Apple will have iOS 14, iPadOS 14, and watchOS 7 randomize MAC addresses in the name of privacy

By Oliver Haslam
published

How to use widgets on your iPhone Home screen
How to use widgets on your iPhone Home screen (Image credit: Joseph Keller / iMore)

What you need to know

  • Apple's iOS 14, iPadOS 14, and watchOS 7 will be able to randomize devices' MAC addresses.
  • Apple says it will help with user privacy.
  • But this will need to be disabled in some network settings.

Apple will release iOS 14, iPad 14, and watchOS 7 to the public later this year and developers are already testing them out. Apple has also published some support documentation for the updates ahead of time with one tidbit proving particularly interesting. All three of those updates will be able to randomize a device's MAC address to help maintain user privacy.

Spotted by Stephen Hacket at 512 Pixels, the support document explains (opens in new tab) that while a MAC address is a great way to identify a device, that identification also makes it perfect for tracking users.

To communicate with a Wi-Fi network, a device must identify itself to the network using a unique network address called a media access control (MAC) address. If the device always uses the same Wi-Fi MAC address, network operators and other network observers can more easily relate that address to the device's network activity and location over time. This allows a kind of user tracking or profiling, and it applies to all devices on all Wi-Fi networks.To reduce this privacy risk, iOS 14, iPadOS 14, and watchOS 7 include a feature that periodically changes the MAC address your device uses with each Wi-Fi network. This randomized MAC address is your device's private Wi-Fi address for that network—until the next time it joins with a different address.

And that's great, for users at least. But as Hacket also points out, there is a potential for all kinds of problems here.

Many enterprise Wi-Fi setups rely on identifying MAC addresses as a way to handle authentication. If a device doesn't present a MAC address that's approved, it can't get onto the network. Some particularly security-conscious home users might have a similar switch flipped in their civilian setups, too. In both cases, having a device change something that's historically been static could lead to all kinds of unforeseen problems.

Thankfully Apple will allow this MAC randomization to be disabled at will. It also appears to be disabled by default, too. At least, it is in the current developer beta of iOS 14.

Oliver Haslam
Oliver Haslam
Contributor

Oliver Haslam has written about Apple and the wider technology business for more than a decade with bylines on How-To Geek, PC Mag, iDownloadBlog, and many more. He has also been published in print for Macworld, including cover stories. At iMore, Oliver is involved in daily news coverage and, not being short of opinions, has been known to 'explain' those thoughts in more detail, too.

Having grown up using PCs and spending far too much money on graphics card and flashy RAM, Oliver switched to the Mac with a G5 iMac and hasn't looked back. Since then he's seen the growth of the smartphone world, backed by iPhone, and new product categories come and go. Current expertise includes iOS, macOS, streaming services, and pretty much anything that has a battery or plugs into a wall. Oliver also covers mobile gaming for iMore, with Apple Arcade a particular focus. He's been gaming since the Atari 2600 days and still struggles to comprehend the fact he can play console quality titles on his pocket computer.

2 Comments
  • Yea. I have on occasion used MAC address filtering on my home network for added security. Randomizing MACs would eliminate that option. Worked at several places that used that as it as well. Some to the point of assigning a switch port to a particular MAC address, so you couldn't just plug your device in anywhere. Good that that this is both optional and off by default. Might be nice if you could tie it to an SSID. It would be consistent with specified SSIDs, home, work, but random with all others, Starbucks, library, etc.
  • The per-SSID option would make tons of sense. It does feel like a menu-too-far for Apple though.