How MTS builds public Wi-Fi networks for business with user identification
Today, our blog is conducted by Andrey Plavich, marketing and product manager of the business market, he will talk about the MTS experience in building Wi-Fi networks with user identification - a topic that concerns active consumers of public Wi-Fi networks (in cafes, restaurants, public transport ) no less than the business itself, which is obliged to provide this identification. So, we give the word to Andrey Plavich:
Hello! I'll start with the background of the issue. In 2014, the Russian government adopted a number of resolutions that all legal entities are obliged to ensure the identification of users on their open Wi-Fi networks. Three methods of identification were identified, they are indicated in the graph below.
After that, Roskomnadzor conducted a massive check of open institutions with public Wi-Fi, found violations. As a result, the business has a request for a product that allows user identification. Proceeding from legislative innovations, we have developed a universal product for the market, which provides for the creation of a Wi-Fi zone with identification.
The easiest and most interesting option for us and our customers to identify the user was the option based on the mobile phone number. And here's why: the first method, with passport data, is chosen extremely rarely. There are few customers who have an appropriately certified system for conveniently collecting personal data of visitors. The only exception is hotels. In the cafe, where people run to drink coffee for 15 minutes, no one will collect passports.
Identification by state services is also limited. At least due to the fact that not all are registered in State Services. And to enter a cell phone number is easy and familiar, everyone remembers the 11 digits of the number by heart, and it is often used to sign in to the social network. Plus, this method is available not only for residents of Russia, but also for foreigners. They often need Wi-Fi than us.
')
So, we have developed three identification algorithms by number. The first stage of all three algorithms is similar. In each method, the user connects to the Wi-Fi network on the device from which he wants to use internet access (smartphone, tablet, laptop) and goes to the identification start page. Indicates your phone number and presses the button further. The system at the same time remembers a bunch of mobile phone numbers and the MAC address of the device from which you need access to the Internet. Further options are possible:
1. The user receives the access code on the phone and enters it on the identification page. Based on the combination of the specified number and the MAC address of the device used to access the Internet, we establish that the user specified during registration is holding in his hands. After that, we provide access to the fixed MAC address. This scheme was previously used in the Moscow metro.
2. The user sends an SMS from the phone to the Moscow federal number. When we receive this SMS, we see from which number it was sent. Accordingly, we also set the number and provide Internet access for the fixed MAC address. Such a scheme is now used in the Moscow metro.
3. The user from his number makes a call to our Moscow number. We see the incoming call, determine the number, but do not pick up the phone, play the message in the form of a beep and reset the call. Once the user was able to make a call from this number, it means that he owns it at the moment. After that, we provide Internet access for the fixed MAC address.
In the first case, the owner of the Wi-Fi zone pays for the SMS sent by the user (if, of course, this is not the MTS number to which we can send a free message). That is why the metro refused to use this method by default - to reduce costs. In the second case, the user pays for the SMS itself - as part of its tariff. The message is charged as an SMS sent to a regular Moscow number. The third method, which we recently introduced, is unique in that it is completely free for everyone. The fact is that when a user calls, we reset this call - there is no connection fact. Competitors have almost no such proposals, startups have this option paid.
To connect you need to implement three main components of the service: build a Wi-Fi network at the facility (conduct radio planning and install Wi-Fi equipment), implement an Internet access channel for the built zone and provide user identification. Depending on the availability of each component at the customer, different variants of service implementation are possible. In the first variant, we implement the “target scheme”, that is, we do everything from scratch “on a turn-key basis”. We put the equipment, give identification and access to the Internet. The second option is when the client already has its own Wi-Fi zone. He once made a "eurorepair", sewed into the dashboard access point, did the layout, etc. In this case, on the equipment of the client, we can give access to the Internet and identification. Moreover, our system is set up in such a way that it doesn’t matter to us which manufacturer of these access points: from the cheapest type D-Link or to the most expensive ones like Ruckus, Aruba. We have made our product absolutely universal.
The third option: when the client also has everything, and even access to the Internet, but from another provider. This may be in a situation where there is a unique provider of Internet access in some business center. In this case, we can only give identification on our platform. All three options are clearly reflected in the diagram:
We also often encounter requests from large network companies, whose offices are scattered throughout the country, to build a single Wi-Fi network for them. That is, the company has many access points from different suppliers of the Internet, we combine these access points into a single network. For hardware, it looks like this: there are access points of any manufacturer, they can be with controllers, can be without, maybe just a router, maybe a full-fledged network of dozens of access points. This all “comes” to our specially installed platform, which is responsible for identifying the user (roughly speaking, this is a RADIUS server). Everything “comes” to this server and is processed there. There is also an identification. And at the moment when identification is passed, we open access to the Internet.
