Plan du site  

Articles - Étudiants SUPINFO

To what extent is the free Wi-Fi provided by mobile operator VivaCell MTS in Armenia secure in their central branch?

Par Yuri TONOYAN Publié le 14/03/2019 à 17:51:14 Noter cet article:
(0 votes)
Avis favorable du comité de lecture


Staying safe on public Wi-Fi networks is one of the most important things for your security as your information can be accessed by the provider of Wi-Fi or hackers who get unauthorized access to your unsecured device through the mobile apps that you use. Mostly in Armenia people while using Wi-Fi network, they don't focus on the network name or why the the establishment provides free Wi-Fi. If there is a free Wi-Fi network, then they connect their devices to that network. VivaCell MTS is the leading mobile operator in Armenia, it has a lot of branches in Yerevan, where a free Wi-Fi is provided to all users, and hence I decided to choose the following research question: “To what extent is the free Wi-Fi provided by mobile operator VivaCell MTS in Armenia secure in their central branch?” I started the investigation from the IT background, speaking about the history of Wi-Fi and then presented where in general people use Wi-Fi networks. An interview has been carried out with the VivaCell MTS’s product manager Ashot Izrailyan about the Wi-Fi network systems. Thus, I spoke about the connections of systems and how could a person access to their Wi-Fi network. After the description of the product I presented general issues of security that can occur for Wi-Fi users and some solutions to the concerns. Another inquiry has been carried out with the citizens of Yerevan to understand whether Armenians are concerned about Wi-Fi security issues or not. At that point I focused on the issues that can arise in VivaCell MTS by doing inferences from my research and then the solutions that the company can use for reinforcing their security. In the conclusion my research was summarized by speaking about how secure is Vivacell MTS Wi-Fi network and how the security issues can impact on their subscribers.


In a present day the usage of Internet for receiving and transmitting the necessary information increases in the entire world. Armenia is not an exception and most of Armenians usually use Wi-Fi at their home or offices for having Internet access. Sometimes when they go to hang out in cafes or shops, they access to the public Wi-Fi if there is an available one Wireless networks have become more common as the number of laptop computers and mobile devices increases. At home while using Wi-Fi for Internet connection sometimes I think there is a possibility that another person from his device can access my Wi-Fi. I have already informed about the wireless connections during my ITGS classes and I was always interested whether the cafés and shops are paying attention on their Wi-Fi security. I chose the leading operator in Armenia-VivaCell MTS as a Wi-Fi provider because thousands of people in Yerevan use their Wi-Fi network. The main purpose of writing about Wi-Fi is to speak about the concerns and impacts on customers who use VivaCell-MTS’s services (especially regarding their Wi-Fi services). Therefore, my interests forced me to research about Wi-Fi security in VivaCell MTS. Thus, the research question is “To what extent is the free Wi-Fi provided by mobile operator VivaCell MTS in Armenia secure in their central branch”. First of all, I would like to introduce the historical background of Wi-Fi alliance, where people use it and the series of standards. Then I’ll speak about the product description and how the Wi-Fi system works in VivaCell MTS and I’ll give detailed information based on my primary research. There are two main stakeholders who use this system: the mobile operator VivaCell MTS and the users of the organization's free Wi-Fi. For my primary research I have interviewed with the product manager of VivaCell MTS to gather information about their systems and how they work. After the interview I keep connection with him in case of questions to contact with him. For my secondary research, the necessary information was taken from the Internet and books for developing my research topic. Afterwards I’ll present wireless and physical security, the issues that can arise and the solutions for these concerns. In the end I’ll give the problems that VivaCell MTS’s subscribers could have during the utilization of their Wi-Fi and give solution to the problem. Nowadays most people use passwords for the security for their Wi-Fi but sometimes even passwords aren't able to protect the security of home networks. Most mobile operators who provide Wi-Fi have the same concept. The issue of security can evoke a major problem for users and also for the mobile operator. As a rule, the users of wireless connection don't have to be concerned about the impacts that can occur while using it as they think that this wireless fidelity allows permission for only them to access the Internet. But in reality wireless networks present additional risks because the users’ data is unsafe to the interception as it is broadcasted through the air, allowing anybody with suitable equipment to access it and connect to the wireless network.

