Copyright © Alepo 2015. Specifications subject to change without notice.


5 Emerging Innovations in Carrier Wi-Fi
An Alepo White Paper


With mobile data usage on the upswing, wireless carriers are looking to Wi-Fi hotspots as a viable option for the delivery of high speed internet services on mobile devices. With the introduction of Wi-Fi hotspots to their overall mobile data strategy, carriers can unlock new revenue channels, drive up business value, and optimize network resources and efficiencies.

This Alepo white paper reveals five emerging innovations surrounding Carrier Wi-Fi offload and monetization that are advancing opportunities for wireless carriers in making Wi-Fi hotspots a fundamental and viable part of their mobile data strategy.


It’s no question that Wi-Fi is a mature and widespread technology, today reaching over 700 million homes, schools, enterprises and hotspot locations worldwide. Its reach continues to grow as more Wi-Fi-enabled mobile devices, including smartphones, tablets, laptops, e-readers, and music players, hit the market. As data usage on mobile devices continues to sky rocket, wireless carriers are beginning to see great potential in leveraging Wi-Fi in order to capitalize on new revenue channels and to reduce congestion on cellular networks.

Whether implemented by a wireless carrier, cable or internet service provider or through a partnership with an existing Wi-Fi provider or aggregator such as Boingo, a Wi-Fi hotspot network can offer an alternative or complementary means to the delivery of high-speed internet services to customers. Cost-efficient, widely supported and readily deployable, Wi-Fi hotspot networks are an attractive and immediate option for carriers looking to supplement their existing data services, offload from cellular networks, or generate additional revenue with a paid Wi-Fi hotspot business model.

Key Drivers for Carrier Wi-Fi

  • Carrier Wi-Fi can be used to deliver high-speed internet services to customers at a relatively low cost per byte.
  • Carrier Wi-Fi can relieve data-congested cellular networks and optimize network resources through automatic Wi-Fi offload.
  • Carrier Wi-Fi can offer greater control over the customer experience than unsecure, public Wi-Fi hotspots in terms of security, accessibility, ease of use and consistency across multiple hotspot locations.
  • Carrier Wi-Fi can be packaged as a value added service (VAS), boosting customer loyalty and ARPU of existing customers.
  • Carrier Wi-Fi can create new revenue streams and paid Wi-Fi hotspots business models that reach a wider range of customers.

As carriers deliberate exactly how Wi-Fi fits in their overall mobile data strategy, they must consider a myriad of questions and challenges that span the network, the business opportunity and the customer experience. From a network perspective, this includes a number of questions on security, integration with legacy networks and support for a wide variety of mobile devices. Business-wise, carriers have been challenged by competition from free, public Wi-Fi hotspots and doubts about how best to sell or package Wi-Fi hotspot services. And, in regards to the customer experience, carriers must consider how to ensure a consistent, simple and ubiquitous experience across networks in order to facilitate adoption and encourage use.

Ongoing work in the development of standards, industry initiatives like NGH and Hotspot 2.0, and vendor solutions addresses these considerations and is driving forward the opportunities for Carrier Wi-Fi. This work has given rise to new possibilities for service innovation, new revenue channels, and partnerships. Advancements in technologies that enable automatic and granular Wi-Fi offload, manageable partnerships, and profitable hotspot networks make it possible and viable for wireless carriers to launch Wi-Fi hotspot services and reach customers with differentiated service offerings.

The following pages discuss five emerging innovations in Carrier Wi-Fi and their implications for wireless carriers. These innovations, while not an exhaustive list of the current advancements being made in Wi-Fi technology, center on the areas of Wi-Fi offload and Wi-Fi hotspot revenue generation, specifically:

  • 1 Making Wi-Fi Offload Secure & Automatic
  • 2 Making Carrier Services Available on Wi-Fi
  • 3 Enhancing Network Discovery & Selection
  • 4 Monetizing Wi-Fi Hotspots
  • 5 Forging Partnerships across the Wi-Fi Ecosystem

1. Making Wi-Fi Offload Secure & Automatic

Wi-Fi offload can be a win-win situation for carriers and subscribers. By offloading mobile data traffic from a 2.5G or 3G cellular network to a Wi-Fi hotspot network, carriers can optimize available cellular network resources, increase overall capacity and reduce bottlenecking of service. By alleviating congestion caused by heavy smartphone internet usage, carriers can better allocate their cellular network resources to other customers for voice calls and other services. In turn, offloaded subscribers experience the advantages of high-speed Wi-Fi access without having to manually connect or log in.