If a client in one of the company's offices passed identification, and then flew to Vladivostok and went to another office of the same company - he no longer needs to re-authenticate. This gives a significant advantage to companies that have a separate network of offices.
Another important point. Since Wi-Fi from a shareware service (bought a router and only pay for the network) suddenly turned into a paid service (because the service provider or startup has to pay for the identification), this has created additional costs within the company. Business began to look for ways to recoup these costs. The market gave the answers. Here are the key options, as it is now possible to monetize a Wi-Fi network on your site. First of all, this can be done by marketing the brand through the network platform. The network name (SSID) is customized, the portal's identification page, in addition, after connecting, you can automatically redirect the user to the page of a specific site. Previously identified users may not be immediately allowed onto the Internet when reconnecting, but displayed on the page with the “Enter Internet” button, on which the owner of a point can post their content (third-party advertising is displayed on the subway page).
We can also offer third-party advertising along with revenue sharing models. But revenues will depend on the patency in a particular Wi-Fi zone. The zone owner himself decides whether he should fill his network with third-party advertising for a small profit or make pages exclusively for his brand (as part of his web-representation). Although for the same business centers, shopping centers, it is interesting to display information (advertising) from tenants on the start page (someone has such a discount, a promotion, etc.). This will have a greater effect than advertising completely third-party companies that are not related to the owner of the institution. Also on the start page you can arrange a survey, get feedback from users. We are actively working on automating user feedback, simplifying the implementation of these options for customers.
A huge plus for the client is that we provide him with connection statistics. In fact, he has at his disposal non-personalized contact details of his clients. He sees how often the same people come to him.
Plus, we can hang a special offer that the client can accept and allow in this way sending him special offers. In addition to Wi-Fi, we can offer SMS-broadcasts, auto-voice information, services of a commercial call center. At the beginning of next year, we plan to implement opportunities to promote the brand through social networks using Wi-Fi, which, of course, will be in demand among customers.
Naturally, the easiest way to get this whole range of services is to turn to large operators, not start-ups, which can solve only one of the issues, but not the complex of all tasks. In addition, in the case of a startup, the risks to the business that are hidden in the new requirements are not removed. The fact is that the owner of the Wi-Fi zone on a quarterly basis will have to send the operator a list of persons using his user (terminal) equipment. The list should include: the name of the end user, details of the main identity document (passport of the citizen of the Russian Federation) and place of residence. When working directly with the operator, and not with a startup, it is easier to relieve yourself of these responsibilities and close the chain of solving all issues at once on the operator.
Hello! I'll start with the background of the issue. In 2014, the Russian government adopted a number of resolutions that all legal entities are obliged to ensure the identification of users on their open Wi-Fi networks. Three methods of identification were identified, they are indicated in the graph below.
After that, Roskomnadzor conducted a massive check of open institutions with public Wi-Fi, found violations. As a result, the business has a request for a product that allows user identification. Proceeding from legislative innovations, we have developed a universal product for the market, which provides for the creation of a Wi-Fi zone with identification.
The easiest and most interesting option for us and our customers to identify the user was the option based on the mobile phone number. And here's why: the first method, with passport data, is chosen extremely rarely. There are few customers who have an appropriately certified system for conveniently collecting personal data of visitors. The only exception is hotels. In the cafe, where people run to drink coffee for 15 minutes, no one will collect passports.
Identification by state services is also limited. At least due to the fact that not all are registered in State Services. And to enter a cell phone number is easy and familiar, everyone remembers the 11 digits of the number by heart, and it is often used to sign in to the social network. Plus, this method is available not only for residents of Russia, but also for foreigners. They often need Wi-Fi than us.
')
So, we have developed three identification algorithms by number. The first stage of all three algorithms is similar. In each method, the user connects to the Wi-Fi network on the device from which he wants to use internet access (smartphone, tablet, laptop) and goes to the identification start page. Indicates your phone number and presses the button further. The system at the same time remembers a bunch of mobile phone numbers and the MAC address of the device from which you need access to the Internet. Further options are possible:
1. The user receives the access code on the phone and enters it on the identification page. Based on the combination of the specified number and the MAC address of the device used to access the Internet, we establish that the user specified during registration is holding in his hands. After that, we provide access to the fixed MAC address. This scheme was previously used in the Moscow metro.
2. The user sends an SMS from the phone to the Moscow federal number. When we receive this SMS, we see from which number it was sent. Accordingly, we also set the number and provide Internet access for the fixed MAC address. Such a scheme is now used in the Moscow metro.
3. The user from his number makes a call to our Moscow number. We see the incoming call, determine the number, but do not pick up the phone, play the message in the form of a beep and reset the call. Once the user was able to make a call from this number, it means that he owns it at the moment. After that, we provide Internet access for the fixed MAC address.