IT system background

In 1999 different visionary companies had decided to create new wireless networking technology known as Wi-Fi alliance (A brief history of Wi-Fi) . In 1985, the Federal Communications Commission decided to open several visionary companies allowing them to be used without the need for a government license. The new standard was published in 1997, and engineers immediately began working on prototype equipment to comply with it. Wi-Fi networks are based on the IEEE 802.11 series of standards, which includes 802.11b, 802.11g, and 802.11n. The primary difference between these standards is their bandwidth, from 802.11n and offering up to 108 Mbps. Nowadays the one of the main uses of Wi-Fi is in home networking. People use Wi-Fi as it is the easiest way for several computers to share a broadband link. It provides high-speed Internet connection at home and it has become the most popular home-networking technology. Many hotels, cafés, and shops now offer wireless hotspots (Wi-Fi hotspots) to their customers, allowing Internet access. Though many are free, some hotspots require a subscription or service with a particular mobile provider (e.g., Starbucks has exclusive deals with T-Mobile and AT&T customers) . In Armenia we have different Mobile operators providing Wi-Fi to their customers and due to the competition between different companies our Wi-Fi technologies are developing (Armenia - Telecoms, Mobile and Broadband - Statistics and Analyses). The main contention is about how many Mbps the company can offer. Nowadays Mobile operators in Armenia have the possibility to provide Wi-Fi networks by wireless hotspots. The present-day people use not only Wi-Fi hotspots but also MI-fi hotspots. The name MI-fi is connected with Wi-Fi as “My Wi-Fi”. We can define it as a personal hotspot as you can use it almost anywhere by moving it from one place to another. The first 3 countries with the most percentage of Wi-Fi in their households are South Korea (80.3%), United Kingdom (73.5%) and Germany with (71.7%) (Strategy Analytics: A Quarter of Households Worldwide Now Have Wireless Home Networks).

Description of Wi-Fi provided by VivaCell-MTS Overall structure

During the interview conducted with Ashot Izrailyan, the product manager of Vivacell MTS (see appendix 1 (Izrailyan)) I was introduced the structure of their Wi-Fi authentitication system which they use in their central office, The Wi-Fi coverage available in defined area is broadcasted as “Free_Wi-Fi_” SSID. All subscribers are eligible to connect to the Hot-Spot after which they will see an on-screen landing page, where 3 blocks are available - PIN code field, Description and fixed Adv. Banner Block. There are 3 profiles loaded into hot-spot: a) Profile for data users –no QoS(Quality of Service) limitation b) Profiles for non -data tariffs– 512 kb/s limitation c) Profile for -256 kb/s + HTTP/HTTPS only There are 2 options for logging in, for starting browsing Internet. First option is USSD (pic. 1) and second is by clicking a button which redirects to an advertisement web page where a video or static banner is displayed at the bottom on which a countdown timer appears for informing a subscriber how long he/she can stay on the page for free Internet.

Pic. 1. Inputting the USSD code (The screenshot has been taken from my iPhone.)

If you are a subscriber of VivaCell MTS, then the first option works for browsing the Internet, otherwise if you are a subscriber of another mobile operator then the second option works for you.

Pic. 2 (VivaCell MTS free Wi-Fi network. Your pin code is 752216. The code is available until 2017.03.13 14:53:03.Thank you for using our services.)

The screenshot was taken from my iPhone. The USSD code is *XXX# which is linked to the VAS server (VAS is an authentication server which support the user to authenticate in multiplatform environments) which on its turn is checking the tariff plan, subscriber’s account information, browser type and sending information to an appropriate server which generates and triggers a PIN code through SMS. In parallel the database records logs related to the transaction, keeping timestamp, phone number and other details as well as starts the session countdown timer. The validity of each PIN code is 60 minutes, after expiration the connection will be interrupted and the subscriber should dial USSD again for receiving another 1-hour PIN code (Table 1).