In order to realize the full potential of Wi-Fi offload, the process of moving from a cellular network to a Wi-Fi network must be automatic and transparent to the end user. If it is not, the offload has to be initiated by the end user himself, which often requires the user to manually select the network and enter a security key or login credentials to connect. This can cause a significant drop-off in adoption and undermine the goals of the offload solution.

Yet, achieving an automatic and transparent offload process is not child’s play. To protect the integrity of the network as well as subscriber data, the mobile subscriber must be securely authenticated to the Wi-Fi hotspot network during the offload process. This means that the subscriber’s identity (e.g., IMSI) and login credentials are sent over the Wi-Fi hotspot network, which is, by definition, a non-secure, non-trusted network. If not addressed properly, this can pose security risks, such as exposing login credentials to possible interception or corruption during the authentication process, making it possible for unauthorized users to access the network.

Another challenge in realizing automatic and transparent offload is the considerable variation in mobile handsets and operating systems. Most Wi-Fi offload solutions available today require a SIM card to perform secure authentication, which overlooks a large number of popular mobile devices on the market today that do not support SIM cards. Carriers require an offload solution that works for their customers across multiple types of devices.

There are a number of innovative approaches to realizing Wi-Fi offload that provide secure authentication while maintaining an automatic and transparent process. These approaches create transparent methods for offload that accommodate the diversity of mobile devices in use today.

Wi-Fi Offload via EAP SIM, AKA Authentication

One such approach to Wi-Fi offload is the use of a mobile device’s SIM card to securely authenticate the subscriber to the Wi-Fi network via EAP SIM or EAP AKA authentication methods. This method of authentication utilizes encrypted data from a mobile device’s SIM card to authenticate and optionally authorize a user via an authentication gateway. The gateway commonly sits between the AAA server in Wi-Fi core network and the HLR or HSS in the mobile core network to fetch authentication vectors over a standard Diameter or SS7 interface. The process is highly secure, since it utilizes the same proven and secure authentication methods already used in mobile networks. When combined with IEEE 802.1x authentication standards, EAP SIM and EAP AKA can provide a secure, encrypted connection to WLAN equivalent to 3G or LTE levels of security.

This approach to Wi-Fi offload requires no installations or changes to the end user device, and it works with any WPA Enterprise or WPA2 Enterprise-enabled access point, making it a readily available solution on the market today. In addition, this method minimizes dependency on other network components, needing light integration with the mobile core network over a standard SS7 interface to function fully.

This type of Wi-Fi offload limits its support to devices that natively utilize SIM cards. Some devices that do not natively support EAP SIM or EAP AKA authentication methods may be patched to do so. However, since a number of mobile devices used to access Wi-Fi networks today do not support this offload approach, carriers may consider a multi-pronged approach in order to realize a robust and comprehensive offload solution.

Wi-Fi Offload via Mobile App

Another approach to Wi-Fi offload is the use of a mobile app to securely authenticate the subscriber to the Wi-Fi network. Installed on the end user’s mobile device, the app works in the background to authenticate the subscriber to the Wi-Fi hotspot network without requiring the end user to manually enter login credentials. Automatic and transparent, this solution bypasses the need for a SIM card to perform secure authentication, making it a highly available option for a wide range of mobile devices.

In order for the mobile app to perform secure and automatic offload, two processes must occur. First and foremost, the app must be installed on subscribers’ mobile devices, either through factory installation, customer download (a good option for an opt-in model), or over the air provisioning. Second, the mobile app must obtain and store the login credentials from the network, known as an enrollment process. Enrollment can be handled in multiple ways, including certificate sharing using EAP TLS / TTLS authentication methods or sending a one-time password over SMS. These options ensure the best fit for each carrier’s network topology and security requirements.

