Global Platform GUI

The flexSecure is a lot of work. What apps are available? What the heck is even installed on it? How much space do I have? And it goes on. So I made a thing.

screenshot1606×1275 70.4 KB

screenshot_app_description1606×1275 129 KB

It comes with all the usual warnings: use at your own risk etc. It’s still pretty early in development so it may crash on your–sorry. Next phase is a maintainability refactor. But first, it would be good to see if people think it’s useful or have any input about it as it stands.

Features:

• Lists the (supported) available apps in the latest release
• Can install (it will download, install, then remove the cap file) and uninstall
• Can create initial records for the NDEF app
• Allows you to name transponders (this is stored locally)
• Allows you to change the master key (this is stored locally)
• Tracks whether tags are known (to keep you from sending default keys to those without one)
• Supports adding other resources as ‘plugins’ (ie, other repos with cap files or even just to decode names)

Anything remotely serious is encrypted. Key management is handled by keyring. If you have GPG installed, you can use the smartpgp applet to wrap the secure storage instead. I am tempted to add SeedKeeper support as well.

Want to give it a go? Windows binary

Github Repo

A huge thanks to @Pilgrimsmaster for being the guinea pig. Also to @StarGate01 for badgering @amal into offering the flexSecure and @GrimEcho for putting together lots of early documentation. And of course to Martin Paljak who has been maintaining Global Platform Pro for a hot minute.

This is great! Nice work! Next logical feature would be configuring the installed apps I assume

Eh, that’s on the list. My intention was to offer the ability to install each of the apps we offer before moving on to that. But I suppose there’s something to be said about finishing the full scope of each in a go. Which would mean:

• NDEF
• PGP
• YkMAC shenanigans
• OTP

Maybe some other things I’m forgetting?

From a personal preference standpoint, when implementing something like this which has multiple items and each one has slightly different characteristics, I like to tackle a few items and then fully support them. That way when I inevitably need to do some major refactoring, I have a better understanding of how the whole system fits together, and I have less items that I need to propagate changes for.
Just my 2¢ either way this is a great tool

That makes a lot of sense–thanks!

You certainly did.

As mentioned, I was fortunate enough to get early access as said “guinea pig”

I had the simple job of just trying to break it, but the errors and feedback I gave Tac0s, he pushed out an update / solution super quick.

Every itteration just got better and better until Tac0s was happy to release it, and now here we are.

This has truly opened up the FlexSecure to everyone.

A simple .exe and you are up and running easily and simply.

Then you use your FlexSecure just like an Apex on ApexManager.

A Really Really huge step in the right direction.

Thanks @StarGate01 , @GrimEcho for laying the groundwork

and Tac0s for “Doing a thing”

17447025554704578628296459500746619×495 20.2 KB

Really cool project! I am sure this helps to lower the barrier to entry quite a lot, thank you!

This looks awesome! I will try and test it out this weekend. Love that it was written in Python too, which is 75% of what I develop in now days.

I got my 2 new DT Java cards today, and rather than my previous rigmorale of set up, I simply plugged in my ACR122U, Ran the Global platform GUI

Clipped_image_20250501_213417540×852 198 KB

I was done in minutes.

Note,

It also comes preloaded with the same applets as the flexSecure:

Free Memory: helps determine the amount of free space on your device using Apex Manager

FIDO2: Act as a Passkey with U2F fallback

OTP Authenticator: Generate codes in vivo

NFC Sharing: 32kb NDEF container

Very nice app.
This maybe off-topic in context of flexSecure and applets offered just by Dangerous Things.
But I can express some feature wishes from my side, like:

• possibility to point to local folder with .cap files, aka .cap files library,
• manually add/edit description to cap files and save for example to sqlite local db
• support for PC/SC (contact) interface in addition to NFC (contactless)

Feel free to open issues for the feature requests

This has had some movement recently. Here is the current release candidate. Linux release is up now. I’ll build windows and mac os tomorrow.

Things added:

• contact card support
• java + java version detection
• busy/status reporting
• exportable storage
• yaml based plugins w/integrated wizard
  • Sample plugins for installing and managing: NDEF and SmartPGP
  • Plugin videos to come Soon™
• fidesmo support (detection is based on javacard memory reporting/manually specified by using “FIDESMO” as a key)
• dark mode support
• more stuff i forgot about

Screenshot from 2026-02-05 18-21-421263×666 30 KB

Screenshot from 2026-02-05 18-22-121263×666 68 KB

Thoughts?

Hell yeah!

It does look like the assets have the flipper app instead of this build though

haha sorry! fixed. I guess that means it’s time to stop working for the day.

Does fidesmo support means we can install/delete fidesmo apps on the apex or on the flex secure ?

You can use the Fidesmo app for Android or iOS, or you can use the Java fdsm utility at;

No, Apex only

The fdsm tool is baked in, so yes, you can install apps on the Apex. If you have an api key from fidesmo, i believe you could install any caps you have onto your Apex.

Edit to clarify: Yes, you can also still use it for the flexSecure/J3R180/other JCOP transponders. It just also supports Fidesmo devices now.

To clarify the clarification.. “it” in “use it” does not refer to fdsm.. the fdsm utility is strictly for Fidesmo keyed smartcard chips like Apex.