Pic.3 ( Vivacell MTS free Wi-Fi network. Your pin code is 752216)

The PIN code has a length of 6 digits. The back-end system should keep 2 types of PIN codes – marked “green” and marked “blue”. Green PINs are for specific tariff plan users while blue are for non VivaCell-MTS users. Each PIN is for the use of only one device, which means no simultaneous session is available, even in case of a stolen PIN it could not be used during an active session. Total estimated attachments to the Wi-Fi Zone are a 100.


After getting the pin code you’ll have the following window on your device (picture 4). If you are a VivaCell MTS subscriber than you will only need to put your pin code on the textbox. Else if you’re a subscriber of another mobile operator, then you will need to click on “I am not Vivacell-MTS subscriber” to have access to the Internet. The Company’s Information Security Management System (K-Telecom) preserves the availability, confidentiality and integrity of all the physical and electronic information assets of the company in order to protect its customers’ personal data, render high-quality services to them and preserve the Company’s competitive edge, cash-flow, profitability, legal, regulatory and contractual compliance, and commercial image.

Table 1. Authentication parameters and their appropriate values

We can divide the work process of the system in 3 parts. In the first part there are two access points which are available for the Wi-Fi users and for their devices to connect to the wired network. The Access Points (AP) operate on 2.4 GHz frequency 802.11g standard. Next, in the second part it comes to the router which stands behind the front line AP and back-end system forwards the data of user by using a unified addressing system. It also has an integrated firewall (Beal) which controls user traffic and prevents not identified users (non VivaCell-MTS subscribers) from accessing suspicious web resources and use of non-standard protocols. The firewall rules block the traffic by default, unless the subscriber’s device is authenticated and authorized for Internet access. Then after the router emerges the demilitarized zone (DMZ) (Rouse) which helps to distinguish and separate the internal local area network from other untrusted networks. DMZ is also used for the security of system, as a firewall. Then the web service, hosting as a separate node, hosts the landing page which is behind the firewalls and stands apart of DMZ in order to make the transaction more secure. The landing page receives the PIN code and sends it over to secure channels and to the database for authentication. Then in the 3rd part where they use their internal servers, data charging systems are used to link to the deep packet inspection system which analyses the traffic on the go and sends records to the database for keeping transaction-related information, as well as accessed resources and timestamps for each transaction and geolocation information based on Cell IDs received from Base Stations during the transaction. The charging system is also linked to the database called HLR (Home Location Register) which keeps information about services to which mobile users have access. The information could include the address, account status and preferences of subscribers. For the control of communication service providers - they use policies. By the aid of Sandvine DPI analyzer nit, it allows to ensure subscriber’s satisfaction.

Access Logic

Security concerns with wireless networks


Different establishments provide their Wi-Fi networks in different ways. Some of them use pin codes for accessing their network and others are just open networks for the public (mainly they use advertisements instead of passwords) . Many Wi-Fi attackers will name their network as an establishment before the public, before connecting. They will not remark that they don't even have a Wi-Fi network. If you suddenly connect your device to their network, then they can easily steal and modify your data. You should ask yourself why this network exists especially in the case that it’s free. It’s true that companies and establishments also can steal your data but they have a responsibility and obligation to secure your device and its data.

Wi-Fi attacks

War Driving Also called access point mapping is used to gain information about establishment records and resources (such as what type of encryption they used or any other pertinent information. For War Driving you need an antenna which will be inserted on your car on the outside and a computer with a wireless Ethernet card.

Cracking Attacks These attacks are used for cracking the password of wireless networks and gaining access to it. There are several types of cracking attacks such as Aircrack, Wepattack, Wireshark etc. Karma Attacks (KARMA Attacks Radioed Machines Automatically) Karma attack is a set of tools used for attacking the security of Wi-Fi networks using man-in-the-middle (MITM). Here the attackers target their clients to discover their trusted network.

KARMA includes patches for the Linux MADWifi driver to allow the creation of an 802.11 Access Point that responds to any probed SSID (Service Set Identifier).