Depending on the type of enrollment process as well as the carrier’s existing network topology, this approach to Wi-Fi offload may be completely self-contained, requiring little to no integration with the existing mobile core network infrastructure. This allows for a more rapid deployment that does not impact or interrupt existing services.

2. Making Carrier Services Available on Wi-Fi

In the pursuit of creating an experience on Wi-Fi that is comparable to 3G or 4G mobile data networks, carriers are seeking out ways to providing secure, uninterrupted access to carrier IP services, such as voice, video and other multimedia services. Connections to hotspots outside of a carrier’s own network pose a particular challenge, since the delivery of carrier services requires interworking with the carrier’s core network. Because Wi-Fi is considered a non-trusted, non-3GPP access technology that has traditionally lacked sufficient methods for encryption and secure transport of data traffic, it can expose the core network to security risks.

Multiple industry organizations, including the 3GPP and Wi-Fi Alliance, have had stakes in the development of a standard architecture to enable Wi-Fi interworking and roaming with access to voice, video and multimedia services in the carrier’s 3G or 4G core network. The iWLAN architecture, standardized by the 3GPP, promotes secure connections between the packet core network and Wi-Fi networks. The iWLAN architecture designates a secure connection to the carrier’s core network via an IPSec tunnel, which extends from the UE, through the wireless access gateway (WAG), the GGSN, and from there to the core network or the internet. It utilizes security keys (IKEv2) for authentication, and interacts with a AAA / AAA proxy framework to retrieve subscription information and authorize the connection.

Along with carrier voice, video and data services, iWLAN could enable carriers to extend a breadth of 3G services and functionality to the Wi-Fi environment. Carriers may provision, authenticate and authorize traffic for their carrier services on Wi-Fi networks, just as they do for their 3G networks, and they can enforce policy on these services. Additional capabilities include lawful intercept and unified charging and billing.

Yet a number of challenges of this infant architecture remain. Upon connection to a Wi-Fi network, a new session must be established, with subsequent interruption in services. In addition, this architecture requires a special UE client that may not be available in all devices, as well as some investment in additional infrastructure for the core network, including a WLAN access gateway (WAG) to handle policy enforcement and accounting functions, and additional packet data gateway functionality to handle session management, IPSec tunnel termination, and routing and charging events.

Session continuity is particularly sought after for creating a thoroughly seamless interworking experience, and it is currently driving efforts to develop new standards. The 3GPP has developed an alternative proxy MIP offload architecture, allowing mobility and session continuity between Wi-Fi and mobile data.

3. Enhancing Network Discovery & Selection

Going above and beyond automatic and transparent offload, automatic network discovery and selection can enable carriers to more discerningly offload mobile data traffic according to a number of parameters, including network type, location, time, subscription type and more. This can help carriers to overcome an “everybody on, everybody off” situation that can paradoxically leave Wi-Fi hotspot networks congested and cellular networks underutilized. With the Automatic Network Discovery and Selection Function (ANDSF), a 3GPP-deliniated evolved packet core (EPC) network element, carriers can define granular rules for offload that best align with their network resources and customer usage patterns.

The ability for carriers to set fixed network discovery and selection rules engenders a plethora of new opportunities for more intelligent Wi-Fi offload. Carriers can apply policies to their offload decisions to ensure quality of service and a consistent customer experience for offloaded customers. More so, carriers can offload less valuable mobile data traffic while keeping revenue generating traffic on their mobile network, thereby minimizing the risk of weakened revenues. Rules can be configured for specific locations, hours and days of week, to relieve network congestion and promote optimized network performance. Through strategic offload decisions, carriers can also prioritize offload to Wi-Fi hotspot networks for their roaming customers, in order to alleviate the costs of roaming. Furthermore, carriers can utilize Wi-Fi hotspot networks to minimize dead spots for their mobile subscribers, to expand coverage and access to Wi-Fi for their customers and to promote optimal customer experience by prioritizing the highest quality connection at every geographic location.

