What is Samsung Secure Wi-Fi for Android?

Samsung Galaxy and Note smartphones come with a pre-installed app called Samsung Secure Wi-Fi. The app can’t be uninstalled from the app manager on the device. Scroll to the bottom of the article for uninstallation instructions.

Samsung is thin on the details and doesn’t say much about what the service does. Every time you connect to a Wi-Fi network it sends you the following promotional push-notification.

“Secure Wi-Fi helps protect your privacy on public Wi-Fi networks. Try it out now.”

“Secure Wi-Fi helps protect your privacy on public Wi-Fi networks. Try it out now.”

The notifications are classified as an advertisement in Android’s notification center. You can normally disable notifications from third-party apps. However, Samsung has disabled the ability to disable notifications from some of its apps including Secure Wi-Fi.

This information in the notification is repeated inside the app and is just about all the information you get. The app says you get 250 MB/month for free or pay 2 Euro/month for unlimited data. But what are you paying for if you sign-up for Samsung Secure Wi-Fi?

Samsung has jumped on the Virtual Private Network (VPN) service-provider bandwagon. A commercial VPN service, like Samsung Secure Wi-Fi, encrypts all your internet traffic and relays it through a server controlled by the company. This enables you, to some extent, to hide your internet traffic pattern among the crowd of other customers using the same server. It also gives the server operator insight into what apps and websites you visit.

I find it notable that Samsung doesn’t ever refer to Secure Wi-Fi as a VPN service. It’s consistently vague about offering “protection” and the service’s name implies it offers “security”.

You normally get a scary warning message saying all your internet traffic is routed through a third-party when you connect to a VPN service. Samsung suppresses this warning for Samsung Secure Wi-Fi; something a third-party VPN app can’t do. This is arguably an abuse of its market position as an operating system distributor.

Samsung Secure Wi-Fi connects through an IPSec tunnel — an industry standard for VPNs — using a bundled version of the StrongSwan VPN client. The backend infrastructure is managed by McAfee and provided through Google Cloud. Neither of these companies is mentioned in the service’s privacy policy even though all your internet traffic is routed through them.

Commercial VPN services offer almost no benefit to their customers. The majority of internet traffic is already encrypted. There are only a handful of use-cases where it’s still advisable to use a VPN service. VPN service sales are driven by fear-based marketing and meaningless marketing terms like “military-grade encryption.”

You can configure the Samsung Secure Wi-Fi app to automatically connect to the service whenever you connect to an untrusted Wi-Fi network. The app lets you opt-in to sharing your location data with Foursquare to unspecifically improve this portion of the app. As far as I can tell, doing so makes absolutely no difference to how the app operates.

In my testing, it took about one minute from you connected to a Wi-Fi network before the VPN service is turned on. I’ve also experienced the app just not turning on at all after connecting to an unencrypted and untrusted network. The app fails to live up to its promise to protect my device.

You can exclude certain apps from being routed through Samsung Secure Wi-Fi. By default, Samsung excludes YouTube, Google Drive, Google Photos, Galaxy Store, and Google Play Store. These are all data-heavy apps that use encrypted connections to their respective backend services.

You can uninstall Samsung Secure Wi-Fi if you want to get rid of it. You’ll need to set your device in Developer Mode and issue a few special commands to it from your computer. Follow this bloatware removal tutorial. The Secure Wi-Fi package is called com.samsung.android.fast.

Samsung Secure Wi-Fi should not be confused with Samsung Max (formerly Opera Max). The two apps and services are completely unrelated despite the similar name and parent company connection.