Pic. 5 The Wi-Fi Pineapple® NANO and TETRA

How to secure your Wi-Fi and your data?

Wi-Fi Myth Busting (Agarwal)- First way is to not broadcast your network name or SSID. As a result, the attackers can’t see that there is an available network and will not attack. The second version is that MAC is filtering denies access to the wireless network from any computers whose MAC addresses are not on a pre-defined list. The attacker can’t find the MAC address of a client in a network because it works in single condition Wi-Fi Encryption (THOMPSON)-the most common way to protect your network is to encrypt al wireless transmissions. In past people used Wired Equivalent Privacy (WEP) but after developing this process they created Wi-Fi Protected Access (WPA) which used Temporal Key Integrity Protocol TKIP during the transmission of wireless network. Also, for all users it uses an encryption during the authentication. After 2004 people started to use Wi-Fi Protected Access version 2 (WPA2) which is also based on the 802.11i wireless security standard. The main difference between WPA and WPA2 is the use of the Advanced Encryption Standard (AES) for encryption. The Advanced Encryption Standard or AES is a block cipher used to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data. Some old devises which require WEP unfortunately cannot use WPA or WPA2 Use of VPN (How to Avoid Public WiFi Security Risks)-Virtual private network (Rouse, virtual private network (VPN) used for subscribers to have secure access to their organizations. VPN performs functions like compressing mobile data, analyzing mobile data usage and helping to secure mobile data communications on certain mobile platforms and communication networks. You should be sure that VPN applications that you use are legitimate and the provider is responsible for your security.

Physical security

Physical security is the protection of different computer systems such as software, hardware, network from physical attacks during which the attacker tries to steal it or physically compromise it. (Bogue). While connecting to the internal system the attacker can bypass the server software-based security and crack the users’ password. They can just gain information about the system’s settings and the ways that they can control the system. If the company has a physical security issue, then the attacker can have a direct access to the system. Remember that software security is powerless in this situation. If the attacker gains access to the system therefore ha can change the operating system and add new rules for accessing the system. As a result, they have access to all files and probably they will set a new unbroken password for the system as the company will not have any chances to crack it. VivaCell MTS’s internal systems are connected with each other. If the hacker will have access one of the system’s hard disk, then he can gain access to the other systems too as for all systems they use the same login and password. The impact can be harmful if the company will have failure in physical security because all the software protection systems inside the systems will become useless.

How to fortify your physical security?

Lock the doors- In past when the IT wasn’t developed, people used keys for securing their systems from physical attacks. Even nowadays keys are one of the simplest and beneficial ways to protect not only IT systems and also other important gears. The main problem of using keys is that it can be stolen or duplicated. In this case your potential physical security will be gone. Nowadays many companies use card access system (token access system). One of the benefits of using card access system is that each employee has his card and depending on his position of work, the employee could have access to the entries appropriate only for him. It means that each user is identified individually. But even in this case the company should always maintain control that has access to the computers by controlling access to the rooms they are in.

Monitoring- Monitoring is used to ensure that the system has no unauthorized access from hackers. As I mentioned in description most of attackers will change the operating system appropriate t them for making changes. By monitoring, you can identify connectivity and stability problems and find also the targets. For finding the hacker employees use video monitoring services for identifying the person who wanted to access to their system. As an example NetBotz (Zlatic) is used for environmental and security monitoring IT assets remotely. One of the benefits of NetBotz is the availability. It tracks and records environment and physical access.

What problems can occur for subscribers of Vivacell MTS?

