Wi-Fi hotspots will soon be easier to use by tying them into the mobile GSM network - allowing telcos to provide data bundles and giving the dream of ubiquitous wireless networks a shot in the arm.

The Cloud, which runs Europe's largest network of Wi-Fi hotspots, will allow users to authenticate a Wi-Fi connection via a mobile phone SIM card in what analysts say is a significant step towards unifying Wi-Fi, 3G, GPRS and other data networks.

Transat Technologies' gear will let a hotspot authenticate someone with the same system as GSM, making it simple to offer integrated services and billing, The Cloud said. The company does not sell Wi-Fi services directly, but to network operators including BT Openzone, Boingo, Orange and KPN. Users will see the hotspot as belonging to their particular service provider.

SIM authentication is considered by many to be the next step in presenting unified, seamless wireless data services. Previously, The Cloud allowed operators to combine Wi-Fi and mobile phone bills, but users needed to log on manually to each hotspot, and back-end billing systems required integration with The Cloud.

SIM-based authentication claims to offer a far simpler user experience. A laptop or PDA connects to the wireless network the same way a mobile phone connects to a GSM network, which means companies can add Wi-Fi to their service without the need for any new technology or expertise. The tie-in is likely to make such bundled offerings far more commonplace.

To operators, "the wireless LAN network appears just like another GSM network", said The Cloud chief technology officer Niall Murphy. "It is just like a roaming deal. It removes a significant amount of special development work that mobile developers otherwise have to do to add WLAN to their product mix."

Enabling Transat's TransLok system across The Cloud's network involved installing a few back-end boxes, Murphy said. "We do that centrally, and SIM authentication is available anywhere on our network. It is scalable," he said. Because the system is based on mobile phone industry standards, The Cloud and its customers are not tied to any other Transat technology.

SIM authentication is more secure because it is based on a piece of hardware - the SIM card - rather than a password, which could be lost, copied or given to a friend, Murphy said. The system is enabled now, and is available to The Cloud customers such as Orange Israel and Orange Switzerland which have chosen to offer SIM authentication, the company said.

Previous systems for tying mobile phone and Wi-Fi accounts have involved relatively clunky techniques. The customer might use his mobile phone number as a username, and is then be sent a password via text message; this is then manually typed in. This type of authentication can be automated by attaching a SIM card directly to the computer via a PC card or dongle-based reader, but it still requires operators to set up a new system for Wi-Fi users.

The future of merged data services
Full SIM authentication is more sophisticated. The user is typically issued with a second SIM card dedicated to the user's PC or handheld computer; this might be embedded in a PC card that could also include Wi-Fi, 3G and GPRS radios. The user is also given client-side software that runs in the background, managing the authentication process and setting policies, for example telling the PC to switch from GPRS to Wi-Fi when Wi-Fi becomes available.

When the computer encounters a Wi-Fi access point it sends out an authentication packet using the EAP-SIM standard. This is detected by a central system running on the Wi-Fi provider's network, which then communicates to the mobile phone operator through SS7 (Signalling System 7). This is a trusted network used by GSM providers to, for example, authenticate roaming mobile phone users. The Wi-Fi user is then authenticated just as a roaming GSM user would be, and the Wi-Fi connection is established. To end users, the process is invisible; they switch on their laptop and it connects automatically, The Cloud said.

"This is about the coexistence of WLAN alongside GPRS and other mobile data systems. This makes it straightforward for that to occur," Murphy said.

The way the system is packaged for users is up to service providers, The Cloud said. Third-party products can enable the SIM card in a Bluetooth phone to authenticate a Wi-Fi connection on a PDA or laptop, if the operator chooses, Murphy said. Intel and Gemplus are currently demonstrating such a technique on Intel-based laptops.

Whatever technique is used, it must be invisible to users, according to Robin Duke-Woolley, analyst at ICT consultant E-Principles. "People want to send and receive data wherever they are, whatever coverage is available, and they want the whole thing to be transparent," he said. "That is the only way people will start to use these services and to depend on them. Most people don't understand the technology behind it, and don't want to."

Operators such as T-Mobile and Vodafone are already offering bundles of 3G, GPRS, Wi-Fi and voice. Russia's Vympelcom is testing a SIM card-based offering from Gemplus, and Mobilkom Austria is using SIM authentication from Azaire Networks to link Wi-Fi to its GPRS and UMTS back-end systems.

Gemplus' GEMobileIT system involves attaching a smartcard reader to the user's PC; the smartcard itself includes a SIM card as well as enterprise security functions for establishing an automatic VPN connection. Mobilkom's system is more elaborate, creating unified subscriber management, traffic management, IP services, customer care and billing systems. It allows authentication and authorisation via multiple methods, including SIM, SMS and credit card.

Problems
Not all the kinks have been worked out of SIM authentication, say industry observers. The SIM cards must be connected to users' PCs in some way, and the industry hasn't yet established a standard, well-understood way to do this, according to analysts.

Another issue is demand, with many operators appearing to be happy to continue on with less user-friendly techniques such as passwords via text message. "Eight months ago, I would have said (SIM authentication) would be the general method for getting all WLAN services to work, but that isn't turning out to be the case," Murphy said. "Some operators want SIM authentication, others don't."

On a broader level, Wi-Fi is still a long way from being something that mobile users take for granted or are even willing to pay for, industry observers believe. The Cloud, by far the largest European Wi-Fi network with more than 3,500 UK hotspots, believes Wi-Fi won't begin to be convenient enough until there are tens of thousands of UK locations, according to Murphy.

Even if there happens to be a hotspot nearby, the chances are that it will not belong to whatever service the user subscribes to. "For a while now there has been this competition in building hotspot networks, creating a hotchpotch of different requirements for authentication, billing et cetera," said Duke-Woolley. "This doesn't make it easy for people to use, so they won't. Eventually, we will be left with relatively few operators that have large numbers of sites, and those will be the ones people are prepared to sign up to."

The Cloud's network is largely made up of sites in pubs, but also includes several hundred hotels, bus stations, train stations, cafes, boat marinas and the Bristol Airport. A deal struck last autumn with New World Payphones will add Wi-Fi hotspots to 7,000 sites, largely indoor locations such as shopping centres, The Cloud said.

Most service providers selling directly to the public do not own large numbers of Wi-Fi hotspots themselves, instead relying on roaming agreements with third-parties such as The Cloud. T-Mobile, for example, gives its users access to thousands of hotspots, but only operates a few hundred itself.