Please explain the Vivokey to me like I'm a child

Greetings fellow cybernetically enhanced people,

so I already have an xSIID implanted and a couple of uses for it around the house. I’m interested in getting another implant, and I’m trying to figure out exactly what I could do with some of these, but there’s a question that I can’t seem to answer myself- does a Vivokey implant allow me to pay for things using it, or does it not?

Payment implants sounds really neat, maybe the next most useful thing after having more LEDs implanted (because blinkies have the highest utility, of course). I’ve now read at least once here on the forums of someone saying “yes, I can pay with implants, I have a vivokey spark” and I’ve seen that video on YouTube of the guy paying for a snack at the Dangerous Things Vending Machines™ with his implant.

But nothing I read on the Vivokey website, or here, explicitly says that yes, you can pay for things with this implant. I see a lot of threads and writings about cryptobionics, the Vivokey ecosystem, Vivokey Spark, Vivokey Apex, the Apex line not being able to do payments, identity authentication, etc etc, and although I understand that these things might have something to do with payment systems in the abstract, I just don’t understand how this connects directly to making payments with this product.

My request: someone tell me what steps I would have to go thru in order to get an implant that works as a payment option. Do I have to register the chip on an app on my phone, and make an account with Vivokey, which I then somehow link to a bank account??? Anything helps.

No, not yet

Since you’re in the US

So you are aware of the conversion service and Walletmor

Outside of those, most people are waiting for the Vivokey Apex.
HOWEVER
The following is speculation, but my best guess’

On it’s release it will likely be fitted for, but not with the payment ability.
Meaning, the Apex line is capable of making payments, but it requires the banking moguls to allow it, so this is out of Vivokeys control unfortunately.
When / if they sign it off, it should be a simple process to be up and running wit your Apex
The launch of Walletmor in Europe, will help as a platform to launch from with the bigger players in the banking industry

Likely this will be facilitated through the Vivokey app

Yeah, you will require you Vivokey to login to the app and then fill out your details

Likely install an applet, which I am guessing will also be through the app

If you have a look at the fidesmo app, this may explain more of what the process would be.

Not that you asked this but, Vivokey Apex will be far more capable than just a “simple” payment implant.
You did say

explain the Vivokey to me like I’m a child

OTP
One-time password

A one-time password, also known as one-time pin or dynamic password, is a password that is valid for only one login session or transaction

PGP
Pretty Good Privacy ( PGP ) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications

U2F
Universal 2nd Factor (U2F) is an open standard that strengthens and simplifies two-factor authentication (2FA) using near-field communication (NFC)

KeePass
Password Safe is a free and open-source password manager

GIDS
Generic Identity Device Specification (GIDS) for Smart Card Authentication. GIDS sets out the functionality of a physical identity device that can be used for authentication, such as a smart card or USB token. GIDS is a standard for smart cards that enables them to be used for authentication
( I didn’t know this one either)

PIV
Personal Identity Verification

WebAuthn
Web Authentication , the new API that can replace passwords with strong authentication.

Short answer, no you cannot pay with any ready made implants right now

you can buy other contactless payment chips and send them to amal to be hacked into an implant.

The apex when it comes out will have everything requiered to make payments (and will be the only ready made one to my knowledge) but won’t be able to untill Mastercard or one of the other big boys give the green light.

Long answer, see above and the posts of others who have done much more typing than I am currently willing to

Nah it’ll be Fidesmo

Nor did I until I wrote it. It’s a weird Microsoft standard roughly equivalent to PIV. It and PIV are the only natively supported Windows smartcard authentication methods.

You guys make it way too complicated:

So, it all starts when a daddy credit card and a mommy flexDF love each other very much…

Thank you Satur9, Pilgrimsmaster, and everyone else for the posts. I think it’s a lot more clear to me now, and I appreciate the alternatives suggested.

Not sure if this is the best place to ask but… Will the Apex be wholely dependent on internet access? Say I wanted a more secure RFID based access control system for my car but I was parked somewhere remote. If I’m understanding things (a big if), desfire should should be able to do this, right? But what about the Apex? If so, which of the Java Cards would we be waiting on? GIDS?

I can’t explain the more encrypted Java stuff

But at the very least you could use the uid of it for your car without internet

For what it’s worth I’m not sure how “secure” you can make a car rfid system at the moment, you can make the credential secure but that doesn’t change the fact you disabled the original transponder system

Which at the end of the day likely makes it easier to hot wire

Nope, as @Eriequiet says you can use the UID (assuming the UID randomisation feature isn’t enabled), but for more secure things, the Apex is capable of asymmetric / symmetric / mutual key encryption, allowing for offline secure authentication. An example of this already exists - the Tesla Not A Keycard applet.

You can also have high security crypto on the chip for access control. Internet needed once to download the applet.

But I would have to write a new Java card to use those features or duplicate Tesla’s setup to use the existing card?

a new applet? No. Apex, you load an applet for the features you want, and that’s it.

By NAK, Don’s referring to the applet written by myself that emulates Tesla’s keycards. Needs zero internet access. We designed a similar system to allow secure, one-step authentication with a door lock (which is not likely internet connected)

That changes my previous comments if you have a Tesla,

Retrofitting a car with a key ignition isn’t super secure, but a Tesla is built from the ground up so that’s different

Cool. Where can I read more about this? I get that you can just load whatever applet you need but I am not seeing anything listed in the Vivokey applet list that would work for me–but obviously I could be missing something.

I did glance briefly at the NAK repo after Don mentioned it but, unless I am mistaken, I would have to duplicate Tesla’s setup for it to work as I don’t have a Tesla (or a modern car haha).

PGP should be enough.
Generate a random string, get it signed by apex, verify signature → access granted.

Idk PIV but it also sounds like a candidate.

Duplicating Tesla’s setup is probably the quickest method, actually. It’s a simplified version of SSL/TLS and it’s not a form of rolling your own basically, as it’s based on Elliptic Curve Diffie-Hellman.

It’s literally set up a key agreement, load your private key in, request the card’s public (or save it as a form of validation) key, put that into the agreement and generate a secret - then use sha-1 to hash, used the 16 most significant bytes as an AES key for decrypt and decrypt the challenge you provided to the chip to encrypt.

I can show you the code on how to do it. I’ve got it implemented in Java. An ESP32 would have the appropriate crypto co-processor to assist but you’ll need that for PGP/PIV too.

That would be great. Thanks so much!