4. Monetizing Wi-Fi Hotspots

The ability to capitalize on Wi-Fi hotspot services can constitute a major incentive for wireless carriers and service providers to incorporate Wi-Fi services into their service portfolio and to grow their Wi-Fi hotspot footprint. By monetizing Wi-Fi hotspots, carriers can offset the costs of the Wi-Fi infrastructure and open new revenue channels for existing and new customers. Even if the carrier’s main driver for a Wi-Fi hotspot network is to increase cellular network capacity by offloading existing mobile subscribers, the Wi-Fi hotspot network can be extended to new and non-mobile subscribers as well. This affords wireless carriers an opportunity to expand their reach to new customer segments, including new and casual users, roaming users, as well as their existing mobile subscribers using secondary, Wi-Fi-only devices.

Mobile Data Services Convergence (3G + Wi-Fi)

For existing mobile subscribers, there are boundless opportunities to cross sell, upsell and bundle Wi-Fi hotspot services alongside mobile data plans. Wi-Fi hotspot access may be bundled as a value added service or as a flat-fee monthly add-on package to a mobile data plan. For unmetered Wi-Fi hotspot services such as these, integration with the carrier’s existing core network may be limited to the subscriber repository, such as an HSS or HLR. Whether the subscriber is automatically offloaded to the Wi-Fi hotspot services or logs in manually through a web portal interface, authorization (whether or not the subscriber has access to this service) can occur in tandem with the authentication process, as previously discussed in the context of Wi-Fi offload. For scenarios with more closely converged services, such offering as a shared account balance for prepaid mobile data and metered Wi-Fi hotspot services, integration at the charging level may be required.

The potential also exists to create differentiated and tiered services surrounding Wi-Fi hotspots. For example, a carrier could charge a higher rate for prepaid Wi-Fi hotspot services at hotels and airports than at parks and museums.

Wi-Fi Passes & International Roaming

Carriers can extend their Wi-Fi hotspot business models to offer Wi-Fi data passes to new and existing customers as well as for Wi-Fi roaming options. Wi-Fi data passes afford casual users more longevity than a single session without the commitment of a subscription. Wi-Fi data passes can offer unlimited or volume-limited service for a day, week or month, for example. Once the pass expires or the volume allotment is exhausted, the customer simply purchases another pass as he needs it. This is a popular option for roaming customers who may be traveling for a short period. For example, a carrier could offer an international Wi-Fi roaming pass with up to one week of unlimited access to their own hotspot network and international partner networks for a flat fee.

When exploring potential Wi-Fi hotspot business models and revenue opportunities, carriers must consider their target audiences and how those potential customers use the Wi-Fi hotspot network. At any given Wi-Fi hotspot, a diverse mix of customers may have widely different needs, expectations and device or payment capabilities. This can also vary from market to market. Overall, there is no one-size-fits-all business model, and the network architecture and level of integration with existing services will reflect the unique business goals of each carrier.

5. Forging Partnerships across the Wi-Fi Ecosystem

Wi-Fi hotspots present growing opportunities for carriers to foster widespread partnerships among a range of partners, from wireless internet service providers (WISPs), to aggregators like Boingo, to location owners such as hotels, airports and shopping centers, in order to create highly extensible, cost-efficient hotspot business models. Through partnerships and collaboration, carriers can ease Wi-Fi roaming and resale models and more rapidly grow their Wi-Fi hotspot footprint, while reducing overhead and infrastructure investments.

To make partnerships work across the Wi-Fi ecosystem, carriers are turning to their BSS / OSS or back office suppliers to provide a comprehensive partner management solution for Wi-Fi hotspot services. A complete, carrier-grade partner management solution for Wi-Fi hotspots includes the following features and functionalities:

  • Define and support multiple types of partners, including roaming, interconnect, resellers and suppliers
  • Track commissions, as a percentage of sale or usage
  • Perform accurate reconciliation and settlement
  • Monitor performance of partner networks with business intelligence and revenue reporting tools
  • CRM integration

The growth of partnerships among carriers and hotspot providers bolsters the potential to develop Wi-Fi networks that are as consistent and unified as other access technologies. Widespread access to quality Wi-Fi services is likely to prove an appealing prospect for attracting new customers and network partners.

