If anyone is able to setup a transparent APDU proxy using pcsc-relay (PC/SC Relay — vsmartcard 2025-03-27 documentation), and the Android smartcard emulator (Android Smart Card Emulator — vsmartcard 2025-03-27 documentation) , and then record the interaction with the iPhone ← NFC → Android with emulator ← WiFi → PC with pcsc-relay ← PC/SC → PC/SC reader ← NFC → Yubikey that would help. APDU logs can be pulled from the Emulator of from the PC if you are running Linux.
Read codes individually or simultaneously (TOTP and HOTP).
Set and remove chip passwords.
Securely save and delete chip passwords in the user’s keychain with automated preferences.
Error notifications through popups (e.g., reading errors).
Manage multiple chips—scan new chips and display corresponding codes.
NFC reader prompt triggered automatically or manually via pull-to-refresh.
Tap to copy codes directly to the clipboard.
Favorites list implemented.
Next Steps:
Enable settings to specify how many epochs (time intervals) of OTP codes to fetch per chip scan. Currently defaults to the current 30-second interval, potentially requiring multiple scans if near expiration. Aiming for fetching 2-10 intervals automatically.
Enhance visual prominence for selected OTP codes (e.g., color change, larger display) for easy reading and typing, particularly in scenarios like VR headsets.
Credential removal functionality.
Under Consideration:
Double-tap OTP code for text-to-speech reading, helping users remember digits more easily.
Allow creation of custom groups to organize credentials effectively.
Introduce customizable color-coding and icon assignment for each credential.
Keep in mind: additional features can increase complexity, affecting stability and user experience, possibly leading to unfavorable App Store reviews. To balance innovation with reliability, your feedback is critical. We aim to implement features based on your actual needs, not assumptions.
We look forward to your ideas, comments, and suggestions!
Legend! On Saturday my Pixel 6 Pro mysteriously bricked. Luckily my friend had a iPhone 12 mini they could give me, but that also means I’m locked out of a lot of accounts that I use my Vivokey’s OTPs for. So it’s great seeing progress on this! Thank you @RyuuzakiJulio and @amal !
I’m probably doing something wrong, but I’m not sure what. I have the OTP applet installed from Fidesmo and it worked without issue using the Apex Manager on my Pixel 6 Pro.
I’m running this on Debian 12 if that helps. Worst case I buy a cheap android and get Apex Manager that way.
Which version of the Yubico Authenticator are you using on the desktop? It still works for me on 7.1.1 , but maybe they changed something? The applications all share a codebase.
I tried both 7.2.0 and 7.1.1, both gave the same results unfortunately maybe it’s OS specific and I’m missing a package? Is there a list of dependencies I could reference to see if I have everything installed?
Strange that it shows up as a Yubikey Neo with FW 3.0.0 - mine shows up as a Yubikey 4 with firmware 4.0.0. Are you running the most recent applet version from Fidesmo? What other applets do you have active?
hmmmmm, very interesting. The new 1.11.1 update they put out on iOS is working just fine with my java test card running the same applet made available for the flexsecure, but still crashes with my apex flex. I know it’s not a 1:1 comparison since my java card uses a different chip, but is there maybe a difference in the way the applet on fidesmo presents itself?
I had the smartPGP, NCF share, Tesla Keycard, and OTP applets. I just removed the smartPGP and tesla applet and now I get the following from both Yubico Auth 7.1.1 and 7.2.0
Fixes a problem where OATH wasn’t supported for keys missing the management application, like the YubiKey NEO.
This is the release note, so thank God the yubikey neo exists in a similar boat as the apex I guess. I’d still way rather use an official app, I’d even pay a decent amount for it considering I know any update will have been tested on the same implant as the one I have, yubico for sure lost my trust and confidence.
honestly though we’re only kicking into high gear because they shit the bed… but still… it’s appreciated.
maybe it’s OS specific and I’m missing a package? Is there a list of dependencies I could reference to see if I have everything installed?