Hi all,
Sorry if this is a dumb question but im deciding on a java card implant. Im not an expert in JCOP, but know enough to get things installed without bricking cards (test cards). My main decision point is what would happen if Vivokey or fidesmo were no longer around. Would applications currently installed to the apex continue to function? Only new applications couldn’t be installed, correct?
I know there are some applications not available for the flexSecure, namely the tesla keycard emulator. Are there any others? Any other things to consider? I dont mind being tied to vivokey per say, just compiling a more detailed pro con for myself that Im having trouble finding answers for
Not a dumb question at all.. actually a question that reveals a bit of forethought and apt level of concern for the longevity of a product going into your body.
While Fidesmo and VivoKey have an agreement such that if Fidesmo should “go out of business” that keys for Apex products will be disclosed to VivoKey, and as CEO of VivoKey I’ve stated many times I would make every effort to offload critical Apex functions to the community and / or Fidesmo should VivoKey spin down.. we can’t assume anything, so let’s not and move on under the assumption nothing will be done to ensure continuity for the customer should either company shut down.
If Fidesmo went out of business, you could continue to use the apps on your Apex but you could not deploy new apps or remove old ones. You would be “stuck” with whatever apps you had.
If VivoKey went out of business, you could not deploy the FIDO2 applet (we push our attestation certificate from our servers as part of the applet deployment) or the Verify applet. The other applets are actually hosted on Fidesmo servers so you could continue to deploy those without issue.
but you’d have to join DT Club to learn about it and it does affect your purchasing options.
I was already going to join eventually but I guess this gives me even more of a reason.
key sharing
Good to know there is a plan in place, and worse case scenario at least some of the implant would still function. FIDO2 was my major concern, but considering the certs expiring was something I overlooked but that’s more a protocol/trust model thing.
Thanks for answering, it’s some time off before I actually make the purchase so I’ll decide then. (Or just get both if I have a windfall)
