What Wi-Fi probe sniffing is, and why it became popular
Wi-Fi probe sniffing is a passive method that listens for the short broadcast frames a phone sends out when its Wi-Fi radio is on. A phone with Wi-Fi enabled does not wait silently for networks. It announces itself by transmitting probe requests, looking for known SSIDs and asking nearby access points to reply. A sensor placed in a venue can read those frames in the open air, log them, and use the device address inside each frame as a rough identifier for a passing visitor.
Around 2012 to 2018, this was an attractive way to measure footfall. The hardware was cheap, the deployment was passive, and the same sensor could report counts at the door, a sense of dwell across a venue, and a notion of repeat visit rate by matching addresses across days. Many early Wi-Fi based counting setups were built on this idea, and a generation of retail analytics products used it as their core signal.
That ground has shifted. Mobile operating systems now treat the Wi-Fi address inside a probe request as personal data and randomise it aggressively. Privacy regulators in the EU and the UK have published guidance that treats the same address as personal data even when randomised. The practical effect for people counting in 2026 is that probe sniffing reports unstable numbers on a shrinking share of devices, and the unique-visitor and dwell math that made it useful has degraded.
What MAC randomisation actually changed
The original assumption behind probe sniffing was simple. A phone has a fixed Wi-Fi MAC address. The same MAC means the same device. Counting unique MACs over a day means counting unique visitors. That assumption no longer holds on a modern phone.
iOS
Apple introduced a randomised MAC for each known Wi-Fi network in iOS 8 (2014), but the change that broke probe sniffing for retail came in iOS 14 (2020), which randomises the MAC used for probe requests on networks the phone has not joined. iOS 15 and later kept tightening the behaviour, and Private Wi-Fi Address is on by default. On a current iPhone, the address a probe sniffer sees is generated locally, does not match the device's real address, and can change between scans.
Android
Android added MAC randomisation for probe requests in Android 8 (2017), made it the default for all Wi-Fi connections in Android 10 (2019), and added a per-session randomised MAC option in Android 12 (2021). Recent Android releases also restrict how often an app can read the device MAC at all. As with iOS, the address visible to a passive sniffer in 2026 is not a stable identifier of the phone.
What is left to count
A sniffer in a busy venue still hears thousands of frames per hour, but a high share of those frames now carry locally generated addresses that change. The same phone can appear as several addresses inside one visit. Two different phones can occasionally share a random prefix. Older Android devices, some IoT devices, and a long tail of personal hotspots still emit a stable address, which means the sniffer is mostly measuring the unrandomised tail of the device population rather than the actual crowd.
The privacy and legal layer on top
Even when probe sniffing returns a usable address, the regulatory treatment has hardened. The European Data Protection Board and several national authorities have written that a MAC address, including a randomised one, is personal data when it can be used to single out a device in a venue. The UK Information Commissioner has published similar guidance for Wi-Fi analytics in physical spaces.
In practice, that means a Wi-Fi probe deployment needs a lawful basis, a documented retention policy, signage that informs visitors, and in many cases a data protection impact assessment. Hashing the address does not remove it from scope when the hash is reversible inside one venue. Cross-site matching, the original promise of unique-visitor analytics, is the hardest case to defend. None of this makes probe sniffing illegal, but it does mean the work to deploy it compliantly is now meaningful, while the data quality has dropped.
What probe sniffing can and cannot reliably do in 2026
Stripping away the marketing claims of a decade ago, here is a fair read of what a passive Wi-Fi probe deployment can deliver today and where it falls down.
Reasonable: relative trend
Aggregated probe counts across a long window still track the shape of a venue's traffic. Busy days look busier than quiet days, and a major event still shows up. The signal is a noisy proxy for footfall, useful for trend lines that do not need to match a turnstile.
Weak: absolute visitor counts
Translating frame counts into a true headcount requires a capture-rate assumption that randomisation makes unstable. The same visitor may register as several devices, several visitors may register as none, and the ratio between frames and people changes by device mix and venue. A door-line system that physically counts crossings will outperform it on absolute accuracy.
Weak: unique visitors and repeat rate
These are the metrics that randomisation hits hardest. A device that presents a different address on each probe cannot be matched across visits with any confidence. Vendors who still report unique-visitor rates from probe sniffing are inferring them from the unrandomised tail of devices, which is a biased sample and shrinks every iOS and Android release.
Weak: dwell time
Dwell needs a stable identifier across the same visit, but the same phone can rotate its randomised address mid-visit. Dwell estimates from probe sniffing are therefore both noisy and biased downward.
