An electronic device capable of wireless communications may establish a connection with a one or more wireless access networks, such as wireless local area networks (WLAN networks) or wireless cellular networks. Example cellular networks include: GSM EDGE Radio Access Network (GERAN); Universal Mobile Telecommunications System (UMTS) Terrestrial Radio Access Network (UTRAN); Evolved UTRAN (E-UTRAN). WLAN network based access networks include Institute of Electrical and Electronics Engineers (IEEE) 802.11 networks (commonly referred to as Wi-Fi networks). An “open” WLAN network is an unsecured and/or unencrypted WLAN network. For example, an open WLAN network will typically not include Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) security. Typically, an open WLAN network may be provided in a public location, such as an airport or library. An open WLAN network may also be provided by a private business, such as a coffee shop, restaurant, fitness center, etc. One method for allowing and controlling access to an open network is through the use of a secured website such as a Hotspot or Captive Portal landing page that the device must “log in” to in order to have access to the network. Upon connection to the open WLAN network by the device, the landing page is presented to the user of the electronic device (via a browser application). Credentials such as a user name or password may be required to log in to the landing page in order to authenticate the device. Upon completion of this authentication process, conditional access to the open WLAN network may be granted. Such access techniques may be referred to may be referred to as a Universal Access Method (UAM).
Conventionally, an Application Program Interface (API) that manages Captive Portal authentication does not automatically log in into the WLAN network infrastructure. Rather, the Captive Portal API checks whether the WLAN network connection is a part of a Captive Portal infrastructure, and then hands the login task over to the device's browser application. Existing browser applications may typically store and/or pre-fill the credentials in the Captive Portal landing page. A similar procedure may typically be followed for a Hotspot network.
The authentication of a device for accessing an open WLAN network may be temporary and expire after a predetermined amount of time, thereby requiring re-log in to the Captive Portal or Hotspot webpage in order to re-authenticate the device. Re-authentication may also be required if the electronic device disconnects and reconnects to the open WLAN network (e.g. due to roaming in and out of the coverage area of the open WLAN network). Conventional browser applications do not automatically perform a re-log in. Thus, a user may be periodically required to re-enter and/or resubmit credentials to re-authenticate the electronic device with the Captive Portal or Hotspot landing page. From the perspective of the user, the WLAN network access chain is broken in two places and includes two distinct connectivity stages: (1) the lower network layer, which includes a WLAN profile for Access Point (AP) wireless connectivity; and (2) the higher application layer within the browser for internet/intranet connectivity.
Conventionally, the browser application manages the secured website authentication process and stores credentials for the secured website in a browser data storage space. Such credentials may be vulnerable to being spoofed by third party applications. Captive Portal credentials may, for example, be particularly vulnerable if stored using a third party browser instead of native browser for the device. Furthermore, browser-managed credentials are not conventionally pushed to the device.
Another disadvantage of existing systems is that a device browser may not conventionally associate website credentials with a particular/specific WLAN network or for a specific network access. Existing device browsers are incognizant or act independently of the underlying wireless network access (e.g. Wi-Fi or Cellular), and they are also incognizant or act independently of the lower layer network security (e.g. Wi-Fi encrypted or open connectivity). Conventionally, browsers may store and pre-fill credentials in a webpage regardless of the current network connection.