Subway WiFi: Is the Risk Worth the Reward? | MCD Partners


INSIGHTS | June 4, 2013

Subway WiFi: Is the Risk Worth the Reward?

Over the course of the next five years, NYC subway stations in four of our five boroughs (sorry Staten Island) are poised to be equipped with wireless access, thanks to Boingo. Connected commutes for a potentially nominal fee? Well, it’s not as simple as it seems.

subway wifi-guy standing in a subway looking at his phone with earbuds in.
As Boingo themselves have said, “an unprecedented number of risks threaten users’ safety at publicly available Wi-Fi hotspots,”* or put more bluntly, if you use the public wireless, beware: you might get hacked.
When we heard this, we wondered, how strong is that might? Like if you ride the subway, you might get pickpocketed, or if you live in NYC, you might get robbed… but generally, you don’t. Because you take precautions. Because you lock your front door and zip your purse. So what about this hacking business, is there a precaution for that?
It turns out there is, and it’s a pretty sturdy one, but it’s complicated. The solution is a personal VPN (virtual private network). VPNs are best known as the secure networks on which many people (say, members of a company), share data that is otherwise protected. VPNs exist for individual users, too, the idea being that they create a “secure tunnel between you and a safe server that encrypts and protects you and your information.”**
We see three potential issues here. First, a personal VPN isn’t part of the WiFi product; it’s a separate thing that consumers will need to buy and install. Second of all, personal VPNs aren’t available yet for mobile devices (though it’s said they will be soon). Third, perhaps the biggest problem, is that the idea of a personal VPN is still relatively new to the average consumer, and we’re guessing that most subway riders will not be familiar with them, let alone how to set one up.
What's to be done? In our opinion, it starts with the vendors: the MTA and Boingo have a responsibility to educate their consumers about the possibility of hacking, as well as available solutions. We hope to see PSAs on our train rides soon telling us that we will need to protect ourselves when the WiFi comes, as well as how. And when we sign up with Boingo, we better get the message from them, too.
We do wonder if WiFi users will be somewhat self-selecting: early adopters who are among the first to sign up for a subscription might also be among those most likely to know about personal VPNs. And then by the time the rest of us are paying to be connected underground, we’ll all be personal VPN experts.
In the meantime, we’re kind of okay being disconnected for a brief respite. But if I’m in the middle of an emergency email chain, or perhaps having an Instagram crisis, and you’re that early adopter on my morning train ride… don’t be surprised if I ask to borrow your phone.