| One Idea How about offering people a "ticket" containing a temporary login/password for using the Wi-Fi network, a ticket they receive after purchasing something from the restaurant? |
|
| Lots of places used to do that but the administrative burden of constantly changing the login credentials and the systems needed to generate them, is a high-cost nightmare for retail establishments. |
|
|
|
 joakoPremium
join:2000-09-07
/dev/null
kudos:5
 ·Comcast
| said by ridethelight :
Lots of places used to do that but the administrative burden of constantly changing the login credentials and the systems needed to generate them, is a high-cost nightmare for retail establishments.
What overhead beyond the initial setup? You buy something and you get a receipt, right? The point-of-sale system generates a token, say a 10-character alphanumeric string and when you login to the WiFi you go through a walled garden and enter that token to receive (e.g.) 1 hour free WiFi access. To encourage sales they could even offer to sell 1 hour of WiFi access for $20.
--
PRescott7-2097 |
|
| That kind of system was fairly prevalent a few years ago but the time necessary to administer it is non-trivial, which means they have costs associated with them which may exceed whatever benefit having it provides. Because of that you don't see them much now. |
|
 RARPSL
join:1999-12-08
Suffern, NY | said by ridethelight :
That kind of system was fairly prevalent a few years ago but the time necessary to administer it is non-trivial, which means they have costs associated with them which may exceed whatever benefit having it provides.
I do not see what administration is needed. The password is a hash of the unique receipt number, a timestamp (ie: Date + HH:MM) and a secret salt string. The Server just accepts the Receipt number and uses its clock to complete the string to be hashed. Compare the supplied password with hashes using the past 10-15 minutes and you are done. So long as the clocks are synched there is no need to do any other synching (the receipt number is in essence a random number and does not need to be checked with the POS System). |
|
1 edit | reply to joako
said by joako:said by ridethelight :
Lots of places used to do that but the administrative burden of constantly changing the login credentials and the systems needed to generate them, is a high-cost nightmare for retail establishments.
What overhead beyond the initial setup? You buy something and you get a receipt, right? The point-of-sale system generates a token, say a 10-character alphanumeric string and when you login to the WiFi you go through a walled garden and enter that token to receive (e.g.) 1 hour free WiFi access. To encourage sales they could even offer to sell 1 hour of WiFi access for $20. 1: The cost of administering an active RADIUS server receiving potentially anywhere from Dozens to THOUSANDS of request per second (depending on the setup style and/or location which can range from a coffee shop to a bookstore to an airport or convention center) can make this simply unfeasible. Not to mention converting individual stores to using the process.
2: $20 for 1 Hour of WiFi Access? Never in this lifetime would I dare purchase that. For that price, I'll take my chances with a 3G card. |
|
 TomS_Git-r-donePremium,MVM
join:2002-07-19
Ireland
kudos:1 | There are numerous devices that will do this sort of thing off the shelf.
DLink made/makes one, and im sure many others do aswell. |
|
 SSidlovOther Things On My MindPremium
join:2000-03-03
Pompton Lakes, NJ
·Optimum Online
| reply to ridethelight
said by ridethelight :
Lots of places used to do that but the administrative burden of constantly changing the login credentials and the systems needed to generate them, is a high-cost nightmare for retail establishments.
not true there are automated systems that do exactly this, print a new random generated user name/password with every cash register receipt and update the credentials server.
--
»www.Warpstock.org
|
|
 wifi4milezBig Russ, 1918 to 2008. Rest in Peace
join:2004-08-07
New York, NY | reply to joako
said by joako:said by ridethelight :
Lots of places used to do that but the administrative burden of constantly changing the login credentials and the systems needed to generate them, is a high-cost nightmare for retail establishments.
What overhead beyond the initial setup? You buy something and you get a receipt, right? The point-of-sale system generates a token, say a 10-character alphanumeric string and when you login to the WiFi you go through a walled garden and enter that token to receive (e.g.) 1 hour free WiFi access. To encourage sales they could even offer to sell 1 hour of WiFi access for $20. I was thinking the same thing. I havent looked around, but I would be shocked if the "hotspot in a box" routers dont offer this functionality. Actually, I would be shocked if some of the 3rd party firmwares dont offer it. It would be trivial to implement it, and the increased revenue from making someone buy something every 20 minutes to an hour would more than cover the incremental cost to upgrade.
--
Obama = Jimmy Carter part 2
"Secret operations are essential in war; upon them the army relies to make its every move"
-Sun Tzu-
|
|
| reply to RARPSL
you are right. There wasn't anything to do but hit "print" on the printer and then it was done. |
|
RARPSL
join:1999-12-08
Suffern, NY | said by hottboiinnc:you are right. There wasn't anything to do but hit "print" on the printer and then it was done. I know that my solution is simplistic but so long as you have a gateway device that allows access to the WiFi LAN and revokes permission after a set period of time, my solution is all that is needed. For this purpose there is no need for massive databases or anything. The security is in the string being hashed. The Salt String makes the hash harder/impossible to reverse hack. Just using the Receipt Number and timestamp makes it too easy to generate fake passwords by comparing the password from a receipt with the suspected string and doing the hash offline to verify the method. If that is cracked, you just need your computer to generate a current valid Password when needed.
As it is, the Hash is going to be long and you would probably just use part of it to make the customer's typing not that hard. |
|
