VivoKey Apex update

But why would they shoot their good good buddies in the foot like that? ha. ha ha. ha.



Would it be possible if lots of banks would really support it? So, that they in a way apply pressure on MasterCard/Visa?
I had the idea of approaching my bank, too, because they are a pretty alternative and small bank and might be open-minded enough… and if the banks actually could change something if we get them “on our side”, it might be a good idea :woman_shrugging:


Yes, I have… I already have the VivoKey NDEF, VivoKey OTP and Tesla Not-A-Keycard installed on the VivoKey Flex One, so now I’m looking forward to the VivoKey PGP applet and VivoKey KeePass.


I thought the same, I didnt click the link, but rather copy and pasted and searched in a “private” browser, and followed through to playstore App, watched the video and read the comments (if they were self generated, they were pretty convincing)
Anyway long story short, it passed my spam test therefore not flagged or moved in the forum.

Comment and Playstore link

Oh, and welcome to the forumm @Hessel


I remember an article I read once about banks refusing loans to black people back when segregation was still a thing. A bunch of black people pooled their money and started loaning within their community. When the banks heard about it they promptly freaked out over the money they were losing and started writing loans.

We’ll never have our own system, but if there’s ever a crack in the wall of denial and payments become a thing, the Mastercard / Visa folks won’t be able to turn down the profits.

Gotta get up and running first. So, chicken or the egg?


Hence Walletmoor and any other conversion services :bulb:


naaa… NDAs and stuff… and also Mastercard told us to stop talking to banks because banks talk to Mastercard about implants too and they are tired of dealing with it.

Here’s what we’re up against gang… hold on because this is about our made up world of finance and “value”… and it’s bound to be frustrating as all heck to some of you… but let’s do Mastercard because they are #2 in the industry. Mastercard market cap as of today $309.326B based on stock price * issued stocks… made up imaginary value… but still for some reason people jump out of windows because of this made up nonsense.

The stated reason Mastercard does not want to work with implants at all is a potential PR scandal that would drag down the stock price, hence “lose value” with a lower market cap. Let’s say someone got a payment implant and died… and Mastercard was implicated as the murdering party because they promote devil implant chips… a total PR clusterfuck, but not outside the realm of possibility… particularly in the USA where people are spectacularly free to be absolute raging morons. So, back to stock traders… the easily spooked day traders panic and dump MA stock… the price drops… more traders get spooked and dump theirs to stem the imaginary losses, converting stocks to real dollars and in the process actually losing value (if they bought at a higher price)… but let’s say the aftermath is only a conservative 1% loss… that’s still $3.09326 billion dollars of “lost value”. You will never ever in your life see implant based device revenues get anywhere close to that “loss”.

This is the mindset of the people we’re trying to woo. It will never be “worth it” for them to take this risk when framed in the context we’ve been framing it. Therefore I am trying to flip the game a bit… I have plans… they are coming together slowly… but I think we might have a path forward. It could take years to get to a general payment implant device policy with these guys, but that’s a path we’re already walking down.


I know it is incredibly naive, but seeing this whole market “imaginary value” shit makes me love the idea of fight club even more. Just blow up all banks and we’ll start something better.

Yeeees, I know it wouldn’t work. Not the least bit. But I just love the idea :wink:


So what you are saying is, its not that mastercard is against the idea of implants, they are just afraid of being on the wrong side of the mob of crazies that just so happen to have the power to lose them a ton of money…

do i have this right?


such an ominous sounding sentence


Maybe someone can explain me in some words what the vivo spark2 is usable for. I afaik it’s mike an authentication Chip.
But if someone has use cases, real examples which he/she use it for would be highly appreciated to get a better understanding

1 Like

basically yes… there might also be some personal feelings about implants from key employees within Mastercard, but honestly I think it has way more to do with the risk department’s assessment of potential impact to market cap… at least this is what was hinted to me by people in close talks with Mastercard when we were instructed by proxy to stop talking to issuers (banks) about it.

1 Like

So the Spark 2 chip, in essence, is similar to an NTAG216 or other NFC chip in that it is ISO14443A and it complies with NFC forum standard (it’s a Type 4 chip). While you cannot program the user memory with your own data, you can accomplish some of the more common NFC things you can do with the NTAG216 such as directing people to a URL or showing personal data.

