How open are Vivokey products?

Hopefully Mastercard and visa will move things fast forward.
Otherwise we need a walletmor capability on the apex :slight_smile:


It really sucks if you ask me. We’ll see if things change moving forward. I think fidesmo does this, so we have higher chances of getting 1 chip wich can do payments (or other sensitive things, think insurance) AND user things like OTP and PGP.
Keep in mind, this is the first project of it’s kind. We don’t know what happens in a year or 10, but for now I think a locked down ecosystem like the Apple App Store might be the easiest way to get others (like mastercard/visa) involved.


Agreed, if payment becomes a thing on vivokeys it’s 100% worth putting up with whatever restrictions Fidesmo puts down. Yet I feel like we’re at a pivot point where whatever standard breaks the ice to the general public will later be accepted as the norm and will be hard to go against so let’s make sure we future proof by keeping as many options open as possible. To use your metaphor, we need the Android/Apple balance :laughing:


I get your point and yo VivoKey does sound like internet of shit if you just hear it (IMO).
But there are other good reasons NOT to do a cypherpunk version where users manage everything → it would result in tons of bricked chips (e.g. lost keys). I’m sure amal knows this crowd exists.

Also afaik there’s still that thing where you can potentially untie from fidesmo at some point and get the keys.

We will see…


User freedoms are super awesome. It would be cool to have a smartphone that could boot any OS, hot swap batteries, block ads out of the box, and so on. A real wild wild west sorta gig is cool, I really want that too, but… A real platform oriented company needs to ensure users don’t easily brick their own devices or undermine the ecosystem’s attractiveness to partners that help make things possible. A couple good reads related to this are “Catalyst Code” and “Paying with Plastic”.

ISBNs 978-1422101995 978-0262550581


amal is not allowed to do that :confused:

In some cases it is worse than that. If you can write to a tape once and it then fails that has been considered to be the lifetime of the tape. So in that case what use is a lifetime warranty?

I’m weighing in in-support of more open and user-“owned” processes for installing applets. It’s been expressed to me by others that the idea of having an implant installed in your body where the installed applets are in-effect controlled by Fidesmo is potentially problematic. If the applet is modified somehow in-transit between publishing and upload, it would be possible for a PGP applet to leak data on signatures made by a Vivokey.

How likely is this to be a real problem?

Who knows (besides Fidesmo). But an open path should be the end goal, here. If the Vivokey is proposed as a form of identity, shouldn’t the end-user own that identity?

I’ll be implanting this new Vivokey, but my threat model isn’t as sensitive as perhaps it should be. This is just me asking for the feedback to be heard and understood. @lrvick might have something to add.

1 Like

My thought process is my phone number, email, SSN, vivokey, and now Apex are all parts of what I use to validate my identity. How’s the Apex using fidesmo any different than those other methods? If I’m the only one who knows I am who I am it’s not very valid. Identity verification requires a 3rd party to be truly valid.

Applet injection would be incredibly difficult. Have you installed anything on it? It’s not fast… And if it’s tampered with it’ll fail. I won’t say impossible but I’ll say it’s way safer than using a keyboard to type a password.

1 Like

I agree in principle but my concerns extend to the reliability and continuity of service from Fidesmo also.

Although I can accept it as a possibility, I’m not thrilled with the idea that one day I may not be able to deploy or administer applets on a smart card which is implanted under my skin.

There was discussion of the ability to unlink the Apex from Fidesmo, which I’d like to hear more about if it’s known.

I’m more referring to potential tampering by Fidesmo, such as at the request of a three-letter agency, for example.

Yes, on my now-bricked Flex (the old, original one).

Government level threat models are not likely to be avoided. There is a reason the NSA gave up trying to control cryptographic technology… and that’s because they realized two things; 1) it’s not possible to control math, and 2) it’s far easier to exploit the analog hole by attacking the interfaces rather than the cryptographic algorithms themselves. Fidesmo does not need to try to get you to remove then redeploy a modified applet to your Apex then they could just simply attack your phone, laptop, and computer to surveil what you’re doing and take cookie based session codes once.touve authenticates.

In short, if you are a target of a 3 letter agency, they won’t bother cracking your crypto because they won’t need to.