Cross platform trigger without app

My xNT chip reads fine with iOS or android NFC apps, I primarily use it to store a vCard file. I know this should be simple but what do I need to do to make it readable without an app? Seems like plenty of passive NFC tags pop up notifications for Wi-Fi networks, URLs or URIs without a reader app. What am I missing to enable this on iOS and android without a reader app? It it because it’s a file rather than a url? I could host the .vcf on my site but I like the fact that no internet connection is needed to get it now.

1 Like

My vCard properly formatted is already maxing out data storage, so your idea isn’t a good fit. Also it doesn’t seem to really be implemented, nice concept though!

Yeka’s bouncer is a nifty trick. The problem is, it doesn’t really solve any problem:

  • If you’re okay with private data hitting the internet when it doesn’t need to, just host the vCard file somewhere and encode the URL in your tag.

- If you’re paranoid about it, the issue isn’t the hosting of the file, it’s that it goes out on the internet at all. As soon as the data goes out on the interpipes, it traverses a multitude of routers and servers that are increasingly operated by Big Data sumbitches out to make a buck on any data and metadata they can capture, and it’s as good as public. This is not correct. The data doesn’t get sent with Yeka’s method, My bad. But you still need the internet to be up and a valid host.

  • If you want to share your vCard where there’s no internet, you’re SOL

The technical limitations Yeka’s bouncer tries to solve is that Android ignores data: URLs (which are valid and would allow a base64 NDEF to be opened by the browser locally without ever hitting the internet) and iOS doesn’t understand text/vcard MIME NDEFs. Making the base64 data go through the internet sidesteps both limitations, but it totally misses the point of not going through the internet at all.

There is no technical way to have a vCard handled by both platforms without hitting the internet. It’ll only happen when Apple finally decides to support the text/vcard NDEF MIME, Android-stylee.

I’ve thought long and hard about this problem, and in the end, I’ve decided to simply ignore iOS altogether. I care more about my vCard being delivered locally and my implant being standalone and not requiring anything else than supporting Apple users: in my neck of the woods, I’ve yet to meet a single person who owns an iPhone :slight_smile: YMMV and you might decide otherwise.

vcard data doesnt ever go to the internet with my solutions, the data is in the url, but only behind the #, browsers dont send that data, no server ever sees the data.

Doesnt happen, location.hash never reaches the server.

No well kinda I’m solving the problem of vCARD data in the internet which would also be solved by data urls.

Try it yourself and look at the traffic with a proxy, vCARD data never lands in the interwebz.

Yeah its just a proof of concept…

“Clients are not supposed to send URI fragments to servers when they retrieve a document”

Clients here being browser which follow that spec.

Ooh… Ok then I misunderstood what you did there. Sorry I misunderstood.
Now you’re getting me very very interested :slight_smile:
I’m gonna take another close look right this minute.

EDIT: Damn you’re a clever cookie. I’m gonna play around with my COVID certificate HTML and see if I can get it displayed without downloading it with this. Now that would be grand!

EDIT2: Actually there’s a flaw in the the slaw: the host still needs to resolve and be reachable. So while the data doesn’t actually go there, you still need the internet. Bummer…

2 Likes

Yes thats a problem for your usecase. It’s small static hrml though so you could put this on some big CDNs around the world.

Yeah I looked at it. It has a bit of Javascript in it to process the data client-side.

Like I says, that’s clever: it does take care of half the problem, which is not exposing your data to the innurnet. But yeah, it kinda kills the goal of being totally innurnet-free :slight_smile:

I thought about this, it’s just not possible. As you have tested no data uris etc.
People here need internet to check certs because they need to check for revoked certs, so this is not a requirement for me, lucky me.

Well it’s not possible if you want iPhones to scan your bits. If you concentrate on Android-only, it is.

1 Like

I’m not a tinfoil had, it’s not a privacy issue just convenience of being able to share without internet. Since the URL encoding will be too large I guess I’ll just host the file.