I described how the system works. I mentioned about what the mobile operator uses in internal systems. Thus we understand that no one could have access to their internal services as it’s invisible for public. Even if hackers will try to access their internal systems they cannot come out with expected outcome because the company is pretty serious about their wireless security. But what if the hacker gains access to a system to steal it or physically compromise it in some way? If they gain physical access to the network and install a hardware key logger or infect the machine with malware and connect to the local Ethernet port, then the security can be compromised. They can even capture and record the sensitive passwords such as biometrics. As all data records of VivaCell-MTS’s subscribers are kept in their internal systems, there can raise privacy issues for them. The concern will be really harmful because each time when someone accesses to VivaCell-MTS’s network, their data automatically saves in their databases without deleting it. Meanwhile in Armenia the most subscribers are using VivaCell-MTS’s Wi-Fi network and it means that probably more than 500000 people’s data is already logged in their databases. Also simpler way for Wi-Fi attackers to gain their subscribers’ data is to name their network after the name of VivaCell-MTS’s network. I have conducted a survey with the citizens of Armenia and “Quantum” college students. The main purpose of my survey was to understand whether Armenians are concerning about Wi-Fi security when connecting to different companies’ free hotspot. I’ve prepared questionnaires and ask to answer the proposed questions just putting Y(yes) under the appropriate column. For not annoying them I just ask two questions (Table 2). Only one answer sheet is provided in Appendix 2 (the main reason was upper limit of my file size- it should occupy less than 10 Mb). The results show that in Armenia most of our population is not paying attention on security of their data. The table below shows whether Armenians are concerned about Wi-Fi security or not. The inquiry was taken from “Quantum” college students and from citizens of Yerevan from 100 people.

While connecting to Wi-Fi you are paying attention on

If they notice a free Wi-Fi network, then they access to it immediately. But in fact you will face a big problem if you will access to unauthorized network because they can gain all the information about your social network messages, what browsers you used for the Internet, your location etc. The question is how? Well, let’s understand how the data is visible for Wi-Fi providers. We access one of the Wi-Fi networks which is available. Then for example when we send messages or posts to our friends, firstly it attains to the Wi-Fi providers. Also they can decide whether to send your message to your friend or not. In Armenia all wireless information penetrates through the government of Armenia.


As we understand the main security problem that can occur in the internal systems of VivaCell MTS is when someone tries to physically compromise it. Note that VivaCell MTS doesn’t use security guard personnel for inspecting who is entering and exiting from the building. First of all, they can use bodyguards as a solution because they will secure the entry in the building. While speaking about the description of access logic, we understand the company has developed only the software securing systems and Wi-Fi attackers have no chances to break it. But we cannot say the same about physical security. Security guards can help to look after the internal system for 24 hours. It means that hackers can’t enter the establishment and have physical access to the Wi-Fi system. But as a disadvantage the company must pay high cost salary because they are most likely to use more than one security guard as the building has different entries. The company may also have reliability issue. The security guards may try to access the system themselves if company will not have much and reliable information about them. Suppose that this solution will not work. Then the mobile operator can use Internet protocols for each packed-switch computer network. In general Internet protocols use it for addressing and transmitting different datagrams from one system to the other. Therefore, all data will be sending in an encrypted way. If suddenly the hacker will access one of the systems, then for having access to the other computer network he will need again to have the same access process for other systems.


After examining all security concerns that may have the company we can consider the following about their subscribers. The modern technological security systems may help VivaCell MTS’s subscribers to use safe their wireless network. But security concerns may arise in other ways such as having direct access to their systems. The company is following almost all security points which make his subscribers to be comfortable and easy while using their network. The negative impact for the subscribers could be the privacy issue if the Wi-Fi attacker will somehow gain access to company’s database as his number, location and other analogous information is saved in their data. But to overcome these problems my provided solutions can help the company to be 100% sure for their security. Thus we can say that mobile operator VivaCell MTS provides securable Wi-Fi for their subscribers and takes the responsibility of their safety.


"A brief history of Wi-Fi." The Economist. Technology Quarterly. 10 June 2004. 5 March 2017. <>. Agarwal, Amit. How to Secure Your Wireless (Wi-Fi) Home Network. 7 August 2014. 4 March 2017. <>. "Armenia - Telecoms, Mobile and Broadband - Statistics and Analyses." 2016. Beal, Vangie. firewall. n.d. 4 March 2017. <>. Bogue, Robert L. Lock IT Down: Don't overlook physical security on your network. 11 August 2003. 4 March 2017.

