June 2022 VivoKey Apex Flex update

to be clear, the reader works out of the box… our FIDO2 applet still needs work before it will work with windows. For now you can attempt to register it with windows, but it does not give you the setup option after tapping… we are missing some optional FIDO2 extensions which are required for windows.

1 Like

that is on the table… eventually. it will take some driver level magic to actually make work… possibly a USB wireless token + driver magic if we want to support things like VeraCrypt bios/boot level drive decryption.

2 Likes

As soon as that is finished/near completion, is when I’ll place my order. Looking forward to seeing the final product :grinning:.

don’t you want that thing all healed up when the applet is ready? :wink:

3 Likes

Good catch. I should have been more specific on my wording. This is what I meant :sweat_smile:

1 Like

Oooh good point :laughing:

Issue is I’m not sure where to put it. Running out of room. I had a “special spot” saved for the Flex/Mega, because I wanted it there for purposes of Credit Card…

Amal is currently working on a payment conversion for me, so if that is successful, I’m putting it where I planned on putting the Flex.

3 Likes

3 posts were split to a new topic: CyborgFirefighterTetris

Hello,

Is there an Apex testing card?
I want to ask some colleagues from fintech companies to test their available features with Apex.

Apex Flex is in. Settled pretty close to my knuckle, but I’m not overly concerned.

Had an amazing experience setting it up as a backup fido device on my Google account. Everything “just worked” TM, including desktop auth (windows+firefox)

3 Likes

did you use the u2f or fido2 beta applet?

U2F, I tried the FIDO2 app too for fun, it installs but throws a “This Key Cannot Be Used” error on registering.

1 Like

where? with which service?

Google account.

Ok thanks

Isn’t this a certification thing? I know google doesn’t support any security key, but yubikeys for example.

Not something I’ve seen, docs say “any Fido compliant” device. If they were going to lock it down I’d assume they’d do it to just their own titan keys.

So this is where things get annoying. Fido2 has some core features that must be supported… and a collection of various optional features that may be supported… you know… those terms often used in specification documents… must and may and shall… anyway, Microsoft and Google apparently require some of those may features… so it’s possible to be fully fido2 compliant with all those must features, but still not work with a particular relying party because they require some optional features be supported.

7 Likes

So is it just software that would need to be adjusted to add those in or is it a hardware issue?

Software. This is why our fido2 applet is still considered beta.

1 Like

I just recently set up a few Yubikeys and the difference in how each service does ‘2FA’ and talks to the key is quite surprising.

Am keen to get testing with the Apex (soon TM).

1 Like