Wi-Fi privacy
MAC address randomisation
Apple platforms use a randomised media access control address (MAC address) when performing Wi-Fi scans when not associated with a Wi-Fi network. These scans can be performed to find and connect to a known Wi-Fi network or to assist Location Services for apps that use geofences, such as location-based reminders or fixing a location in Apple Maps. Note that Wi-Fi scans that happen while trying to connect to a preferred Wi-Fi network aren’t randomised. Wi-Fi MAC address randomisation support is available on iPhone 5 or later.
Apple platforms also use a randomised MAC address when conducting enhanced Preferred Network Offload (ePNO) scans when a device isn’t associated with a Wi-Fi network or its processor is asleep. ePNO scans are run when a device uses Location Services for apps that use geofences, such as location-based reminders that determine whether the device is near a specific location.
Because a device’s MAC address changes when disconnected from a Wi-Fi network, it can’t be used to persistently track a device by passive observers of Wi-Fi traffic, even when the device is connected to a mobile network. Apple has informed Wi-Fi manufacturers that iOS and iPadOS Wi-Fi scans use a randomised MAC address and that neither Apple nor manufacturers can predict these randomised MAC addresses.
In iOS 14 or later, iPadOS 14 or later, and watchOS 7 or later, when an iPhone, iPad or Apple Watch connects to a Wi-Fi network, it identifies itself with a unique (random) MAC address per network. This feature can be disabled either by the user or by using a new option in the Wi-Fi payload. Under certain circumstances, the device will fall back to the actual MAC address.
For more information, see the Apple Support article Use private Wi-Fi addresses on iPhone, iPad and Apple Watch.
Wi-Fi frame sequence number randomisation
Wi-Fi frames include a sequence number which is used by the low-level 802.11 protocol to enable efficient and reliable Wi-Fi communications. Because these sequence numbers increment on each transmitted frame, they could be used to correlate information transmitted during Wi-Fi scans with other frames transmitted by the same device.
To guard against this, Apple devices randomise the sequence numbers whenever a MAC address is changed to a new randomised address. This includes randomising the sequence numbers for each new scan request that’s initiated while the device is unassociated. This randomisation is supported on the following devices:
iPhone 7 or later
iPad 5th generation or later
Apple TV 4K or later
Apple Watch series 3 or later
iMac Pro (Retina 5K, 27-inch, 2017) or later
MacBook Pro (13-inch, 2018) or later
MacBook Pro (15-inch, 2018) or later
MacBook Air (Retina, 13-inch, 2018) or later
Mac mini (2018) or later
iMac (Retina 4K, 21.5-inch, 2019) or later
iMac (Retina 5K, 27-inch, 2019) or later
Mac Pro (2019) or later
Wi-Fi connections
Apple generates randomised MAC addresses for the Peer-to-Peer Wi-Fi connections that are used for AirDrop and AirPlay. Randomised addresses are also used for Personal Hotspot in iOS and iPadOS (with a SIM card) and Internet Sharing in macOS.
New random addresses are generated whenever these network interfaces are started, and unique addresses are independently generated for each interface as needed.
Hidden networks
Wi-Fi networks are identified by their network name, known as a service set identifier (SSID). Some Wi-Fi networks are configured to hide their SSID, which results in the wireless access point not broadcasting the network’s name. These are known as hidden networks. iPhone 6s and later devices automatically detect when a network is hidden. If a network is hidden, the iOS or iPadOS device sends a probe with the SSID included in the request — not otherwise. This helps prevent the device from broadcasting the name of previously hidden networks a user was connected to, thereby further ensuring privacy.