Case Study: Growing a Wi-Fi Hotspot Business Model with Tier-1 Operator

Alepo’s work with one of the largest mobile operators in Western Africa provides a real-world example of the viable business opportunities surrounding Carrier Wi-Fi. To read the full case study on this project, please visit


With more than five million subscribers, the client is the leading mobile operator in Cameroon. In 2010, the client decided to expand its services portfolio by building out a nationwide network of Wi-Fi hotspots for prepaid internet services. Integration of the Wi-Fi hotspot network with the existing mobile network infrastructure would allow client’s mobile subscribers to maintain a single balance for 3G and Wi-Fi services and to top up with a single voucher, creating a consistent and simple customer experience across services and hotspot locations.

This project also focused heavily on the development of a micro-business partnership model, wherein small businesses and institutions could establish a client’s Wi-Fi hotspot at their respective locations, such as cafes, hotels or universities, and create revenue sharing agreements with the client. This would allow the client to quickly and cost-effectively expand its nationwide Wi-Fi hotspot footprint, and would drive client’s customers to the hotspot locations.

Solution Highlights

In collaboration with the client, Alepo deployed an end-to-end Wi-Fi hotspot platform that enabled the carrier to rollout prepaid Wi-Fi services alongside their existing mobile data services on an expansible, nationwide Wi-Fi hotspot network. The fully monetized, integrated solution made it simple and convenient for customers to buy and consume Wi-Fi services at any client’s partner Wi-Fi hotspot location. Real-time policy and charging ensured zero leakage of revenue, even as customers moved from hotspot to hotspot. What’s more, Alepo’s centralized partner management tools made it possible to readily grow client’s Wi-Fi footprint through revenue sharing partnerships in a highly cost-effective way.

Solution Components

Alepo Service Enabler for Wi-Fi (Including AAA & Prepaid Charging)

Alepo deployed its all-inclusive policy, charging and business management platform, Service Enabler, configured for prepaid policy and charging control, and integrated it with the existing core network. The scalable, modular system was adapted for client to handle the real-time rating, prepaid charging, accounting, reporting as well as user and reseller management for the operator’s expansive Wi-Fi Hotspot network.

The Alepo SE platform included the following modules and services:
  • AAA Layer to handle user authentication and quota-based accounting
  • Real-Time Prepaid Rating & Charging to afford the utmost granularity in creating viable service offerings while ensuring zero leakage of revenue
  • Partner Management to enable portal branding, usage-based commissioning, and customer service
  • Reporting Engine to provide 360° visibility of the network, including revenue, user and network performance metrics
  • Alepo SE Web Portals to manage customers and partners – including the ability to set commissions – and to configure business plans, manage IP pools, online sessions, revenue, reports and more.


Alepo IN to IP Charging Gateway

Bridging the gap between the legacy GSM network and the IP-based Wi-Fi network, the Alepo IN to IP Charging Gateway makes it possible for the client to maintain a single, centralized balance manager across all networks and services. The real-time charging gateway works to query and manage balance information between the IN and the Alepo charging node.

Alepo Hotspot Portal

Via Alepo’s Hotspot Portal, any customer can select a Wi-Fi pass and prepay for services using a credit card or prepaid voucher. The client’s existing subscribers also have an option to charge the Wi-Fi services to their existing mobile account as a value-added service. In addition, the portal was customized to mimic the look and feel of the existing portal, creating a seamless experience between mobile and Wi-Fi.

Alepo Wi-Fi Hotspot Server

Alepo’s Wi-Fi Hotspot Server is a robust solution that turns Wi-Fi technology into a carrier-grade solution, engendering innovative and expansible business models. The unique solution enables location mapping and identification. It is used to perform rating and charging based on location, whether the location is a switch with multiple access points (hotel), a single access point or even a single CPE / MAC address. This affords operators granular control over each access point, while maintaining a centralized access network / enforcement point.

The Alepo Wi-Fi Hotspot Server includes a Network Monitoring Server (NMS) to track the performance of hotspot locations and access points using SNMP-based management interfaces. It provides a dashboard to monitor the distributed network, including such information as AP uptime, throughput and more. With built-in DHCP functionality, it also maintains and assigns IP addresses at the start of each user session.



Pin It on Pinterest