Time add some hardware…

I guess its about time, I started engaging and stop lurking from afar.

So much information here.

Its like a tinkerer’s dream and nightmare! LoL!!

I’m leaning towards a NeXT and Apex Flex totally digging the 2FA capabilities for my use cases.

I’m going to have to add a blinky at some point too!

Look forward to kickin it with ya’ll and learning more!





Do you have a specific reason for the NExT?

It’s a great choice, but depending on your use case, there maybe something better suited…

There’s also nothing wrong with just getting one to grow into and find a use for it later.
An xMagic is another good option for that.

If you have any questions, fire away…


I’m thinking business card/contact info for easy phone tap access and plus depending on its capabilities to hold multiple keys possibly swipe in to my work garage/building. Gun safes, honestly, the less fobs I carry the better lol.

Then theres this whole other line of implant here where if I’m reading correctly I can use it as 2FA authentication. :flushed:

Sign me up. I don’t care how late I am to the party. This technology is pretty unbelievable.

I already have 3 registered nurses in my family willing to install ‘em. :saluting_face::man_facepalming:t4:

Which direction would you go?


Welcome! Do you have a tech background?




OSINT, practical red/blue team training for Pentesting, some coding, network, some hardware buffoonery. I like to jump solder points and see what happens. Lol. A lil curious troublemaker from time to time. :smirk:

1 Like

Started dabbling in NFC locksmithing control access due to work experience back in the day but, now just kickin back and playing around. I love how far technology has come. I look forward to learning more and using the right tech for daily applications.

1 Like

The Apex has an NFC Share applet that emulates an NTAG. When you install the applet you can specify the storage size. You then use the Apex Manager Android App to store a website, vcard, etc. Other smartphones that scan the chip will treat it like an NTAG (e.g. read the vcard contact info and prompt the user to add a contact).

So if you want this functionality you don’t have to any of the NTAG chips like the NExT. Note that you cannot use the Apex NDEF applet to authenticate with systems that expect an NTAG.

The NExT has exactly two chips in it. One NTAG216 13.56MHz and one T5577 125kHz. The T5577 is programmable using a ProxMark Easy or Flipper Zero. It can only “hold” a single ID. Typically people will take an existing 125kHz fob or access card and clone it to the implant. The ID is registered with the access control system. If you have access to the ACS and the ability to enroll new cards, then you can use NExT with multiple systems. Put another way, the T5577 is a single blank key that you can cut (or recut). The only way to use it with multiple locks is if you can install the locks yourself.

The NTAG216 chip has both an ID and an area for user provided data. The ID cannot be changed. It is backed in during manufacturing. This means there is no way to clone an existing NTAG access card to the implant. Instead, you must enroll the NExT with the access control system. Most control systems only care about the ID and don’t read or interact with any of the user-writable data.

tl;dr – If you have access to the control systems then you can use the single NTAG ID and/or the single T5577 ID to unlock multiple systems. If you do not have the ability to enroll new IDs then you can only clone a single T5577 card or fob.

2FA has a kind of wide meaning. For traditional 2FA, you would want the Apex Flex. There are several applets you can install that function as 2FA devices. Essentially, between the HMAC-SHA1, OPT, and FIDO applets, you have an implantable YubiKey (well without USB – at least for now :slight_smile: ).

The FIDO2 applet lets you use the implant directly as a 2FA device when logging into many services - Gmail, Apple, etc). It works on both mobile and desktop (Windows is best). The OTP applet works in conjunction with either the Apex Manager app (Android) or Yubikey Authenticator (Android and I think iPhone, but not positive). The keys are stored on the implant itself – the app is just used to display the codes. There is a limit to the number of OTP accounts you can enroll, and there are storage space considerations depending on how many applets you have installed. Note that the Yubikey GUI tool for Windows does not support reading OTP codes over NFC, but you can use the Yubico CLI tool if you need.