In the first case, the owner of the Wi-Fi zone pays for the SMS sent by the user (if, of course, this is not the MTS number to which we can send a free message). That is why the metro refused to use this method by default - to reduce costs. In the second case, the user pays for the SMS itself - as part of its tariff. The message is charged as an SMS sent to a regular Moscow number. The third method, which we recently introduced, is unique in that it is completely free for everyone. The fact is that when a user calls, we reset this call - there is no connection fact. Competitors have almost no such proposals, startups have this option paid.
How does the deployment of a Wi-Fi zone with identification physically look like?
To connect you need to implement three main components of the service: build a Wi-Fi network at the facility (conduct radio planning and install Wi-Fi equipment), implement an Internet access channel for the built zone and provide user identification. Depending on the availability of each component at the customer, different variants of service implementation are possible. In the first variant, we implement the “target scheme”, that is, we do everything from scratch “on a turn-key basis”. We put the equipment, give identification and access to the Internet. The second option is when the client already has its own Wi-Fi zone. He once made a "eurorepair", sewed into the dashboard access point, did the layout, etc. In this case, on the equipment of the client, we can give access to the Internet and identification. Moreover, our system is set up in such a way that it doesn’t matter to us which manufacturer of these access points: from the cheapest type D-Link or to the most expensive ones like Ruckus, Aruba. We have made our product absolutely universal.
The third option: when the client also has everything, and even access to the Internet, but from another provider. This may be in a situation where there is a unique provider of Internet access in some business center. In this case, we can only give identification on our platform. All three options are clearly reflected in the diagram:
We also often encounter requests from large network companies, whose offices are scattered throughout the country, to build a single Wi-Fi network for them. That is, the company has many access points from different suppliers of the Internet, we combine these access points into a single network. For hardware, it looks like this: there are access points of any manufacturer, they can be with controllers, can be without, maybe just a router, maybe a full-fledged network of dozens of access points. This all “comes” to our specially installed platform, which is responsible for identifying the user (roughly speaking, this is a RADIUS server). Everything “comes” to this server and is processed there. There is also an identification. And at the moment when identification is passed, we open access to the Internet.
If a client in one of the company's offices passed identification, and then flew to Vladivostok and went to another office of the same company - he no longer needs to re-authenticate. This gives a significant advantage to companies that have a separate network of offices.
Another important point. Since Wi-Fi from a shareware service (bought a router and only pay for the network) suddenly turned into a paid service (because the service provider or startup has to pay for the identification), this has created additional costs within the company. Business began to look for ways to recoup these costs. The market gave the answers. Here are the key options, as it is now possible to monetize a Wi-Fi network on your site. First of all, this can be done by marketing the brand through the network platform. The network name (SSID) is customized, the portal's identification page, in addition, after connecting, you can automatically redirect the user to the page of a specific site. Previously identified users may not be immediately allowed onto the Internet when reconnecting, but displayed on the page with the “Enter Internet” button, on which the owner of a point can post their content (third-party advertising is displayed on the subway page).
We can also offer third-party advertising along with revenue sharing models. But revenues will depend on the patency in a particular Wi-Fi zone. The zone owner himself decides whether he should fill his network with third-party advertising for a small profit or make pages exclusively for his brand (as part of his web-representation). Although for the same business centers, shopping centers, it is interesting to display information (advertising) from tenants on the start page (someone has such a discount, a promotion, etc.). This will have a greater effect than advertising completely third-party companies that are not related to the owner of the institution. Also on the start page you can arrange a survey, get feedback from users. We are actively working on automating user feedback, simplifying the implementation of these options for customers.
A huge plus for the client is that we provide him with connection statistics. In fact, he has at his disposal non-personalized contact details of his clients. He sees how often the same people come to him.
Plus, we can hang a special offer that the client can accept and allow in this way sending him special offers. In addition to Wi-Fi, we can offer SMS-broadcasts, auto-voice information, services of a commercial call center. At the beginning of next year, we plan to implement opportunities to promote the brand through social networks using Wi-Fi, which, of course, will be in demand among customers.
Naturally, the easiest way to get this whole range of services is to turn to large operators, not start-ups, which can solve only one of the issues, but not the complex of all tasks. In addition, in the case of a startup, the risks to the business that are hidden in the new requirements are not removed. The fact is that the owner of the Wi-Fi zone on a quarterly basis will have to send the operator a list of persons using his user (terminal) equipment. The list should include: the name of the end user, details of the main identity document (passport of the citizen of the Russian Federation) and place of residence. When working directly with the operator, and not with a startup, it is easier to relieve yourself of these responsibilities and close the chain of solving all issues at once on the operator.
Source: https://habr.com/ru/post/313168/
All Articles