Apex Flex + iOS app problems

I get that screen for some of the apps as well.

sorry guys, but saying something “doesn’t work” is like pulling your car into the shop and saying “doesn’t work”. more information is needed.

ah ok… so the ndef application has a bunch of different install options because you can install different sizes of container… so the service ID can be one of the following;

  • ndef1k
  • ndef2k
  • ndef4k
  • ndef8k
  • ndef16k
1 Like

yes the reason for this is that we forked the yubico otp applet and made improvements and changes… with more to come… so we had to drop support for the “standard” AID that the yubico authenticator smartphone app uses to interact with the otp applet


Interestingly enough with the OTP and then also the HMAC applet installed it was identified by the Yubikey app as two different Yubikey models so it must still look something like a Yubikey to the software.

Is the NDEF the only one with several install service names?

EDIT: Also, any chance to publish the old Yubikey compatible OTP applet? For my use case wide compatibility with all OS’s would be more desirable than extra features.

Unrelated but just curious about the vivokey authenticator app, but if someone else installs it on a phone and scans my apex will it still generate codes? I don’t have a second phone to test this question out myself

That makes sense, and also brilliant that you can partition like that. Thank you @amal

One more quick Q. Is there a way to either check what is on the apex and/or delete some of the installed applets?

The reason is, that I tried to install the 1k with the NDEF and I couldn’t do it due to space, which I’m guessing I accidentally installed the NAK a few times.

I think the Android app shows what’s installed, just a bug with the iOS app at the moment.

fido / u2f have two different names…

  • install_u2f
  • install_fido2

that’s why you can protect code generation with a passphrase :slight_smile: set that in your app and then only apps that send the passphrase first can generate codes.

fidesmo app… even if you can’t deploy applets with it on iOS you can at least scan and should be able to see what’s on it.

or use the windows command line app fdsm.exe or fdsm.jar (java) if you’re nasty.

send the command;

fdsm.exe --card-apps

and you will get back a list of apps deployed

1 Like

this should not matter… it only goes on once even if you try multiple times. it all deploys under the AID so deploy once or 100 times it will deploy to the same “file” every time.

Got it. How big is the NAK applet? I’m running a mac, and Parallel’s isn’t working right for me right now. The Fidesmo app on my iOS only lets me scan to connect or to install an applet, and won’t tell me how much memory is used/left or what is on the apex. Am I wrong to assume you can have multiple applets on the Apex at the same time?

When I try to install the * ndef1k applet, it tells me “Installation Failed, You may not have enough free space for both the NDEF applet and the NDEF data container.”

I have NDEF, NAK, and OTP all installed

1 Like


So with the Fidesmo app on an Android device I have successfully installed the U2F and SmartPGP applet.

U2F seems to be working as expected and have enrolled several websites feeling super cyber as I go even though the the Mega is not implanted yet.

SmartPGP is recognised by Kleopatra on Windows and allows me to change PIN/Admin PIN, set basic details well enough and seems to allow generation of RSA2048 bit keys (as is the default based on my reading of the GitHub repo) but this failed partway through and seemed to disconnect from the reader and then reconnect with no key having been generated, not sure what happened there and will try using the smartpgp-cli tool to change some defaults and test more later. Has anyone else used the SmartPGP applet successfully?

NAK seems to work fine as always.


Scanned again this am and great success!!!


200 (11)

1 Like

Since I started this topic I figured what better place than to say thanks to Amal and everyone here. Since I’ve had the install, I’ve had 3 or 4 real world uses of the NAK applet. Mainly when I get to the car and realize (err mutter shit) :upside_down_face: the phone is in the house. Or do I have to dig for the key card? Nope just pop the old hand up there and success I’m in. Hell yeah! Works so nicely. Thanks so much for everything.

I will say the damn Tesla door scanner is :thermometer: as hell in the summer sun. Gotta be quick on the draw err put away. Haha


I have this issue with outdoor readers on buildings sometimes. Black plastic baking in the sun all day makes for an unpleasant experience with implants.

1 Like

I have had the same experience. I always forget my phone when I’m in the house or at the office and need to run to my car. I also have my mom’s Telsa programmed, it came in handy (no pun intended) last weekend when I needed to grab my mom’s car.

And yeah be careful in the sun that get hot…


Just curious, what orientation people are holding their iphones in when trying to scan Apex Flex? I tried scanning my NDEF record with my GF’s 12 pro and no matter how I held it against the Apex I couldn’t get it to scan.

I’m able to get it to scan on my Android, and I’m able to get a scan with her iPhone on my xSIID just not the Apex.

How are you guys holding your iphones to get Apex scans? Top edge parallel or perpendicular to chip? Something else?

@Dondula , on my Pixel 6, the Apex Flex reads perfectly in my outer forearm, just above my wrist, in any orientation.