MAC Address Randomization and IoT Security
0
Created On 09/28/20 16:49 PM - Last Modified 07/19/22 23:19 PM
Objective
The iOS 14, iPadOS 14, watchOS 7, and Android 10 operating systems have a feature that increases user privacy. By default, these systems randomize the Wi-Fi MAC address that mobile devices use when connecting to a wireless network, making it impossible to track the activity and location of a device across networks. However, because a device always uses the same randomly generated MAC address for the same network, it is still possible to track the activity and location of a device with a randomized MAC address across multiple connections to the same network.
Environment
iOS 14, iPadOS 14, watchOS 7, and Android 10 operating systems.
Procedure
Enable MAC Address Randomization for Increased Privacy
MAC address randomization increases user privacy and does not interfere with the ability of IoT Security to use AI and machine learning to analyze the network behavior patterns of a device to discover its identity and track its activity. IoT Security simply uses the network-specific MAC address. Although it is randomly generated, the address will remain constant for that network.
The only issue would be if a device using its real MAC address is added to the IoT Security inventory and then the device rejoins the network later with a randomized MAC address. In this case, IoT Security will consider it a new device and add it to its inventory again, resulting in two entries for the same device, each one applied to a different MAC address.
When to Disable MAC Address Randomization
Some networks use MAC addresses in access control lists (ACLs) to allow and deny network access. If the real MAC addresses of Apple and Android devices are included in these ACLs and these devices randomize their MAC addresses, the ACLs won’t work properly. For these networks, we recommend disabling MAC address randomization.
Additional Information
In Apple mobile operating systems, the feature is called Private Address and is controlled per wireless network in the network settings section. For information about enabling and disabling it, see https://support.apple.com/en-us/HT211227.
Android refers to it as Randomized MAC and allows you to enable and disable it in the advanced settings for each wireless connection. For Android instructions, see https://www.techrepublic.com/article/how-to-enable-a-randomized-mac-address-in-android-10/.