Hahaha the classic question of, I just want to know EVERYTHING you can do with the chip.
There is something about a ward-something to access a password manager.
The Spark 2 is a chip that works with RFID and NFC and can do AES encryption.
As RFID it has a UID (like a serial number) that all RFID chips have no matter if they do NFC or just ID tags.
Its NFC capabilities allow it to communicate back and forward with a reader.
And it has a special command to perform encryption authentication.
From there, the whole story is about apps and systems using readers to take advantage of this technology.
Per example a door lock, could be just asking for your UID and checking if its on a database and let you in if it finds you there. Problem is that UIDs can be cloned by writing them on some blank cards. So if an attacker gets close enough to your hand to read your UID, he can potentially write it on a blank tag and access any system you have that only uses the UID. Is good for simple stuff, but not recommended for security stuff. (This very rarely would happen tho, but is possible)
With the Spark2’s AES encryption and VivoKey ID Platform, the lock could grab your UID, connect with VivoKey servers, ask for an auth challenge to that UID and send to the chip and only open the door if the chip passes the authentication from the VivoKey server, basically our server will ask a very complex mathematical operation that only that chip will be able to answer.
The Spark2 chips have 3 secret keys inside their silicone from the factory and they can’t be written or read at all. The chip will use this “keys” to perform some complex encryption on the data they receive with a specific command and code sequence, then the reader gets that response and send it back to VivoKey server. The server then will verify that the chip is the exact UID chip registered with your account. And can answer more data like a unique user ID for a specific service or system. Then the system can decide to let you in or not. It gets pretty complex very fast but don’t worry, once someone implements a system, then you can just enjoy the working system.
There comes the issue, companies, have to start using this communication with VivoKey servers to secure users’ accounts.
You see, your UID would be the way to identify who you are supposed to be “your username basically” and the “password” will be the result of some bananas encryption that will change with every request. That way your password basically gets created every-time a reader challenges the chip and it will be removed in a few seconds. So the idea is that you don’t need to remember a username or password anymore. The system would be giving you a unique ID for every different service and your authentication will happen on the fly in less than a second.
Now back to the question, what can you do with the app.
The VivoKey Identity platform has a little “profile” page with several spaces.
A space for an image link (about 500x500px)
A place to put your full name,
another for Email
a space for a basic Description
Main website link
and 5 links you can manage, you can set up none, or just 2. (max 5)
Inside the app you can decide to fill or not fill that information.
Then you can decide on what should the chip do when scanned by a reader.
You can set it up to re-direct scanning users to your public VivoKey Profile page.
Or you can set it up as private, and they will be re-directed to a “THIS PROFILE IS PRIVATE” page.
Or you can set up your own URL or URI redirection. Like adding you on Skype or something with their URI skype://ryuuzakijulio?chat per example. It will prompt the reader to open skype and start a chat with that user. There are many URI types, Facebook, Twitter, Instagram, WeChat, YouTube, etc.
But of course you could just link to your online SNS page, or your own WIX site with your links. There are several services where you can create “virtual” business cards one page. Thats what the VivoKey Profile page should be, but right now is pretty limited on how it looks. (Thats also on the TO-DO list to improve) So people tends to grab a custom link and put it in there in the app.
Another thing you can do in the app is login to some websites that are using “Login with VivoKey” button.
A website will show you a QR code, then you scan your chip with your app and open the QRCode reader on the app, then the app will sign you into that website without you typing any username or password. (Like magic)
Also the app will remember the website credentials, and you can decide to make the system forget that place anytime you want.
So you can have different services you manually authorize to verify your chip.
Also you can create custom App IDs and Secret to put on your own systems like your own Wordpress website or database managing, or time card stamping system, etc.
Also the app should get a push notification when you try to login to a website or a server needs you to “confirm” that the one interacting with their system is really you.
Your mobile will receive a push notification and ask you to scan your chip because such and such website wants to confirm something from you.
You can also see what devices you have used to login to your account, you can change your PIN (that is only required once a new device tries to login, DON’T FORGET IT AT ALL!!) You can also remove them from the “registered devices list” and force them to ask for the PIN again. This is only done with a new device.
I think that kinda sumarizes most of what the app can do.
Of course you can add new VivoKey compatible chips.
There are so far:
VivoKey Spark1 (discontinued ISO15963)
VivoKey Spark2
VivoKey Apex (flex type)
And there are more on the works for different functionalities.
I think people wants to do a lot of things with 1 single chip, but because each chip has so many differences, you really need to figure out what do you want to do first to know what chip(S) you might want to implant.
Like I said, I will be getting 2 chips.
And as time goes by, probably I will want to do others on other parts of the body for different functions.
There is the temperature one (you need to put next to your ribcage in your arm), and other stuff on the ways. Perhaps a different chip for payments (if that ever happens)
But the VivoKey platform is an absolute life saver for many, and the more users we have the easier is to approach to companies and ask them to implement the “Login with VivoKey” button on their apps and services.
idk if that kinda answered your question?