ACR122U or its successor ACR1252U … Windows 10/11 has FIDO support built in to the OS and is compatible with most browsers. Basically the site asks the browser for a FIDO security key scan, and the browser asks the OS, and the OS asks you… and you tap… and you’re in.
Also this works on the phone directly too… on the phone github asks the browser, the browser asks the OS, and the Android OS (probably iphone too, haven’t checked) asks you to tap.
Looks like I’ll be grabbing two of those.
Whats the difference between the OTP applet and the FIDO applet from a “reader” perspective? IE how does my phone/ the ACR122U know which applet to talk to on the chip at any given time.
-also… does putting an ndef container on the apex allow me to spoof the ID from say a NEXT?
Smart cards operate according to ISO7816 via a protocol consisting of APDUs… commands basically. When the smart card is contactless, it shuttles these commands over ISO14443A protocol.
The smart card can have multiple applications installed, each with a unique AID or application identifier. When an OTP application wants to talk to the OTP applet on the card, it does so by selecting the expected AID of the OTP applet. Think of it sort of like a file name… of sorts.
No, the NDEF container only applies to NFC Type 4 NDEF formatted data, and has nothing to do with the UID of the chip on which that data resides. In fact, on smart cards hosting NFC Type 4 NDEF data, it’s doing so using a specific AID which complies with the NFC standard, but it’s only raw binary data storage. The NFC application that writes the data to this storage container is responsible for properly formatting the data in NDEF format. The chip does not do anything but store and retrieve the data on request.
Thank you for the detailed answer!
The more you know 
Just got my Apex in the mail today. Already been setting up applets on it, and its super cool.
With the VivoKey android app though, I only get NFC errors trying to scan the Apex. Works fine in the Fidesmo app however.
Yeah the VivoKey platform doesn’t use the apex at this time. Annoying I know. It’s being worked on.
No worries! I just wanted to make sure something wasn’t wrong.
I’m getting it installed tomorrow, and I’m stoked!
Is there any possibility of being able to store a larger NDEF? The largest an NDEF can be is 128kb, but obviously the Apex only has ~88kb. The NDEF applet only allows up to 16kb, but or even 48kb would be nice.
edit: Interestingly the github repo does say up to 32kb
What would be the benefit of have 64kB over have 16kB?
I have some encrypted data that I would like to be able to keep on me at all times, around ~30kb.
The issue with such large data sizes is speed. It would take minutes to transfer that much data. Technically 32kB is possible but the code would need to be changed to address enough blocks for that.
Just to double-check and make sure I understand, and to beat this dead horse about payments further into the ground, this means that whenever MasterCard or Visa decide to allow this technology for payments, it will be possible to pay with the implant. But, I would also have to talk to my bank about this and they would need to approve? Or, do I talk directly with MC/Visa? Or can I manually transfer my existing debit card into the Apex Flex, and never use the card?
I’ll be getting the Apex Flex just for the 2FA and other existing features alone, but it would be a lie if I said payment isn’t an important part of this as well.
They (the payment networks like MC/Visa) would not only have to approve of implants in general but also specifically approve Apex Flex as a payment device. This is possible, but not likely, simply because of the size of it and its placement procedure. Still, anything is possible.
The next step after payment network approval, VivoKey would need to approach the bank with Fidesmo and get the bank to approve Fidesmo Pay as a token requestor for their customer credit card accounts. Once approved and connected on the back-end, you could tokenize a credit card with that bank to the Apex Flex. Direct bank account tokenizations via debit cards are not yet supported, but it is in the works.
Apex Flex install video!
knife edges man… so rough a spot. congrats though. at first i thought he didn’t go deep enough with the needle, but clearly he had no problem inserting it. if no suture, be really sure it is sitting deep enough so when the pocket starts to heal and closes up a bit like a zipper from the back end moving forward, that it doesn’t push the end of the apex up against or just right out of the incision site.
If any bank does end up approving it I’d honestly change banks to be able to use it for payments.
Oh god lol. I’m going to be using saniderm to seal the wound, hopefully that will keep it from exiting.
Can the apex flex be implanted using the needle in a hand? I was hoping to get my flex implanted in the knife edge, but when I went to the installer who installed my xSIID they advised that because of the depth required they could only really do forearm
Yes.
