SecurePass FAQ

A captive portal asks visitors to fill in a login form every time they connect. SecurePass replaces this with a digitally signed WiFi profile - installed once in around 30 seconds. After that, the device connects automatically on every return visit with no portal interaction required.
No. SecurePass runs alongside your existing portal. Visitors who enrol connect via their profile. Visitors who do not enrol continue using the portal as normal.
It significantly improves them. SecurePass identifies visitors by their profile credential, which never rotates - unlike MAC addresses on iOS 14+ and Android 10+. Return visit rates, dwell times, and visit frequency all become accurate.
SecurePass Profiles are available on Connect, Capture, and Engage licences. The SecurePass SDK requires Engage. The Purple App is free on all licence tiers.
The Purple App is free on iOS and Android. Visitors install a SecurePass profile and auto-connect at your venue and 80,000+ OpenRoaming locations worldwide. Available on all licence tiers - no development work required.

Download on the

App Store

Get it on

Google Play
Use your SecurePass enrolment URL - found in Company Settings → Management → Settings. Include it in booking confirmation emails, pre-visit SMS, or loyalty communications.

Primary: rad1-secure.purple.ai · Secondary: rad2-secure.purple.ai · Auth port: 1812 · Acct port: 1813
Yes. SecurePass requires a dedicated SSID with WPA2/WPA3-Enterprise and Hotspot 2.0 enabled. Do not reuse your existing captive portal SSID. The SSID must be broadcast - hidden SSIDs prevent auto-connect.
Certified vendors include Cisco Meraki, Cisco Catalyst, Aruba (HP), Ubiquiti UniFi, Ruckus, TP-Link Omada, Juniper Mist, and Fortinet. Any AP that supports Passpoint / Hotspot 2.0 and WPA2/WPA3-Enterprise is likely compatible. See full list →
SecurePass uses WPA2/WPA3-Enterprise with 802.1X mutual authentication. Traffic is encrypted at the radio layer, devices only connect to networks with a valid digital certificate, and rogue access points are blocked at the authentication stage.
For portal or URL-enrolled visitors, revoke access from the Purple dashboard under Management → SecurePass Profiles. For SDK-enrolled visitors, contact Purple Support.
Yes. SecurePass can sync with Microsoft Entra ID and Google Workspace for Staff WiFi deployments, enabling automatic profile revocation on offboarding. Contact Purple Support to configure directory integration.
Nothing changes - the visitor continues through your existing captive portal as normal. SecurePass is additive; unsupported devices are not blocked or affected.

After tapping "Download WiFi Profile" and allowing the download, go to Settings → Profile Downloaded → Install. Do this before leaving the page. Once installed, your device connects automatically every time you visit.
No. After installing the WiFi profile once, your device connects automatically on every return visit - no login, no portal, no action required.
The Purple App is a free WiFi connectivity app on iOS and Android. It lets you install a WiFi Pass and auto-connect at this venue and millions of trusted locations worldwide.

Download on the

App Store

Get it on

Google Play
iPhone/iPad: Settings → General → VPN & Device Management → find the profile → Remove.

Android: Settings → Network & Internet → WiFi → Saved Networks → Forget.

macOS: System Settings → Privacy & Security → Profiles → Remove.
On iOS, confirm you completed the Settings install step - downloading is not enough. Try toggling WiFi off and back on. If still not connecting, speak to a member of staff.
Yes - your device will auto-connect at any of the 80,000+ OpenRoaming-enabled locations worldwide, including airports, hotels, stadiums, and transport hubs.