Category Archives: Security

HotspotID – How it works.

HotspotID is the first (and only) app to protect you against WiFi Pirates (a fake, or so-called rogue WiFi access point (AP)) and helps you stay safe on public and private WiFi networks.

How HotspotID works:

  • HotspotID fingerprints each WiFi connection you make and sends the collected data to the HotspotID server.
  • Each fingerprint includes ± 20 data points, depending on the phone model, network configuration and app settings.
  • On the server all fingerprints are registered and checked to verify you are connected to a legitimate access point not to a WiFi Pirate. If a WiFi Pirate is detected HotspotID will warn you and turn off WiFi on your phone. (This action can be managed in the settings).
  • All fingerprint check results are tracked to calculate the overall reputation for each corresponding access point. The reputation is displayed in the app a green, yellow or red icon (looks like a WiFi person) in the right margin by the access point name. The number of fingerprints on which the reputation is based is displayed in brackets next to the reputation icon.
  • Standard use of HotspotID is anonymous, but you can optionally register to setup an account. When you are logged in you can give user ratings on access points and you can save an AP in a “My Places” list. The features for registered users will be expanded in the future.

App Settings

In the settings you can configure the following parameters:

  • Automatic Fingerprinting : ON / OFF
  • Share phone location data : ON / OFF
    (The phone location data is ONLY used to register / verify the location of the access points you connect to.)
  • Mobile Data : ON / OFF
    (HotspotID uses Wifi to connect to the server. But if no WiFi connection is available, we can use Mobile Data to retrieve the reputation data for all the access points in range and any given time).
  • Buzz / audio warning when a WiFi Pirate is detected : ON / OFF
  • Turn off WiFi when a WiFi Pirate is detected : YES / NO

WiFi Pirates

This is a term we invented to label WiFi access points (AP) which could jeopardize your WiFi safety. They are also referred to as spoofed AP, rogue AP, Evil Twins, etc…

Whatever they are called, in almost all cases they are setup by hackers or snoopers to trick you in connecting to the Pirate, in order to steal private data or inject malware into your phone or computer. Unfortunately, up to now (i.e. before HotspotID came along) there have been no tools for normal WiFi users to protect themselves against WiFi Pirates.

Crowdsourcing & Sharing back to the community.

HotspotID is setup to collect live data for all the WiFi connections made by all HotspotID users.

This is called crowdsourcing. This crowdsourced data is used to; 1) verify each WiFi connection for each user in real time and 2) calculate a reputation profile for each registered access point based on all connections made. The more data we collect for each access point, the more reliable the analysis will be.

In return for collecting this data, we share with the full user community, in real time, the reputation data for all the access points in our database, so that each user can benefit from the data contributed by the whole community.

So, the more users we get, the more data will be collected and the more reputation data will be produced to share with all users.