^_^” Hahaha sorry didn’t mean to trigger you.
But I can think of several common life situations where you wouldn’t have control of who scans your hand. (Robbery, Accident, Arrest, Betrayal of someone close to you, etc, etc).
I get it if you distrust the insane security measures that the VK servers have.
There is some level of self-preservation on everyone, some take it to paranoia degrees tho.
To be honest, even if a hacker had root access to any computer/server that VK has, they will just get lost, took me months to complete the iOS app, and I had the source code for the Android app and even the programmers answering all my questions about how the system was setup over the more than 26,000 lines of code, it is absolutely unique and nothing like anything out there in my opinion.
But if we are going for “nothing is impossible”, then you have to toss in there in the possibility of someone scanning your xSIID and getting all the information out of it one day or another, being it your fault or without your consent or knowledge.
Back to topic, if you think no one will ever scan your hand, you can make as funky as you want your reader code, but anything from a xSIID can be read->cloned/emulated. So if you are so sure no one will ever scan your hand, then you can just do UID with the KBR1.
And I am with you, is easier to use a RC522 than the PN323. Easier to work with NDEF, and I have thought of many ways to obfuscate an access “something” inside the NDEF.
So here is an idea I had.
Have the reader generate and save the next password and save it on the 2nd record of your chip as pure data so it won’t be automatically read by any normal reader. Since most phones will read just the first record unless they have a specific app (available for free) and manually try to read all the records. The reader will only react to the UID with the correct 2nd record.
Have a button in the reader to “reset” the local password. Add a bluetooth module and pair it with your phone to manually enter a pin-code to generate a new password to put in the chip and memorize a large pin code, that way if you feel you have been abducted by aliens in your sleep and they scanned your chip’s current “next” password, you can reset it exclusively trough your mobile app. You could have a numberpad on the trigger to setup a specific code that will be time-based, so if its 12:37 you could mentally perform an operation with the numbers, lets say just * 2, and enter the code 2474 before scanning your chip, of course you can make it as obfuscated as you want, *2, flipping numbers, adding original numbers, combining it with your DOB or a secret number, or whatever complex mental mathematical process you can do on the fly, but then the real security relies on your capacity to encrypt a piece of data and punch it in manually which… well is kinda going backwards…
Or you can use the AES capabilities of the Spark2 ^^ because the incredible amount of steps needed to not just hack a server that is unreachable from any part of the internet, they will also need to understand the insane labyrinth that is the whole system, then scan your hand to know how to identify your chip, then understand how the server manages and delivers identities among a LOT of data and encryption, then have access to your reader, and finally they would need to have the capability to clone/emulate a Spark2 including its AES capabilities specifically in the order that is configured just to have access to your cat’s pics on your computer. ^^
Sorry, I absolutely can’t agree with the argument that a KBR1 is more secure than a Spark ^^
But if it’s more about a close system, yeah, the xDF2 sounds like the option you are looking for, and yeah, you are free to keep waiting for the Apex, and then for the DESFire “emulation”.
I would argue that we are all users of a technology that is not yet commonly available, and we use to the maximum what we have now, so you could move forward now or keep waiting for the products and services to be released "SOON"™️.