Hi, I’m super new to implants, but I use 2FA (yubikey) almost every day.
1: Which implant should I get?
2: Why is the Vivokey Flex so much more expensive than the Spark? Is it just because of the comfort of the flexible implant?
3: Are there any other options except VivoKey?
Thanks!!!
An Apex or flexSecure.
The Apex is a smartcard. It runs javacard applets that can do things like act as an otp authenticator, passkey, and so on. There is a list of available apps on the product page. The spark is presently only capable sharing links and the like using the Spark Actions app. The spark is also injectable while the smartcards are not.
I see, makes sense!
Are there any implants that also offer contactless payment in addition to 2fa?
no, implants are not provisioned to have payment applets because emv doesn’t like the idea. neither of the two smart card implants are able to do it currently.
I would slightly recommend an Apex over a flexSecure for your first authentication/2FA implant. They both use the same chip and have the same capabilities, but the Apex is a little easier to manage. The Apex essentially has its own app store for JavaCard applets through a company and smartphone app called Fidesmo.
Almost all of the applets that are available for the Apex via Fidesmo have open-source flexSecure versions, but some of them (like the FIDO2 applet) require some additional configuration that isn’t needed if you install it on the Apex via Fidesmo.
Right now, the FIDO2 applet on the Apex has not been officially certified by Microsoft, but there are plans to do so in the future. Due to the way that certification works, the flexSecure will likely never be certified. Right now, certification only impacts a small number of services/websites. Most services (Google, AWS, Github, etc) will allow you to use a FIDO2 key that has not been certified, but Microsoft recently disabled the Apex and flexSecure from being used to authenticate into corporate Windows accounts via Microsoft Entra (it also affects Nvidia logins). If/when VivoKey gets the Apex certified, those uses should become available again, but that won’t ever happen on the flexSecure.
I wrote an authentication guide on setting up an Apex or flexSecure as a Yubikey alternative. Some of the information is out of date (things are a little easier now), but it should give you a good idea of what you can expect with each.
If you are on the fence, I 100% recommend buying a $20 flexSecure test card which will let you try out all of the authentication things before buying an implant. It also serves as a nice backup for when you get one installed.
My absolute favorite use of the Apex/flexSecure is still the ability to use it as a 2nd factor to encrypt/decrypt a KeePassXC password database. That pretty much gives you an unlimited amount of implant-secured encrypted storage, and there are apps available that will work on Windows, macOS, Linux, Android and iPhone. That usage works identically between the Apex and flexSecure.
I think you’re right, the Apex seems like the more reasonable choice.
Your authentication guide is super helpful, I was just a little let down that Linux browsers do not natively support NFC security tokens, but that will hopefully change in the future. But big thanks for the write-up!!
I’ve heard of KeePassXC before, but I use Bitwarden. I’ve quickly checked, and it seems Bitwarden supports FIDO2 authenticators with NFC functionality, but I’m not sure whether this means I can archive the same functionality as described by you. What do you think?
Also I saw that there are 3 different sizes of the Apex Flex, they seem to have different ranges? Do you know how big the 3 ranges are? It just says short range, medium range and long range, and to be honest I have no clue what that means. The thought of having an implant freaks me out, and I’d rather have a smaller one, but if the range is only a few mm I’d rather get one with more range.
I would describe the narrow’s range as “contact.” It’s also the slowest. Better coupling means more power which lets the p71 run at a higher clock rate.
How much does the led on the spectrum reduce the range?
I guess i could compare a mega to a spectrum next time i am at HQ 
I see, I guess I will be going for the long range one then, thanks!
Where do you guys have the implant(s) installed?
A friend of mine suggested to have it implanted in the foot, the idea is to place a reader under the door mat or under the carpet at my desktop. I really like the idea of having the implant “hidden”, but it comes with a tradeoff regarding comfort and usability of course.
You shouldn’t put it on the bottom of your foot, the constant motion of walking and the weight of your body would break the implant fairly quickly I’d imagine.
Someone had one implanted in their back, with a reader in their chair.
Top of the foot is possible, but not sure if that is ergonomic
The range difference between the narrow and the spectrum is significant, the difference between the spectrum and the module is there, but less so.
It’s hard to quantity in absolute terms. What is important is how you plan to use the impant.
For me, my main use was scanning the implant with my phone inside of a case, with the chip implanted on my wrist. For that use case, the difference between the narrow and the spectrum meant the difference between scanning correctly on the first try (after practice) and taking two tries. Both still worked, but the bigger implant meant I didn’t have to be as precise with my positioning.
However, the install of the narrow and the install of the spectrum or module are also different. Both require that your installer makes a pocket for the implant to go in. For the narrow, that pocket can be made with either a scapel or with the large gaguge needle that is included. It might require stitches or you might be able to get away with just bandages. The spectrum and the module can’t be installed via a needle. They just be done with a scapel created incision, a larger pocket, and stitches afterwards. It is still a relatively easy procedure, but you will want to talk with your installer before purchasing.
For placement, the wrist area is the most common, especially for the larger chips. The narrow can be installed on the hand. In terms of visibility, my spectrum is not noticable in my wrist unless you pinch the skin (although the scar from the incision is still there)
I don’t think any other more exotic locations like a foot would make sense. The primary purpose of the Apex is for authentication and authentication-related uses. That means lots of scanning with phones and desktop readers. Outside of a few specific things like unlocking a Tesla, the Apex isn’t usually presented to a fixed access control reader (like a security badge might).
Same person has both, but what you are describing is not how he used it.
And i concur with this
But For reference
FOOT
BACK
What should I look out for when buying a reader? I looked at the one @GrimEcho was suggesting in his Auth guide, but as I would like to use the reader on my laptop too I’m wondering if there are any options with a USB C cable, or just more portable.
How about a passkey?
Will that work for you?
Good idea, it definitely beats carrying around a reader ^^