TL;DR:
- Researchers at Germany's Karlsruhe Institute of Technology built a system called BFId that identifies people using ordinary WiFi signals, with 99.5% accuracy across 197 test subjects.
- It works even if your phone is off. The system reads unencrypted beamforming data that WiFi routers constantly broadcast. You don't need to be connected to any network.
- No special hardware required. Any WiFi adapter in monitor mode can passively intercept these signals. No cameras. No apps. No physical contact.
- There's no fix yet. Encrypting beamforming data would require rewriting the WiFi standard and breaking backward compatibility with billions of existing devices.
- The researchers are calling for privacy protections in the upcoming IEEE 802.11bf WiFi standard, before this sensing capability gets formalized into every new router.
WiFi Signals Can See You
Forget cameras. Forget phone tracking. Forget Bluetooth beacons. The surveillance tool that should worry you most is already sitting on your desk, blinking quietly in the corner of your living room.
Your WiFi router.
Security researchers at the Karlsruhe Institute of Technology (KIT) in Germany published a paper at the ACM Conference on Computer and Communications Security (CCS) in Taipei demonstrating something that sounds like science fiction: standard WiFi routers can identify specific individuals walking through a room with 99.5% accuracy. No cameras involved. No phone tracking. The target doesn't even need to be carrying a device [1].
The system, called BFId, works by reading unencrypted data that every modern WiFi router already broadcasts. Radio waves bounce off your body in a pattern that's unique to you: your height, your posture, the way you walk. BFId captures those reflections and feeds them to a machine learning model that learns to recognize you in seconds.
"This technology turns every router into a potential means for surveillance," said Julian Todt, one of the KIT researchers [2].
He's not exaggerating.
How Beamforming Betrays You
Here's the technical part, and it matters because it explains why this is so hard to fix.
WiFi 5 (802.11ac), released in 2013, introduced a feature called beamforming. Instead of blasting signals in every direction, routers use beamforming to steer transmissions toward specific connected devices. Faster speeds, better range. Everyone wins.
But beamforming requires feedback. Connected devices periodically measure the wireless channel and send compressed reports (called beamforming feedback information (BFI)) back to the router. These reports describe how radio waves traveled through the space between the device and the router, including everything they bounced off along the way.
Here's the problem: those BFI reports are broadcast unencrypted at the MAC layer. Any WiFi adapter set to monitor mode can passively capture them. No password needed. No network access required. You just listen.
Previous research tried something similar using channel state information (CSI), but CSI only captures one perspective at a time. BFId is different. A single eavesdropper can record BFI from every connected client simultaneously, capturing multiple angles of anyone in the room. Each BFI data point contains 740 features, compared to 212 for CSI. More data, more angles, more accurate identification [3].
The result: 99.5% accuracy on 197 subjects, compared to 82.4% for CSI-based methods on the same test group. That's the largest dataset ever used in WiFi-based identification research.
What This Means for Every Space With a Router
Think about where WiFi routers exist: your home. Your office. The airport. Your local coffee shop. The subway station. The hospital. The protest march where someone set up a hotspot.
Now think about what BFId makes possible in each of those places.
"Regular café visitors could be identified without notice," Todt warned [2]. That's the gentle version. Here's the darker one: anyone with a $30 WiFi adapter and the right software could sit outside a building and catalog exactly who walks through it, when they arrive, and when they leave.
Felix Morsbach, another KIT researcher, put it bluntly: "Omnipresent wireless networks might become a nearly comprehensive surveillance infrastructure with one concerning property: they are invisible" [4].
Invisible is the key word. Cameras are visible. Phone trackers require your phone to be on. Bluetooth beacons can be detected with apps. But WiFi-based identification happens through walls, in the dark, with no visible equipment, and there's no indicator on any device that tells you it's happening.
Professor Thorsten Strufe, who leads the KASTEL Security Research Labs at KIT, framed the technique in terms most people can understand: "By observing the propagation of radio waves, we can create an image of the surroundings and of persons present... radio waves instead of light waves are used" [5].
Translation: your router sees you the way a camera does. It just uses radio instead of light.
Can You Stop It? Not Really.
The researchers tested countermeasures. The results are discouraging.
Reducing beamforming report frequency? Minimal effect. BFId maintained high accuracy even at heavily degraded sample rates [3].
Turning off your phone? Doesn't help. The system tracks radio wave reflections off your body. It doesn't need your device. It just needs other devices in the area to keep generating BFI data.
Encrypting BFI transmissions? That's the real fix, but it would require changes to the WiFi standard itself. And it would break backward compatibility with every WiFi 5 and WiFi 6 device already in use: billions of routers, laptops, and phones worldwide [3].
Right now, the only meaningful defense is not being in a space with an active WiFi network. In 2026, that essentially means not being indoors.
The IEEE 802.11bf Problem
This gets worse. The IEEE (the organization that writes WiFi standards) is actively developing 802.11bf, a new standard specifically designed to formalize WiFi sensing capabilities. Motion detection. Gesture recognition. Presence sensing. The same physical phenomena that BFId exploits for identification.
The KIT researchers are calling for privacy protections to be built into 802.11bf before it ships. But here's the pattern we've seen before: the standard will prioritize functionality and backward compatibility, privacy safeguards will be treated as optional, and by the time regulators catch up, billions of devices will already be deployed.
Sound familiar? It should. It's exactly what happened with location data, browser fingerprinting, and smartphone tracking. The surveillance capability ships first. The rules come later. If they come at all.
What You Can Do (For Now)
Realistically, individual defenses are limited. But here's what's worth knowing:
- Be aware of the threat. WiFi isn't just an internet connection. It's a sensing system. Treat it accordingly when choosing where to have sensitive conversations.
- Support encryption mandates. The real fix is encrypting BFI at the protocol level. Push for this in IEEE 802.11bf public comment periods.
- Watch for commercial products. If researchers can do this in a lab, commercial surveillance companies are already building products around it. Demand transparency from venues about WiFi sensing capabilities.
- Pressure router manufacturers. Companies like Cisco, Netgear, and TP-Link could implement BFI encryption in firmware updates, if customers demand it.
- Follow the research. The full BFId paper is published and peer-reviewed. Read it. Share it. Make sure policymakers see it.
The Bottom Line
We spent years worrying about cameras and phone trackers while a surveillance system was being built into the walls. Every WiFi router manufactured since 2013 has the hardware capability to identify who's in the room. The only thing missing was the software, and now researchers have published it.
The window to build privacy protections into WiFi standards is closing. IEEE 802.11bf is in development now. Once it ships without safeguards, we'll be living with invisible surveillance infrastructure in every building, every home, and every public space for decades.
Your router already knows you're there. The question is who else gets to know.
Sources
- ScienceDaily: "Ordinary WiFi can now identify people with near perfect accuracy" (May 22, 2026)
- The Debrief: "Experts Warn This 'Invisible' Surveillance System is Already Built Into WiFi"
- Tom's Hardware: "Researchers identify people through ordinary Wi-Fi routers with 99.5% accuracy"
- SciTechDaily: "Researchers Warn: WiFi Could Become an Invisible Mass Surveillance System"
- Todt, Morsbach, Strufe: "BFId: Identity Inference Attacks Utilizing Beamforming Feedback Information" (ACM CCS 2025)
Published: May 31, 2026