Understanding Mac Address Randomization and How it Works?

Published on Mon, Feb 24, 2025 | 2 weeks ago
Understanding Mac Address Randomization and How it Works?

MAC addresses are an important part of modern networking. They allow users to connect to internet access points and access the web. Without a MAC address, that is not possible. 

A MAC address is a special identifier tied to your device’s hardware (NIC). Unlike IP addresses, you cannot change this address. This means advertisers and marketers love to track MAC addresses to snoop on prospective and existing customers to profile them using their activity.

This is, of course, a gross violation of one’s privacy. So, how do people protect themselves from this kind of invasion of their privacy? The answer is MAC address randomization. 

Today, we will learn what that is and how you can use it to protect your privacy to a stronger degree.

Understanding MAC Addresses 

Before we can start learning about MAC address randomization, we need to understand a bit about what a MAC address is and how it is used in networking. 

What is a MAC Address?

MAC stands for “Media Access Control”. The MAC address consists of a 12-digit hexadecimal number. This number is inscribed onto a device's network interface card (NIC). 

This 12-digit number is divided into two parts: the first six digits are called OUI (organizationally unique identifier), and the last six digits are called the serial number. A MAC address lookup tool can use these numbers to pull data related to the actual device. Marketers can use that data to track consumers.

Role of MAC Address in Networking and Tracking

Unlike a public IP address, MAC addresses do not get shared with the rest of the network. They are only used when connecting to an access spot like a WiFi router. The router uses the MAC address to forward the right traffic to each device.

However, a MAC address can leak during the handshake process, where it is broadcast to all WiFi networks when looking for a connection. This is why places like shopping malls with a lot of public WiFi networks are treasure troves for finding a bunch of MAC addresses. 

In fact, malls track a shop’s foot traffic and customers between different shops. Then, they use this information to set up various kinds of advertisements and promotions to maximize engagement and conversions.

What is MAC Address Randomization?

MAC address randomization is a technique in which your device uses a fake address for each network. Let’s say you are walking in a mall, and there are five different public networks in the mall, and your device can connect to all of them. With MAC address randomization, all five networks will receive a different MAC address.

This essentially limits the amount of tracking that can be done because nobody can track the device from one network to another. The MAC address is randomized during broadcast, so no network knows what the real MAC address of a device is.

This limits how much a device can be tracked between different networks.

Another feature of MAC address randomization is that any generated MAC address is used only with a single network. Here’s an example: let’s say there are five networks in a mall, we will call them networks 1, 2, 3, 4, and 5. So, if address A was generated for network 1, then address A won’t be used for networks 2, 3, 4, and 5. Similarly, an address B for network 2 won’t be used for networks 1, 3, 4, and 5. 

This is how MAC randomization prevents tracking between different networks.

How Does MAC Address Randomization Work

MAC address randomization is a relatively simple process. Here’s a breakdown of how it works and how it's implemented in different operating systems.

Generating a Random MAC Address

The operating system generates a fake MAC address instead of using the device’s real hardware-based MAC address. This is done via proprietary algorithms that are specific to each operating system.

This randomized MAC follows the standard MAC address format but ensures uniqueness within the network. So, there is no chance of clashes and duplication with other devices on the network.

How It’s Implemented in Different Systems

  • Android (Android 10 and later)
    • Uses a different randomized MAC for each saved Wi-Fi network by default.
    • Older versions required manual activation.
  • iOS (iOS 14 and later)
    • Enables MAC randomization by default for all Wi-Fi networks.
    • Users can disable it for specific networks if needed.
  • Windows (Windows 10 and later)
    • Allows enabling MAC randomization per network or globally in Wi-Fi settings.
  • Linux/macOS
    • Some Linux distributions support MAC address spoofing with tools like “macchanger”.
    • macOS also uses randomization when scanning for Wi-Fi but uses the real MAC when connecting.

Conclusion

So, there you have it: MAC address randomization, how it works, and how it improves your digital privacy. Privacy is everybody's right, and nobody should be able to track you if you don’t want them to. So, educating yourself on how to do that is one step in the right direction. 

MAC address randomization is just one of the many ways of ensuring your privacy, but you should also look into things like VPNs, proxy servers, and end-to-end encryption to enhance privacy in the rest of your digital endeavors.