One Global Wi-Fi Network and OpenRoaming

1.3 Achievements and Challenges of OpenRoaming

1.3.1 Fast Growing OpenRoaming Network

OpenRoaming has entered a fast track since the WBA picked up its development. In about 2 years, over 3 million access points have joined the global OpenRoaming network [13], and the momentum has been widely supported by telcos, ID providers, and main device vendors.

The WBA’s OpenRoaming alliance creates an open connectivity framework that can be used by all organizations in the wireless ecosystem to power new opportunities in the 5G era.



By implementing the following technologies, the alliance has advanced WiFi services worldwide:

  • Cyber security services: Cyber security enables simple, secure and scalable Wi-Fi connections amongst the different organizations that are part of WBA OpenRoaming™. This allows for automatic and secure roaming between millions of networks, nationally and globally.

  • Cloud federation: A cloud federation of networks and identity providers enables automatic roaming and user onboarding to Wi-Fi. Based on the WBA’s WRIX standards, it allows for scaling and facilitates different business models under a harmonized framework.

  • Network Automation: Network automation defines an automated roaming consortium codes framework (RCOI) to support policy provision on devices and networks. Organizations that manage a Wi-Fi certified Passpoint™-enabled network may become part of the WBA’s OpenRoaming™ federation.



In terms of promotion of OpenRoaming, the WBA demonstrates that OpenRoaming could bring the industry the following four benefits:

  • Seamless and secure onboarding: No more SSID-password guessing games, insecure login credentials or repetitive reconnections to public Wi-Fi. Instead, OpenRoaming creates a seamless WiFi connection experience, allowing billions of devices to connect automatically and securely to millions of Wi-Fi networks globally.

  • Improved consumer satisfaction: No more billing surprises from overseas cellular roaming data.With OpenRoaming, Wi-Fi Roaming and cellular combines to create the best coverage and cost options, integrating guest/public Wi-Fi access with cellular networks worldwide, for a seamless user experience anytime, anywhere.

  • Positive industry impact: OpenRoaming defines the industry policy & standards needed for all players in the Wi-Fi ecosystem to join and develop their services. It can grow new business opportunities with Wi-Fi roaming & the 5G offloading it enables, facilitating the convergence of Wi-Fi and 5G.

  • A better connected world through unprecedented, global reach: billions of devices get automatic and secure connections to millions of Wi-Fi networks globally.



1.3.2 Challenges

New challenges have been exposed during the adoption process of global OpenRoaming. These drive the development of Roam.

1.3.2.1 Limits in Service Provision

What will happen if a user visits a venue for the first time and they do not have other means, like cellular data, to connect to WiFi besides connecting to that venue’s network? Currently, there are two approaches. The first one is to use Online SignUp (OSU) services, and the second is to install a profile on their mobile device before they travel to the venue. Unfortunately, both methods have constraints and limit the growth of OpenRoaming.

The Wi-Fi Alliance expanded the Access Network Query Protocol (ANQP) to include Online Sign Up (OSU) concepts to leverage seamless onboarding and client security for Passpoint® networks. ANQP (mentioned in Section 1.2.1.2), which is the basis of IEEE802.11u, is a query-and-response protocol that defines the services offered by an access point (AP), typically at a Wi-Fi hotspot.When a subscriber queries an AP using the ANQP, that user receives a list of items that describe the services available, without having to commit to a network.

With OSU, the typical user experience is as follows: When a user comes into a venue where he or she has never been to, there will be 2 networks available:An unencrypted WiFi network called: Free_registration, and a secured one called: WiFi. The user will initially have as their only option going for the Free_registration ssid, and only it can be connected to the OSU. The user will follow and complete the registration process, subsequent to which they should expect a seamless experience logging into the secured network automatically. Unfortunately, this is not the case. iOS states that it’s a security violation to start changing the phone setting with different Wi-Fi credentials when connecting to Free_registration. Thus to sign up to the network, the user must register with the Open network and then go back to the secured one to fill in the information which he or she just registered with. This process is non-user-friendly and basically prevents the mass adoption of OpenRoaming. With an Android based system, the process for connecting to WiFi at a new venue is easier but still not smooth.

The alternative solution is to get the users preloaded with an OpenRoaming profile before they travel or leave a network to which they’re already connected. They can either download an iOS or Android app onto their cell phones or tablet, or scan a QR code via web browser and download the profile onto their cell phones. With this profile, their mobile devices will automatically connect to the OpenRoaming WiFi network whenever they encounter it. This approach works; however, it is difficult to ask people to pre-download a profile, particularly when they could not really test it immediately (before traveling to a new network). Unfortunately, this added step largely confuses the end users and restricts the adoption of OpenRoaming.

1.3.2.2 Constraints of IDPs

OpenRoaming profiles are managed by IDPs. Each IDP who wants to offer OpenRoaming services must set up a RADIUS based backend and work with site owners or agents like the WBA on adding the corresponding NAIs or Realm to the list of authorized identifiers. There are many IDPs - like credit card issuers, game producers, loyalty programs, etc - who want to offer OpenRoaming services, but they typically neither have locations to deploy WiFi nor know how to operate enterprise WiFi systems (or are willing to invest the necessary resources for that). So far, there are fewer than 10 IDPs providing OpenRoaming services. If easy integration of enterprise WiFi systems were available to IDPs, they could offer OpenRoaming to their customers without needing to operate an enterprise WiFi backend, releasing the potential of OpenRoaming to engage IDPs and grow its user base dramatically.

1.3.2.3 Challenges in Network Expansion

The ultimate goal of one global OpenRoaming WiFi network is to build a network as large as possible, with a focus on covering areas with high population density, as these need carrier off- loading the most. They include large venues or enterprise sites like sports complexes, libraries, stadiums, schools, and shopping centers; as well as small or medium sized locations like popular restaurants, fitness clubs, cafes, bars, playgrounds, campgrounds etc. Current OpenRoaming deployment is mainly performed in the former cases, as these sites have the budget and technicians needed to support enterprise grade WiFi. On the other hand, the owners of small or medium sized sites will typically not have strong motivation to deploy OpenRoaming until it has become a popular standard. They are hesitating to invest additional capital to upgrade their WiFi to enterprise grade, and even if they do so, they still lack the technical expertise needed to manage the backend.Oftentimes they must hire an agent to help them manage it, which means additional costs that could be an issue for these small to medium businesses.

Although OpenRoaming has grown dramatically since 2020, it is still considered to be in its early stages, and how to incentivize small or medium businesses to implement it remains a question to the industry.

1.3.3 Roam’s Objective

Roam was developed to take a decentralized approach to building a global WiFi OpenRoaming network. It will help to accelerate the growth of the existing OpenRoaming networks and facilitate 5G roll out globally.

In this decentralized OpenRoaming network:

  1. Any ID providers, government agencies or businesses like banks, online video streaming operators, game producers, etc., can become OpenRoaming ID providers and offer OpenRoaming services to their customers, either via the Roam mobile app or their own app.

  2. Site operators could offer OpenRoaming without operating or hiring anyone to operate an AAA (Authentication, Authorization and Accounting) server, typically a RADIUS (Remote Authentication Dial-In User Service) based setup.

  3. Users can use their Web3 DID (self-declared) and Verifiable Credentials (issued by IDPs) to roam on the global OpenRoaming Network. This network is decentrally built and managed but allows regulators and Verifiable Credentials issuers to work together to identify network users when needed. Within this network, users’ data privacy will be protected per the Trust-Over-IP identity management concept. Subsequently, the privacy protected “3W” data (Who connects, When and Where) will be made available to the public via Roam protocol, helping developers build additional applications upon it.