The HMAC-SHA1 applet can be used with a few services, but by far the best as a 2FA device for KeePassXC (Windows, Linux, Mac) and KeePass2Android (Android). KeePassXC is an open source password manager. If you store the password vault on a shared drive like Dropbox or Google Drive, you can have a great cross-platform way to store passwords. After installing a secret into the HMAC-SHA1 applet, you can then protect the encrypted vault with both a password and the Apex.

I’d recommend getting a Yubikey and seeing how you like using it. Then imagine having it on your wrist or hand.


I also put together a hack to use a normal chip to initiate a otp 2fa


You are an MVP!:saluting_face::100::muscle:t4:

1 Like

So Flex it is. I want another 2FA other than my Yubi, Nitro, or auth app. I want this one for more sensitive data. :100::saluting_face:


Got it. So unless I can enroll the NeXT hard into each secure access point, essentially i’m limited to which any 1 key I copy? I have a flipper, chameleon ultra, a iCopy XS which has a proxmark built in. I’d still grab the proxmark from here because I want the stand alone tool. Reading & copying shouldn’t be a problem. If i’m off base please let me know.

1 Like

Yes – that is a limitation of pretty much all access control devices. All RFID chips have some form of ID, serial number, etc that is communicated to a reader during the initial exchange. Simplifying a bit, but

  1. Proximity card comes into contact with reader and powers on.
  2. Reader detects a field and waits for the card to transmit its ID
  3. Card transmits its ID
  4. Depending on the type of the card/chip, additional exchange and authentication happens.

For the NTAG 216 and the T5577, readers only go through steps 1 - 3. For other 13.56 NFC cards like MiFare or DESFire, there is additional communication and authentication that adds a lot of extra security

In theory a JavaCard device like the Apex could hold multiple keys, but there are currently very few access control systems that work with Apex (Tesla being one of the few exceptions).


Slight point of clarification:

When it comes to Dangerous Things implants, the term “flex” is the form factor of an implant, not a specific type of chip. There are multiple flex implants, including the Apex Flex, the flexNExT, etc. Some flex devices are circular, like the flexNExT, others are elongated, like the Apex Flex. The flex line of chips are all encased in a bio-polymer and sterilized using gas.

These are in contrast to the X-Series of implants, which are typically much smaller and are encased in glass. They are implanted using a simpler injection process.

Some chips, like the Apex are only available in the flex form-factor (which is why a lot of us on the forum just call it the Apex). Others like the NExT are available as both an X capsule, and flex.

The flex line provides a much larger antenna and thus significantly better range.


No LED in the NeXT. Looked at some of the bundles. Nothing with Flex 2FA. Meh. I was looking forward to some sub dermal blinking action.

Wishlist: Flex 2FA (injectable) & xSIID Green. This would probably work well.

No bundles for that. I’m going to have to soul search that one. :smirk:

1 Like

There are no flex series implants that are “injectable”, though the small form factor flexies can get installed with a piercing needle instead of needing more complicated procedures

The x series (glass cylinder) implants come pre-loaded in the injectors


Glad everyone chimed in here and I spent more time thinking about what exactly I want to achieve.

I believe i’m going to go with the xMagic (thank you Pilgrimsmaster, you were right on.) It pretty much will cover most of what I want to achieve access wise. I wanted a green led so i’ll get an 13.56 mhz field detector implant. As per everything I’m reading as long as I maintain proper installation distance there shouldn’t be an issue.

I’ll start there.

Plenty to play with.

Then work my way up to the Apex Flex. I understand the Flex is not injectable(Thank you Grimm). It will require more skill, the installation process is different. But am confident in the skillset of the nurses in my family to complete. Plus, they can get the topical lidocaine, and possibly just do a few traditional stitches vs the butterfly stitches. I don’t know. I have time to figure that one out, but am super enthusiastic about the idea.

This is a great community. Thank you everyone for making me think about this harder. Not making a knee jerk decision and being properly informed.


I mean if you’re going with a blinky may add well get an xsiid


Cool! My first two implants were both X-series injectable ones. The process almost identical to a standard piercing and actually recommend having a piercer do it over a nurse if one is available in your area. You can check out the Instillation Partners Map to check.