The MAC randomization feature lets devices use a randomized MAC address when connecting to a Wi-Fi network. For implementation instructions, see Implement MAC randomization. This page describes the behavior of MAC randomization in Android.
MAC addresses are used by devices when connecting to a Wi-Fi network or an access point. Because these MAC addresses are transmitted without encryption, they can be captured and used to potentially track a user's location. Historically, devices use the factory MAC address to associate to a Wi-Fi network. The factory MAC address is globally unique and static, letting the device be tracked and individually identified.
The MAC randomization feature increases user privacy by using a randomized MAC address when connecting to a Wi-Fi network.
MAC addresses are 48 bits long and usually represented by 12 hex digits
(6 octets as each octet is 8 bits) such as 00:11:22:AA:BB:CC. The MAC
randomization feature randomizes the address by setting the locally
administered bit to 1, and the unicast bit to 0. The other 46 bits are
randomized.
For devices running Android 10 or higher, the framework uses randomized MAC address by default. Users can enable or disable MAC randomization for individual networks through an option in the Network details screen in Settings, as shown in Figure 1. If a user disables MAC randomization for a network, the framework uses the factory MAC address (globally unique address).
Figure 1. MAC randomization option.
MAC randomization types
The Android framework uses two types of MAC randomization: persistent randomization and non-persistent randomization. If the user disables MAC randomization, the factory MAC address is used.
Android determines which MAC randomization type to use when the device associates to a Wi-Fi network. By default, Android uses persistent randomization. Starting in Android 12, Android uses non-persistent randomization in the following situations:
- A network suggestion app specifies that non-persistent randomization
be used for the network through the
WifiNetworkSuggestion.Builder#setMacRandomizationSettingAPI. - The network is an open network that hasn't encountered a captive portal and
the
config_wifiAllowEnhancedMacRandomizationOnOpenSsidsoverlay is set totrue. This overlay is disabled (set tofalse) by default.
Persistent randomization
Android uses the persistent randomization type by default when the MAC randomization feature is enabled. Android generates a persistent randomized MAC address based on the parameters of the network profile including SSID, security type, or FQDN (for Passpoint networks). This MAC address remains the same until factory reset. The MAC address does not get re-randomized if the user forgets and re-adds the Wi-Fi network since the MAC addressed depends on the parameters of the network profile.
Persistent MAC addresses are necessary in cases where networks rely on the persistence of the MAC address to provide useful functionality to the user, for example, to remember a device and let users bypass the login screen as expected, or to enable parental controls.
For Android 10 and 11, the framework uses persistent randomization for all networks when MAC randomization is enabled.
Non-persistent randomization
Under the non-persistent randomization type, which is used for some networks in Android 12 or higher, the Wi-Fi module re-randomizes the MAC address at the start of every connection or the framework uses the existing randomized MAC address to connect to the network. The Wi-Fi module re-randomizes the MAC address in the following situations:
- The DHCP lease duration has expired and more than 4 hours have elapsed since the device last disconnected from this network.
- The current randomized MAC for the network profile was generated more than 24 hours ago. MAC address re-randomization only happens at the start of a new connection. Wi-Fi won't actively disconnect for the purpose of re-randomizing a MAC address.
If none of these situations apply, the framework uses the previously randomized MAC address to connect to the network.
Developer option for non-persistent randomization
For devices running Android 11 or higher, users can enable non-persistent MAC randomization globally for all Wi-Fi networks (that have MAC randomization enabled) through the developer options screen. The option to enable non-persistent MAC randomization for all profiles is found at Settings > Developer Options > Wi-Fi non-persistent MAC randomization.
Figure 2. Wi-Fi non-persistent MAC randomization option.