VivoKey Apex update

you mentioned that we are mainly after mastercard here, why them? im presuming that you have tried visa and others but is there a reason we are going at mastercard when they said not now or in the future…?
just curious to your reasoning


I think Amal just used an example. Visa, Mastercard, AmEx… same cartel.



Amal isn’t quite correct here, as it’s a JCOP limitation rather than a hardware one.

We’d need to implement RSA entirely in a library to use 4096 as-is - basically, the crypto coprocessor can have 4096 enabled, but it takes up a few kB of RAM, so NXP leaves it up to the user to either have it on or not - and it’s a JCOP (OS) level config. So, up to Fidesmo.

If it’s not enabled, and I don’t think it is on our chips (and Fidesmo says don’t expect it to be), you get the extra RAM but only up to 2048 bit keys.

By the way, you’re welcome to rebuild in software RSA without hardware assistance, but I won’t be. It’s not a good use of our time.


Yeah not likely… nobody would want to put themselves into the crosshairs. Also it’s not really emvco it’s the specific network operators that are the ones in this situation that are denying approval. Emvco just defines standards and certification processes but don’t dictate anything really.


Kinda yes…but also no. They each operate their own separate payment networks. Even the commands sent to the card and applet schema definitions are different. Certification for operation is standardized under emv to make terminal manufacturer and card manufacturer lives better… but the actual processing of payment on each of those networks is its own thing.

I reference MasterCard the most because we’ve had the most interaction with them… but yeah we’ve talked to visa and amex


I’m sorry yall, I realise now how spammy it looks esp. because I have a new account.

I’m Hessel, 25yo, living in Amsterdam, the Netherlands. I currently have an xNT in my right hand, used it a lot at my study association where we have a vending machine that you could link your own rfid card to, so of course I linked my xNT. Worked very well for a long time, but I don’t study there anymore.

Unfortunately for a lot of purposes the xNT’s antenna is just too small, so I’m definitely interested in getting a different one with a bigger antenna, especially if it comes with contactless payment possibilities!

I understand that it’s not an issue with the banks themself, but if we get enough banks to push/approach visa/mastercard, I guess they’ll at least start thinking about it more seriously.


Thanks! @Pilgrimsmaster


I wish that kind of mindset was something crawling out of Lovecraftian immagination… but then I remember people burning down 5G towers (most were not even 5G) to “stop the spread of covid”…

1 Like

Up with you right there!!

Technically, we kinda missed a golden opportunity to do exactly that.
Albeit with less cool explosions, and more demand acknowledgement.

Right when small shops and delivery folks begun to grow, they needed a mobile payment option, and there was none. Visa and Mastercard jumped in with remote readers, but that was a golden opportunity to get cryptocurrencies to find their spot in regular market.

Maybe there is still a chance. If we could:

  • Simplify the transition between “real” money and crypto
  • provide an easier and easily widespread way of taking payments (talking mobile apps here)
  • provide people with an easy, trustworthy means of utilising this new network (again, mobile apps acting like passive tags… and implants/cards alike)

Then all you need is a good publicity stunt.

People dream of paying just by tapping a phone onto another phone.
Maybe all we really need to do is address the UX gaps within the currently monopolized systems.

(and then, resist the temptation to get corrupted ourselves… but hey, Palahniuk is there for it!)


Welcome to the forum @Hessel
I’m also from the Netherlands. Actually I’m the first in the Netherlands with a contactless payment implant.

Do you want a contactless payment implant? Here are the steps:

  1. Become a customer of ABN Amro bank.
  2. Order a contactless payment wearable, I recommend the “Key2Pay MINI” from LAKS.
  3. When you receive the wearable, log in to internet/mobile banking and register/activate the contactless payment micro card, link it to your debit card.
  4. Order the contactless payment micro card conversion service from Dangerous Things, ship the micro card to DT.
  5. When conversion is done and you receive the implant, make an appointment with a professional body modification artist, I recommend Tom van Oudenaarden from Piercing Studio Utrecht.
  6. Get it implanted, let it heal, then enjoy!

Just testing applet deployment to the Apex Flex prototype… the 16k NDEF container deploys like a dream.


Ok this time I pushed the limit on storage… I wrote 15k worth of data.

It took about 7 seconds to write on my Pixel 2 and about 6 seconds to read it all. Using FASTREAD command support this should be much shorter, but I realized from my previous discovery about how Android handles NFC data that the phone is basically trying to read the whole damn NDEF record BEFORE it passes NFC control to the app, which then reads the whole damn thing again. I have no idea why Android is doing this stupid crap but it does and there is no way around this… so basically reads will take twice as long as they should.

Shall I enable 32k NDEF containers? This is where things broke last time… but I feel like the P71 can handle it.





No answer yet… bricked?


Could they be user choosable different applets to choose from in the final product?


1 Like

There are, implemented as different services in the fidesmo applet.


hah you’re on point there sir… just a 1k option you missed…


I believe that’s just the intent mechanism. I quickly looked at the relevant Android code a while ago, and it’s clear that normally, Android is supposed to get out of the way when the app in focus wants to deal with NFC all on its own. But I’m assuming there are certain types of NFC intents that can override the app in focus. So Android has to know what’s on the chip as well as the app. Possibly?

Either that or - more likely - whoever coded the NFC intent mechanism figured it was so quick he could leave the default code running all the time and nobody would notice :slight_smile:

1 Like

So, questions from the stupid one

Half of the stuff the apex can do is laughably over my head

I read that, if you want to do EMV stuff it will have to be set to that before it leaves

Can it do other stuff at the same time as EMV?

If you go the non EMV route, can you change what applets are on it yourself?

Or does that need to be selected before it ships?

1 Like