In addition to that, it carries 3 separate AES user keys which are used for cryptographic authentication. The idea here is that these keys are used with the VivoKey platform in order to authenticate you via the platform for both 3rd party services that choose to integrate VivoKey as an identity provider (OpenID Connect via and for VivoKey services themselves.

The problem has been, the velocity of development has woefully stagnated due to lack of serious investment in VivoKey. In 2018 after launching VivoKey I had quickly gone through a number of co-founders who were talented and excited but ultimately overwhelmed with the requirements and bowed out. This forced me to use limited personal monies to pay a hired gun to do basic platform development, which was very slow because again, I’m not a rich dude and there was no significant investment opportunities biting (not for lack of trying). Things started to turn around recently though… a new team of co-founders has come together and we are working hard on multiple fronts to finally bring some significant releases to the VivoKey ecosystem… and in doing so, the Spark 2 will see much more utility as it relates to VivoKey services as they are released.


That would only be delaying the inevitable. Use ECC.

Anyway I don’t think we’ve got 4096 support enabled (and it can’t be enabled after factory), but I’ll find out.

1 Like

I got me an idea:

You know how you offer a conversion service for tokenized wearables and they don’t seem to mind - or maybe they do but they can’t do anything about it?

Well how about this: you setup a separate company that sells high-end payment wearables - say, a pendant made of some precious dry wood with engraved gold inlays or something.

The pendant being high-end, you petition for the chip inside to expire in 9 years - because it’s not a throwaway item, it’s personalized with bespoke engravings, and possibly emotionally charged ones. It’s not an implant, everybody’s happy - and gee, you might actually sell a few as bona fide wearables.

But here’s the clever bit: get a skilled woodworker to core out the wooden plug at the bottom of the pendant, and what comes out of the pendant is a small chlorhexidine-filled tube filled with the flexM1-shaped implant floating in it, ready for implantation.

Voila! The customer is left with an implantable payment chip, and a nice pendant in which they can stick some small personal item (maybe a lock of hair from a loved one, or a tiny love message) that just needs a new precious wood plug fitted in. Just don’t advertise what’s in the pendant and what it’s for, and that you sell replacement precious wood plugs.


Is the 4096 bit a hardware limitation? I was under the impression that it was a software issue and if VivoKey releases their own PGP applet it would support 4096 bit PGP keys. Applets can be uninstalled/installed after factory.

1 Like

Hah yeah they’d catch on immediately and shut down that company’s cert and probably the IBN connection too.

Sorta both. If you want to write the entire implementation of the algo you could do it all in software, but it would be big and slow. The hardware chip itself has a bunch of hardware functions built in for crypto that are fast and good but they have their hard limitations of course.

1 Like

So they get to dictate exactly how you build your product too? That’s outrageous. Who’s to say a flex chip in a wooden piece of jewelry is unacceptable?

I’m not talking about hiding the dual use from them: I’m talking selling them on the idea that it’s primarily a pendant, and yes, with some effort, somebody can use it as an implant also - but your wearable company doesn’t want to know anything about it, and as soon as the pendant is busted open, the customer is on their own.

That’s already what happens when you convert a payment card issued by someone else: the card’s manufacturer probably wants nothing to do with that you turn their product into. Your hypothetical pendant-making company would behave the same way. It’s just that it chooses to make the pendant with a DT implant, and the “conversion” is doable by a dedicated enough customer.

It might be palatable enough a compromise that they could accept.


Hah dude… I could make 3 watchbands with payment inside… identical in every way but the color… blue, red, and yellow. They could easily say “red and yellow are ok but not blue because that’s american express color”.

For conversions, worst case the customer is violating terms and conditions, but the company that made the certified “Payment Instrument” is not. If we set up a company to make a wearable and get that certified and MasterCard figured out we made it “in bad faith” so it could be modified easily into an implant, they would simply revoke certification and drop our asses. All devices in the field would stop working. They. Own. Their. Network. … what they say goes on their network.


That’s bonkers…

One side question - sort of related: could you “partner” - or at least get in contact - with a certified “payment instrument” maker and have them confirm that they only use chips with the right capacitance, so that you’d only use their wares as a source of conversion? That way you’d be able to make nice proper conversions like Satur9’s with 100% certainty.

Or would said payment instrument maker refuse to talk to you for fear of being blacklisted by EMVCo?