WBA OpenRoaming™ FAQ
OpenRoaming™ brings together a federation of networks and identity providers, allowing users to join any network managed by a federation member.
WBA OpenRoaming™ is a global Wi-Fi roaming federation service, that enables an automatic and secure connection to Wi-Fi among a network of roaming partners that all adhere to the OpenRoaming™ framework. It provides a new global standards-led approach, removing public-guest Wi-Fi connectivity barriers and bringing greater convenience and security to the wireless ecosystem, enabling new business models. With WBA OpenRoaming™, we are creating an open connectivity framework for all organizations in the wireless ecosystem to power new opportunities in the 5G era.
WBA has worked since 2010 with its members to develop and evolve the necessary standards to ensure that Wi-Fi roaming had all the necessary components to work seamlessly and securely. Going forward, WBA will manage the development, promotion, and administration of OpenRoaming™ by providing an open platform. WBA hosts a unique set of assets for the functioning of the federation by, for instance, governing the Unique Organization Identifiers (WBAID), acting as policy authority of the security chain, normalizing the legal framework, among others. WBA will maintain and develop the OpenRoaming™ standards and its evolution and roadmap.
The WBA will manage and oversee the operation of the OpenRoaming™ federation and will also ensure continued development to the standardized framework to ensure that it delivers on continuing industry needs as they evolve. WBA has created an ecosystem of players, with defined roles and clear frameworks for implementation which are core to ensuring the federation works effectively, enables different business and service models, and delivers on the customer experience..
WBA OpenRoaming™ brings together a federation of trusted identity providers, allowing users to join any network managed by a federation member. The network automatically authenticates devices by using established identity providers, such as a service provider, device manufacturer, cloud ID or even loyalty memberships. WBA OpenRoaming™ bridges the gap between Wi-Fi and cellular networks and allows users to roam between Wi-Fi networks seamlessly and securely without the use of splash pages or sign-in screens. For users who are customers of these ‘identity providers’ this means they will simply automatically connect. It is based upon a set of industry standards including WBA’s Public Keying Infrastructure (PKI Radsec) for secure exchanges, Wireless Roaming Intermediary Exchange (WRiX), Wi-Fi Alliance’s Wi-Fi CERTIFIED Passpoint®, amongst others, that provide enhanced security and enable the federation to scale quickly.
WBA OpenRoaming™ has a wide ecosystem of players. Any company that owns or manages a Wi-Fi network, whether an operator, city, enterprise or venue, can become part of WBA OpenRoaming™ and enable their customers to automatically authenticate and connect to other national or international Wi-Fi networks within the WBA roaming federation ecosystem – creating and enhancing business revenues and customer satisfaction.
On the other hand, identity providers such as mobile operators, Wi-Fi service providers, device manufacturer, internet and social platform players and indeed to the Wi-Fi networks themselves in hotels, stadiums, coffee shops, transportation hubs and more, can take part leveraging a platform on which any business relationship can expand. WBA OpenRoaming™ enables a company to create the commercial and technical components swiftly and easily for multi-way relationships that provide access to potentially millions of networks. In a nutshell, WBA OpenRoaming™ is an open platform for WBA members and partners to enable new business opportunities.
The answer is all three! WBA OpenRoaming™ now becomes an open standard and the best practice for Wi-Fi Roaming globally. It creates a world where end-users can move seamlessly and automatically from one Wi-Fi network to another without the need to re-register, while also guaranteeing a secure connection.
Information can be found here on benefits to different industry players
Establishing multi-peer roaming agreements and standards between network providers can be a challenging process – making it difficult to scale relations and services. WBA OpenRoaming™ allows operators and network providers to build a strong Wi-Fi ecosystem across all geographic markets and develop Wi-Fi roaming services.
Additionally, OpenRoaming™ enables networks to enlarge their footprint using an established business framework that is accepted by majority of the leading Wi-Fi roaming providers globally. WBA OpenRoaming™ is a means to scale and grow their roaming and offload business effectively.
Main benefits are
- Provide a state-of-the-art Wi-Fi experience by enabling automatic and secure connectivity to Wi-Fi networks to your customers
- Provides unprecedented global reach to millions of Wi-Fi Hotspots supported by WBA OpenRoaming™ partners for your customers in venues from operators, enterprises, cities, among others
- Extend value for your customers and increase relevancy of your services
- Enlarge your customer satisfaction and show innovative services by enabling WBA OpenRoaming™
- Keep customers connected with WBA OpenRoaming™ while reducing operating expenses by way of Wi-Fi offload
In the WBA OpenRoaming™ federation, identity providers work with Wi-Fi network providers with WBA OpenRoaming™ acting as a centralized policy authority enabling identity providers and Wi-Fi network providers to deliver automatic and secure Wi-Fi experience to millions of users. In Wi-Fi, identity providers are often synonymous with network operators and ISP’s – but in reality it can be your device manufacturer (Samsung devices already are OpenRoaming™ enabled), it could be your favourite internet or social media platform or other public Wi-Fi service providers.
WBA OpenRoaming™ provides several benefits for identity providers, including:
- Solving the discovery and authentication challenge for your customers by providing automatic and secure Wi-Fi with other WBA OpenRoaming™ members
- Provides unprecedented global reach of millions of Wi-Fi Hotspots supported by WBA OpenRoaming™ partners
- Grows and scales your Wi-Fi business revenues (roaming and offload) or can provides opportunities to develop new business revenues and customers if you are just starting out.
