Privacy: MAC Randomization

Starting in Android 8.0, Android devices use randomized MAC addresses when probing for new networks while not currently associated with a network. In Android 9, you can enable a developer option (it's disabled by default) to cause the device to use a randomized MAC address when connecting to a Wi-Fi network.

In Android 10, MAC randomization is enabled by default for client mode, SoftAp, and Wi-Fi Direct.

MAC randomization prevents listeners from using MAC addresses to build a history of device activity, thus increasing user privacy.

Additionally, MAC addresses are randomized as part of Wi-Fi Aware and Wi-Fi RTT operations.

Implementation

To implement MAC randomization on your device:

  1. Work with a Wi-Fi chip vendor to implement the following HAL methods:

    • IWifiStaIface#setMacAddress: Configures the MAC address of the interface. The default implementation brings the interface down, changes the MAC address, and brings the interface back up.
    • IWifiStaIface#getFactoryMacAddress: Gets the factory MAC of wlan0 using an ioctl call.
    • ISupplicantP2pIface#setMacRandomization: Sets P2P MAC randomization on/off in the supplicant.
  2. Set config_wifi_connected_mac_randomization_supported to true in the Settings config.xml (this can be done in a device custom overlay).

    • This flag is used to control whether client-mode MAC randomization is enabled.
  3. Set config_wifi_p2p_mac_randomization_supported to true in the Settings config.xml (this can be done in a device custom overlay).

    • This flag is used to control whether Wi-Fi direct MAC randomization is enabled.
  4. Test your implementation using the methods described in Validation.

The System UI must:

  • Have an option to enable or disable randomization for each SSID.
  • Have MAC randomization enabled by default for all newly added networks.

Use the reference implementation of Settings UI to implement new prompts.

Devices running Android 9 or lower might not have support for Wi-Fi MAC randomization. When upgrading such devices to Android 10, the Wi-Fi MAC randomization feature can be disabled by setting the WIFI_HIDL_FEATURE_DISABLE_AP_MAC_RANDOMIZATION flag to true in the Wi-Fi vendor HAL make file.

Validation

To validate that the feature is working as intended, run both an integration test (ACTS) and a manual test.

To run an integration test, use the ACTS file, WifiMacRandomizationTest.py, located in tools/test/connectivity/acts/tests/google/wifi, to verify that the device uses the randomized MAC address and correctly stores the randomized MAC address for each network.

To run a manual test:

  1. Verify that MAC randomization is enabled on the device by checking that config_wifi_connected_mac_randomization_supported is set to true in the device overlay.
  2. Connect to a Wi-Fi network.
  3. Tap the network to go to the Network details page. Verify that MAC randomization is turned on. Verify that the MAC address displayed is a randomized MAC, which has the locally generated bit set to 1 and the multicast bit set to 0.
  4. Turn MAC randomization off. Connect to the same network and verify that the factory MAC is being used.
  5. Delete the network by tapping Forget on the Network details page.
  6. Connect to the same network and verify that the same randomized MAC address is being used.

To test MAC randomization on a pre-Android 10 device (capable of supporting MAC randomization) upgrading to Android 10 or higher:

  1. Have at least one saved network on a device running Android 9 or lower.
  2. Flash the Android 10 system image.
  3. In the Wi-Fi picker, verify that MAC randomization is turned off for all saved networks.
  4. Turn MAC randomization on. Connect to the same network and verify that the randomized MAC is being used.