to call them Hotspot 2.0 would not be accurate.


The device must connect only once to the Passpoint Wi-Fi network if it is Passpoint-enabled. The user does not need to enter credentials again when he or she is back in range of the network. Passpoint works because every participant adheres to a common protocol and uses a standard method for discovering and creating hotspot connections. People can jump automatically between Wi-Fi-certified Passpoint networks thanks to the uniformity of their Wi-Fi networks, never realizing that they are changing SSIDs.

Organizations that agree to the Passpoint standard and get their networks Passpoint certified expand Passpoint's coverage area (and reach). Passpoint-enabled Wi-Fi APs can automatically connect guests, contractors, clients, and customers once they are onboarded - not just employees.



Network security has always been a primary concern, and the developers at the Wi-Fi Alliance work on some of the protocols that keep the whole industry safe. The Passpoint protocol follows the EEE 802.11u specification - a version of 802.1x. It can only be used by access points and devices that support WPA2 and WPA3 authentication, specifically the EAP protocol. Those are the current industry standards for network security. In most Passpoint Wi-Fi networks, authentication is based on credentials, but EAP-TLS allows digital certificates through the network, which greatly increases security.



The Wi-Fi Alliance certifies networks that qualify to use the Passpoint protocol and name, so you'll often see SSIDs with "Passpoint" in them. The most common variation is “Passpoint Secure Wi-Fi”. 

Wireless internet sign on pole on the street


By simplifying the process of accessing networks, Wi-Fi Passpoint makes it easier for users to connect to networks - it automatically connects you without requiring a password. Furthermore, it protects your data with WPA2. Generally speaking, you should enable it, especially if you'll be roaming frequently.



You only need to follow a few steps to connect to passpoint:

  1. Turn on Wi-Fi on your device.
  2. You will find the Passpoint box in the Advanced or More options of the Wi-Fi menu.
  3. It should be checked.

This option may not be available on all devices. A Passpoint network can only be used in locations that have a Passpoint network, and some providers will also require you to have an account or subscription with them. In order to connect to a Passpoint network, your device must already be configured with the appropriate network profile. 


Business man holding smart phone with media icons concept on background


Updates to Passpoint

There have been three Passpoint releases (referred to as r1, r2, and r3).

Passpoint r1 - In addition to establishing all the basic features of Passpoint, Hotspot 2.0 was introduced. The Passpoint-enabled networks identified other Passpoint networks and connected to the strongest signal automatically.

Passpoint r2 - A major update to Passpoupdate to Passpoint and it is the first in which OSU has been added and users' onboarding has been simplified.

Passpoint r3 - This new version of Passpoint introduces improved security, liability, and WPA3 support. Simplified user experience with single SSID OSU support.




The onboarding process is one of the most challenging aspects of deploying a service to end users. The user experience needs to be as simple and streamlined as possible to reduce drop-offs (and support tickets). When you're traveling, you can switch from one tower to another without stopping to browse the web with Passpoint OSU from IronWiFi, a leader in automatic onboarding. You will experience the same thing as if you were using a cell phone to travel between cell towers. A major step toward a seamless, universal wireless network has been taken.


5G and Passpoint

With the introduction of 5G, there will be an increasing number of devices using the airwaves - and there is a limited amount of spectrum that can be used. There is a possibility to offload much of this spectrum to Wi-Fi, but it is a somewhat tedious process to switch bands. Passpoint can help with this by making the process as easy as possible. Users of mobile data will be able to easily switch between cellular and Wi-Fi hotspots, without having to worry about losing connection. There will be less pressure on bandwidth as a result of the arrival of 5G technology. This will benefit a wide variety of areas that are characterized by a high density of people, including sports events, universities, and metropolitan areas.

The fifth generation (or 5G) is also operating at a higher frequency of the millimeter waveband spectrum. As a result of the high energy waves, the internet is faster and the data is transmitted more quickly, however they also have difficulty penetrating objects. It will be very helpful if 5G utilizes an automatic and seamless transition to local Wi-Fi when used inside. You can see that there is almost no chance that 5G will be rolled out without the widespread availability of Passpoint. There is an extremely low likelihood that devices that operate at a higher frequency than 4G will be able to reliably access mobile data indoors, so Passpoint must be able to handle the offloading process.



As a result, the local network must be able to authenticate the mobile device when the transition from mobile data to Wi-Fi is complete. Several authentication options are available through Passpoint, but SIM authentication will likely be the most widely used. SIM authentication is a natural choice for a few reasons. In WPA2-Enterprise or WPA3, SIM cards can use certificate-based EAP-TLS authentication. SIMs are already assigned to an individual and are used to verify that individual's identity, so it's just a matter of time before digital certificates are fully realized.

Authentication via SIM cards isn't the only option. The SIM card can be used for certificate-based authentication on almost all modern devices. There is, however, little knowledge regarding the methods of enrolling and installing certificates on mass devices. Our software makes it easy to connect your Identity Provider for certificate issuance, which is why so many organizations use us. The next generation of mobile devices will be Passpoint compatible, and 5G will also be commonplace soon enough. Using this technology, many users won't even notice they are moving from mobile data to Wi-Fi.


Passpoint Wi-Fi Deployment

An experienced network solutions provider can configure your organization's network to support Passpoint Wi-Fi, as well as to configure the partner networks that users can roam between.

We have been building secure WPA2-Enterprise networks for years.

Free Openroaming



Similar posts