- Future-proofs your network for convergence with 5G
- Enables you to easily build new roaming partnerships and enlarge your Wi-Fi portfolio of services
WBA OpenRoaming™ provides several benefits for Ecosystem Brokers, (who include OEM’s, certificate authorities, roaming hub providers, roaming interconnect players etc.) including:
- Support partner networks via the WBA OpenRoaming™ platform
- Grow your relationships and transactions leading to business and revenue growth.
- Provides an off-the-shelf solution using WBA OpenRoaming™ to connect operators and service providers
- Secures revenues as a WBA roaming agent (PKI certificate registration authority and/or WBAID broker)
- Accelerates Wi-Fi roaming portfolio
- Accelerates next generation Wi-Fi deployments to deliver streamlined network selection and secure connectivity with Passpoint®
WBA OpenRoaming™ provides several benefits for cities, enterprises, and venues, including:
- Extends relationships with customers beyond their own city, enterprise and venue
- Secures new revenue streams not previously possible
- Provides seamless and secure Wi-Fi roaming with other WBA OpenRoaming™ members
- Extends and builds new relationships to create new business opportunities
For IoT, one key issue for connecting to Wi-Fi is a ‘thing’ cannot enter a username or password. Possibly not so much of an issue if the device is static, but if it moves connecting to networks and authenticating is a big issue. So, if the IoT device is enabled for WBA OpenRoaming™, it will be able to connect when it needs to. Therefore, it is important that device manufacturer form a core part of the WBA OpenRoaming™ ecosystem.
Joining the WBA roaming federation & enabling OpenRoaming™ requires only a few steps:
- Sign up for WBA roaming federation (inclusive for WBA Members)
- Adopt roaming consortium OI (RCOI)
- Choose the roaming interconnection model through roaming hub, P2P connection or WBA OpenRoaming standard
- Select the partners, venues and organizations you wish to roam with
- Implement WBA roaming ID on the network
- You are ready to ROAM!
WBA OpenRoaming™ has no commercial arrangements with end user customers. WBA OpenRoaming™ members will define and manage the services that they plan to have on their networks and/or available to their customers, those may include Wi-Fi Offload, Wi-Fi Roaming, Wi-Fi Calling, Advertising among many others.
Yes, WBA OpenRoaming™ provides a platform for their members to develop their services and enable companies to support roaming over their own network and/or customers. OpenRoaming™ will not define or mandate any specific SSID or branding to their members. WBA OpenRoaming™ has no commercial arrangements with end user customers. WBA OpenRoaming™ members will define and manage the services that they plan to have on their networks and/or available to their customers, those may include Wi-Fi Offload, Wi-Fi Roaming, Wi-Fi Calling, Advertising among many others.
Yes, WBA OpenRoaming™ can support all different business and commercial models, from settled/paid to settlement free. A key building block of the framework is the WBA Wireless Roaming Intermediary eXchange (WRIX) provides a clear framework for interoperability including many areas but importantly for settlement and billing. This previous work for Wi-Fi to Wi-Fi roaming and Wi-Fi to Cellular offload today and is now extended to include WBA OpenRoaming™.
We are at the early stages of adoption where WBA will take the leadership and drive to scale globally working with our Roaming members. So whilst WBA OpenRoaming™ today will have limited impact on our current direct situation, in the future the ability to connect automatically to a Wi-Fi network will significantly enhance the ability to work remotely, connect with family and friends, wherever you are in the world. In addition, policies can be applied to give priority to emergency services in challenging situations. This will not only help offset some of the challenges of global or national emergencies but more generally enhance productivity of the global workforce and help to support a positive work/life balance.
Wi-Fi CERTIFIED Passpoint® is an industry standard from the Wi-Fi Alliance which when implemented on devices, streamlines access to Wi-Fi hotspots and eliminates the need for users to find and authenticate a network each time they connect. Passpoint is just one of the industry standards underpinning the WBA OpenRoaming™ framework. One of our aims with WBA OpenRoaming™ is to accelerate the adoption of Passpoint and with some of the other standards we make it easier and faster to scale Wi-Fi roaming relationships nationally and globally as well as enhance the security on public Wi-Fi networks.
Yes, OpenRoaming™ follows industry best practices in terms of roaming and offload developed to guarantee interoperability with cellular technology generations. Specifically, for service providers and 5G, OpenRoaming™ is intended to keep users connected while reducing operating expenses by the way of Wi-Fi offload. Moreover, when combined with Wi-Fi latest generations (such as Wi-Fi 6) it helps addressing a broad range of 5G use cases and helps to deliver real-world deployments.
WBA’s WRIX architecture supports Wi-Fi roaming, but to enable authentication, authorization, and accounting, a transport medium is needed between Operators and WRIX-i Providers.
Traditionally, IPsec VPN has been used for WRIX-i security. However, as Wi-Fi roaming scales, WBA is exploring automated security options, such as using RadSec/TLS instead of IP addresses and shared MD5 secrets. RadSec/TLS provides improved timeout, reliability, and fragmentation management compared to conventional UDP signaling. RadSec/TLS can be configured on a per-peer basis, and WRIX entities implementing it should have a list of Certification Authorities for incoming connections.