<>. Boulevard, Wilson. Internet protocol. California, 1981. 6 March 2017. <>. Chahrvin, Sacha. Keyloggers, pros and cons. April 2007. 5 March 2017. <>. GARDINER, BRYAN. "Starbucks Ditches T-Mobile and Brings in AT&T as Exclusive Wi-Fi Provider." 02 11 2008. Wired. 20 02 2017. <>. Gray, Joe. Security Issues of WiFi - How it Works. 19 september 2016. 4 march 2017. <>. How to Avoid Public WiFi Security Risks. n.d. 3 March 2017. <>. Izrailyan, Ashot. Description of Wi-Fi authentication system Yuri Tonoyan. 19 October 2016. K-Telecom. Vivacell MTS. 2017. 4 March 2017.

<>. Paul, Neil Sullivan. "Security Threats over a Public WiFi." 03 03 2016. Public Wi-Fi Risks. 20 02 2017. <>. Rouse, Margaret. November 2013. 5 March 2017. <>. —. Advanced Encryption Standard (AES). November 2014. 4 November 2017. <>. —. DMZ (demilitarized zone). June 2015. 4 March 2017. <>. —. virtual private network (VPN). May 2016. 4 March 2017. <>. "Strategy Analytics: A Quarter of Households Worldwide Now Have Wireless Home Networks." 04 April 2012. BusinessWire. 4 March 2017.

<>. THOMPSON, SCOTT D. Securing your wireless LAN electronically and physically. 1 May 2005. 4 March 2017. <>. Vivacell . n.d. Zlatic, Michael. NetBotz - Overview . 16 April 2009. 9 3 2017.

<>. Zovi, Dino A. Dai. KARMA Attacks Radioed Machines Automatically. n.d. 4 March 2017. <>.

Appendix (Introduction of Wi-Fi authentication system)

Face to face interview Date: 20.12.2018 Interviewee: Ashot Izrailyan, producr manager of Vivacell MTS The interivew has been carried in Armenian.Some parts are translated below

1. Can you describe how a user acceses to your Wi-Fi.

Well, when the user wants to connect to our Wi-Fi firstly he/she should enter The USSD code *252# in his telephone field and get the Pin code fro accessing the Wi-Fi.If you're a Vivacell MTS subscriber than you'll get high-speed Internet for 1 hour else if you're a subscriber of another mobile operator than you'll see an advertisement and 256 kb/s limitation and you'll be able to use HTTP/HTTPS only.If the user wants to use our Wi-Fi more than 1 hour than he/she should repeat the same process

2. What software-security systems does your company uses?

First of all i want to mention that for users the last visible part of the system is the router.The other parts of the system aren't avaliable for the Wi-Fi users as then it comes out our internal systems.Even if they will try to access to our systems, we use firewalls in the router. Before the user's data would be saved in our databases, our company also uses DMZ for distingusihing the untrusted networks.

3. Do you use any physical security protection mechanisms?

To be honest, we are not concerning about our physical security as we think that nobody will try to gain direct access to our systems.But as a physcial security systems, we use video cameras in different parts of our central bramch for following the acts of different people(eployees,subscribers etc.)

A propos de SUPINFO | Contacts & adresses | Enseigner à SUPINFO | Presse | Conditions d'utilisation & Copyright | Respect de la vie privée | Investir
Logo de la société Cisco, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo de la société IBM, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo de la société Sun-Oracle, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo de la société Apple, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo de la société Sybase, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo de la société Novell, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo de la société Intel, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo de la société Accenture, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo de la société SAP, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo de la société Prometric, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo de la société Toeic, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management Logo du IT Academy Program par Microsoft, partenaire pédagogique de SUPINFO, la Grande École de l'informatique, du numérique et du management

SUPINFO International University
Ecole d'Informatique - IT School
École Supérieure d'Informatique de Paris, leader en France
La Grande Ecole de l'informatique, du numérique et du management
Fondée en 1965, reconnue par l'État. Titre Bac+5 certifié au niveau I.
SUPINFO International University is globally operated by EDUCINVEST Belgium - Avenue Louise, 534 - 1050 Brussels