Unreliable: cross-site visit chains
The classic Wi-Fi analytics promise of recognising the same visitor across multiple sites depends entirely on a persistent device address. Modern OS defaults make that almost impossible at scale, and the privacy case for doing it has weakened in step.
How Ariadne's signal sensing is structurally different
It is worth being precise here, because Wi-Fi probe sniffing and Ariadne's patented phone signal sensing are sometimes conflated. They are different methods with different inputs and different privacy properties.
Ariadne measures this with Hybrid Fusion, its patented camera-free method. Time-of-Flight depth sensing counts every visitor at the entrances, capturing geometry rather than images, while patented phone signal sensing follows movement through the interior, detecting the signals a phone emits even in airplane mode. The sensor streams both feeds to Ariadne, where Hybrid Fusion combines them into one trajectory per visit and computes counts, dwell, and paths. The streams carry no identifier: no MAC address, no device ID, no biometric data, and no camera is involved. Identifiers are stored only when a visitor explicitly opts in, which keeps the method GDPR-friendly and outside biometric territory.
Three things follow from this design that matter for the comparison with probe sniffing. First, Ariadne does not use the MAC address inside a Wi-Fi probe request as the identifier. The patented signal sensing reads pattern features in the radio activity around the sensor, which means the OS-level MAC randomisation that broke probe sniffing for unique-visitor work does not break the Ariadne method in the same way. Second, no MAC, no device ID, and no biometric data are recorded by default in the stream the sensor passes back to Ariadne. There is no captured identifier sitting in a database that would later need to be removed, because no identifier is captured in the first place. Third, the actual counting and dwell math runs centrally in the Ariadne platform, combining Time-of-Flight depth data at the entrance with signal data through the interior. That fusion is what makes per-zone counts and trajectories reliable, and it is what a single-stream probe sniffer cannot deliver.
The practical effect for a buyer evaluating people counting in 2026 is that the privacy and accuracy answers are different. A probe-sniffing deployment has to argue, increasingly hard, that its degraded MAC-based measurement is still personal data handled lawfully. The Ariadne deployment can answer a data protection officer with a flat statement: no images, no MAC by default, no biometric data, and the fusion math runs in the Ariadne platform under a documented privacy policy.
If you already operate a Wi-Fi probe deployment
Plenty of venues still run a probe-sniffing setup that was installed several years ago. The point of this article is not to argue for ripping it out tomorrow. It is to be honest about what the data now represents and to plan the next refresh cycle accordingly.
- Document what the system actually measures today. Re-read the vendor's accuracy claims against current iOS and Android defaults. If the original claim was a unique-visitor count, treat that metric as a trend indicator rather than a measured value until you can validate it against a door-line sensor.
- Check your privacy paperwork. A probe deployment that pre-dates EDPB and national-regulator guidance probably needs a refreshed data protection impact assessment, a retention review, and signage that reflects current practice.
- Treat the next refresh as a methodology choice, not a hardware swap. If unique visitors, dwell, and per-zone occupancy matter, a camera-free method that does not depend on MAC addresses will outlast another generation of OS privacy hardening. A method that uses no captured identifiers also has a much simpler story for the data protection officer.
- Separate door counts from movement analytics. Door-line counting is a well-understood physical measurement and does not need probe sniffing at all. A Time-of-Flight sensor at the entry counts every visitor crossing the line, regardless of whether they carry a phone or which OS the phone runs.
FAQ
Does Ariadne sniff Wi-Fi probe requests?
No. Ariadne uses Hybrid Fusion, a patented camera-free method that combines Time-of-Flight depth sensing at entries with patented phone signal sensing through the interior. The signal sensing does not depend on the MAC address inside a Wi-Fi probe request and does not store a device identifier by default. Identifiers are stored only when a visitor explicitly opts in, for example by logging into a guest network the venue chooses to offer.
Are MAC addresses personal data?
European and UK regulators have treated a Wi-Fi MAC address as personal data when it can be used to single out a device in a venue, including when the address is randomised. A deployment that processes MAC addresses, even hashed ones, normally requires a lawful basis, a retention policy, signage, and a data protection impact assessment.
Does the system use cameras?
No. Ariadne counts with Hybrid Fusion: Time-of-Flight depth sensing plus patented phone signal sensing, never cameras. Time-of-Flight captures geometry rather than images, and signal sensing captures no MAC address by default, so the measurement involves no video, no faces, and no biometric data.
Can a Wi-Fi probe sniffer still produce useful trend data for a venue?
Aggregated probe counts across long windows still follow the shape of a venue's traffic, so they can serve as a noisy trend indicator. They are not a good source for absolute headcount, unique visitors, dwell time, or cross-site visit chains in 2026, because MAC randomisation has undermined the stable-identifier assumption those metrics rely on.
