What your Wi-Fi is actually broadcasting (and how ARK finds it)
Last month, a user emailed us: 'I always thought my router was secure because I set a password. Turns out it was broadcasting my SSID on an outdated protocol.' That message landed on a Tuesday. By Thursday, we'd had six similar ones. It turned out we weren't explaining Wi-Fi risk well enough.
The gap between a password and actual security
Most of us treat Wi-Fi security like a front door lock. You put a password on it, and you assume you're safe. But a Wi-Fi network broadcasts far more than the password suggests. It sends out beacon frames with your network name, supported protocols, encryption type, and channel information. Anyone in range can see this, analyse it, and start testing for weaknesses.
When we started building the Wi-Fi analyser for ARK, it became clear that our users weren't aware they could be running WPA2 on a 2.4GHz band with SSID broadcast enabled. They didn't know that mix made them vulnerable to downgrade attacks or brute-force attempts. It's not malice. It's just that consumer routers bury these settings three menus deep, and the defaults aren't set for paranoia.
The Wi-Fi analyser was built to change that. It's a Shield-tier feature that scans your current network and returns a report on what's actually configured.
How the scan actually works
When you run the Wi-Fi analyser in ARK, the app connects to your phone's device network data. It doesn't need root access or administrator privileges. iOS and Android both expose enough network information via standard APIs that we can extract the key signals: the SSID, the protocol version in use, the signal strength, and the encryption type.
From that, ARK tells you whether you're on WPA3 (the current standard), WPA2 (acceptable but aging), or anything older (serious problem). It flags whether your network name is being broadcast or hidden. It even checks if you're on the 5GHz band (better security profile) or 2.4GHz (more penetration, more legacy vulnerabilities). All of that happens on your device. We don't send your network name or any identifying data to our servers. The analysis is local; only the result reaches us, and only if you let it.
That privacy constraint shaped the whole feature. We could have pulled more data, cross-referenced it with public Wi-Fi vulnerability databases, run deeper packet analysis. But that would have meant streaming your network traffic or storing metadata we didn't need to keep. Instead, we focused on the facts that matter most and leave the interpretation to you and one-tap fixes.
What happens after the scan ends
A security score is only useful if it leads somewhere. We learned that early on when users would see a warning and then ask, 'Now what?' The answer used to be 'go into your router settings and change these things yourself,' which works fine if you know your admin password and remember how to SSH into your device. For most people, it's a dead end.
So we built remediation deep-links into ARK. When the Wi-Fi analyser finds that your encryption is out of date or your SSID is being broadcast, the report includes a one-tap link that takes you directly to your router's settings page, already logged in if possible. On some routers, we can pre-fill the recommended settings. You're not left staring at a problem; you're handed a path to fix it.
That doesn't solve everything. Some routers have terrible interfaces. Some require factory resets to change certain settings. But we've found that removing one layer of friction gets people to act rather than ignore the warning. The difference between a security recommendation and a security improvement is usually just that one step.
Why this matters more than you'd think
Your home Wi-Fi is the gateway to every device on it. A phone, a laptop, a smart home hub, your partner's tablet. If the network itself is weak, then all the individual device security in the world doesn't protect you from someone sitting in a parked car outside your house, trying to intercept traffic or hijack a device mid-connection.
We see this in the breach data that flows into ARK. A surprising number of people who've had their accounts compromised also report suspicious logins from networks they don't recognise. Often, it traces back to a Wi-Fi network they use regularly (home, office, coffee shop) where the protocol is weak or the broadcast settings are too loose.
The Wi-Fi analyser won't stop a determined attacker with tools you've never heard of. Nothing will. But it removes the low-hanging fruit. It closes the gap between 'password protected' and 'actually secure.' For most users, that's the meaningful move.
A small feature that says something bigger
I mention the Wi-Fi analyser often when I talk about ARK because it's a small feature, but it revealed something true about how we think about security. We didn't want to build a feature that scares you with data you can't act on. We didn't want to pretend we could do something we can't. We wanted to show you what's actually happening on your network, tell you what the risk is in plain language, and hand you a way to fix it in one tap.
That design principle runs through everything in ARK, whether it's the stalkerware detector (free for everyone, because if you need it, a paywall shouldn't get in the way), the breach check (which uses Have I Been Pwned data so we don't have to store your passwords), or the dark-web monitor (which runs scans without broadcasting what email addresses we're looking for). Privacy-first means you have control over what you share and when.
The Wi-Fi analyser sits in Shield, alongside password health, DNS leak tests, and phishing scanners. It's not the flashiest feature, but it's the one that makes the most sense if you're thinking clearly about where your devices actually live.
If you've never looked at your Wi-Fi settings in years, there's a good chance something there is out of date. What would change if you knew exactly what your network was broadcasting?