Is India’s new public WiFi project safe for users?
- Millions of consumers across India may soon enjoy free public WiFi anywhere in the country, even in places without mobile coverage – and at all times.
- The convenience, after four years of mere talks, may come with a heavy price tag on users’ security.
India has long been at odds with itself over the deployment of public WiFi, with its access still scarce in cities such as Mumbai and New Delhi. Some four years ago, public WiFi became a part of the national discussion, especially during the country’s elections. Yet, a countrywide ubiquitous public WiFi network is still nowhere in sight.
That is until recently, when the Union Cabinet cleared a proposal by the Department of Telecommunications to set up public WiFi access network interfaces. Called the WiFi Access Network Interface, or PM-WANI, it involves establishing public gathering places — such as a grocery store or a sundry shop — as official public data offices (PDOs) where wireless internet will be available via an app to registered users.
The PDOs won’t need to pay any licensing or registration fee to have the wifi set up, the government announced. The scheme “will revolutionize the tech world,” Prime Minister Narendra Modi tweeted.
But public WiFi has its share of detractors, with its potential risks and cybersecurity vulnerabilities rather well-documented. Frankly, the Indian government is aiming for last-mile connectivity and experts believe public networks increase the proliferation of internet services in the country. The PDOs will basically be sort of mom-and-pop stores and other small retail outlets across the length and breadth of the country.
For context, there were 687.6 million internet users in India in January 2020 and the number of internet users in India increased by 128 million (+23%) between 2019 and 2020. Meanwhile, Internet penetration in India stood at 50% in January 2020.
Rolling out India’s public WiFi
According to Indian Express, at the bottom of the network’s pyramid will be the PDO, which will establish, maintain, and operate compliant WiFi access points, or routers, and deliver broadband services to subscribers.
Covering a segment of PDOs will be a PDO Aggregator (PDOA), which will perform the functions relating to authorization and accounting. A mobile app is in development for users to register on to the network, make payments to subscribe to the network, and to discover nearby hotspots.
The Centre for Development of Telematics (C-DoT) will be maintaining the central registry including the details of app providers, PDOAs, and PDOs.
The red flag with public WiFi hotspots is that they are vulnerable to hacks, including the paid ones at hotels and airports that can be tapped into wirelessly. The best-practice recommendation is for users not to transmit user names, passwords, make payments, or conduct credit card or other financial transactions on public WiFi networks.
Using a Virtual Private Network is the surest way to access public WiFi networks safely. Otherwise, one would be at risk of being a victim of ‘Be it the Evil Twin’ deployment (a fake mirror hotspot set up by the hacker) or ‘Sniffing’ on the WiFi network and collating users’ info, ‘Man-in-the-Middle’ attacks, or even ‘Side Jacking’.
Potential internal and home security risks of wide-scale public WiFi networks also abound. Especially in India, a country that is fighting terrorism not just on its borders, but well within its territory. There have been past instances of terrorist groups communicating with each other, media, and the police using WiFi networks during the 2008 New Delhi and Ahmedabad bomb blasts – a cause for Indian public agencies’ apprehension about giving permission for wide-scale public wireless deployments.
Additionally, several tech giants have raised questions over the viability of public WiFi networks in India after having tried and failed in the recent past. In 2017, social media company Facebook launched Express Wi-Fi and it made little impact. Google’s Station project, to provide free wi-fi in more than 400 railway stations across India and “thousands” of other public places was launched in 2015, and was shut down earlier this year.
- Huawei, AWS, Microsoft boosting digital skills in Southeast Asia
- Reece unlocks data to power its competitive advantage with SnapLogic’s intelligent integration
- Advanced persistent threat methods to enable a new wave of destruction attacks
- Businesses need to focus on new IT to innovate for the future
- Amazon: for 2023, here are the five tech predictions propelled by cloud technologies