Fidesmo blog

Why and how and you should protect your Facebook account

February 3rd, 2017

Last week Brad Hill, Security Engineer at Facebook, wrote a post. He recommends you to set up your online security with two-factor authentication (also referred to as login approvals) using a physical device.

The reason for this two-factor authentication recommendation is because we are careless. Most people have their username and password stored on the same phone or computer they want to keep secured. Access to the phone and computer is therefore enough to get control over your Facebook account. The historical way to solve this is to send a text message with a four digit code. But most people use their phones as the primary Facebook device so the text message doesn’t really add any security… Read the full story here:

https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766?platform  

 

How two-factor authentication works on the phone 

Logging into Facebook with login approvals active from a phone you’ll be prompted to tap your secure device to the phone. That is after entering your password – which is normally stored in memory. That way, even with access to your password and/or phone, a hacker can’t access your account without having your secure device.

We offer you the Fidesmo Card (recommended) in our shop http://shop.fidesmo.com/product/fidesmo-card. And through our Android app you can easily make it a secure U2F device. The perfect device for securing your Facebook account on your phone!

And of course any Fidesmo device of yours can act as secure device!

 

Facebook login approvals use the standard U2F that is widely supported including Google, Dropbox, Github and more.

Fidesmo open sources APDU-over-Bluetooth protocol – Fidesmo devices are now reachable from any smartphone

November 18th, 2016

Last time we discussed the future wearable cloud, where the Fidesmo vision is that some important functions of the mobile phone can be distributed to a set of wearables. In order for this to work, we need to enable non-technology driven companies to integrate technology seamlessly into their devices, and the devices need to be able to interact with one another independent of brand and phone application.

This calls for standardized or open protocols that devices can use. Today Fidesmo is publishing our open protocol for transporting secure chip commands (called APDUs) over Bluetooth Low Energy (BLE), and we are also publishing reference implementations for the client and server parts so that you can test out the protocol just with two Android phones.

This enables a wearable manufacturer to implement a device with Fidesmo functionality and make the Secure Element inside that device accessible by any application or device that implements the BLE client side of the protocol.

One possible use case is to issue public transit tickets from the public transit operator’s own application, and transfer them over BLE to your wearable, as long as the app implements this protocol. Or to issue your payment card directly from your banking app to any device that implements the protocol. By not forcing a proprietary protocol onto the devices, the number of possible combinations of devices and use cases increases exponentially.

It is also important that the protocol can be used with both passive and active devices and that it is as lightweight as possible. We believe we have found a good compromise but are of course open for feedback.

So please review our first contribution to the wearable cloud, and start to play with the code. You can find the specification and code here: https://github.com/fidesmo/apdu-over-ble. We are looking forward to your feedback.

RIP! The phone is dead.

November 1st, 2016

A few weeks back there was an article where I was featured in Computer Sweden questioning whether or not the phone is the right medium for physical payments. There is no secret that Fidesmo supports the view that everything won’t be circling around the phone in the future, and I would like to take the opportunity to elaborate on that vision. Specifically, in the long term we believe that a wearable cloud of devices will take over the role of the mobile phone and that Fidesmo has an important role to fulfil in this evolution.

Let’s first take a look at the current trends brewing in the outskirts of the mobile eco system. Taking these trends into account, we think that a lot of the use cases exclusively tied to the mobile phone will be taken over by a combination of wearables – the wearable cloud. Right now, the phone is the perfect device, but in all sincerity it is a clunky device with a small screen and sub-par audio input functionality that we need to carry around. The main functionalities of the phone are 1) audio input and output, 2) visual input and output, and 3) the potential for contactless interaction with the environment. Added to this is connectivity, where services and systems are reached instantaneously.

Audio input and output we already see early trends of it being taken over by other devices such as the Apple Airpods and the family of devices for the home such as Amazon Echo and Google Home. The speaking partner for humans in these devices is being decoupled from the device itself, and goes under the names of Siri, Alexa, and Google Assistant.

The whole field of Augmented Reality (AR) is targeting the removal of the screen as the number one input method. Examples of early explorations into wearables targeting the visual input/output space are Google Glass and Spectacles from Snap (formerly known as the company Snapchat). I am very fascinated about the evolution path for the Spectacles – it is currently marketed as a toy, but will it stay like that? There are a lot of opportunities to expand the Spectacles into new fields once the platform is starting to become used. Another interesting field, complementing the AR evolution in glasses and contact lenses, is public screens that are potential interaction points with your personal cloud like Dropbox or Google Drive. This is very similar to the home devices mentioned above (Amazon Echo, Google Home) – the functionality that used to be tied to your mobile phone is moving out to the world around you. But then you need a way to seamlessly and securely tie yourself into these devices.

And lastly, we think that the point for secure interaction with your environment will be moved to the most convenient spot: the hand or the wrist. This is a spot where most adults already have a wearable called watch or bracelet. The introduction of contactless payment cards has been promoted by the payment industry as a faster way of payment, and by the transport ticketing world also with the benefit of less wear and tear for the reader infrastructure. But for the connected world, we believe that the potential to make the payment device shape independent is just as important if not more important. With the introduction of contactless payment the opportunity to put payment functionality into every watch is a reality.

So, it is not hard to envision a not too distant future where the the mobile phone has been dissolved into smaller, more invisible pieces of technology. Invisible doesn’t necessarily mean that the device is not seen, but rather that the technology is not seen. In many cases, the device will be seen, and really stand out, but as a fashion statement or as a token of group belonging. Non-tech companies will then make many, if not most, of these devices, and there will be many different manufacturers with small niches to fill. The tech part will be delivered by very thin services residing in the cloud and connecting to the different end points.

What is needed to be able to address the mish-mash of devices that we expect to form the future personal cloud? What are the requirements that we need to put on the technology that needs to be integrated into these wearables? Since most of the manufacturers are not technology companies, the technology must come almost pre-packaged. This means that the hardware (the silicon) must be pre-packaged also with the services (silicon is not enough) and that there must be standardized protocols for local interactions, so that wearables from different manufacturers can work together also on the service levels. Fidesmo aims to offer this ecosystem for contactless wearables, and we look forward to bringing more news about the building blocks of our platform soon.

Best regards, Mattias Eld, CEO, Fidesmo

___________________

Shortened version, in English, of the Computer Sweden article.

The mobile will be relegated to a modem that is in your pocket.

Watches and bracelets are much faster to use than mobiles to make payments, open doors, or ride the subway. The clock is already on the arm; it sits there all the time.

Today Fidesmo is selling cards with NFC and payment chip that can be programmed to work with a range of systems and companies. A next step is to, inter alia, to incorporate the chip in watchbands. We have cooperation with a number of watch brands and products that will be on the market before the summer.

People will continue to use their regular watches, but they’ll be a little smarter. Having a computer on the wrist it is far from what all want.

A chip with antenna sewn into the bracelet, which allows them to be integrated in the clock any time just changing the bracelet and you can then keep the fashion factor. You can pay, ride public transportation, open the hotel room and much more with your own watch.

“We believe in a wireless future,” chanted Apple’s design chief Jonathan Ives when the company showed off his iPhone 7 and the wireless headphones Airpods. It is a sign of the times that not even Apple wants to focus entirely on mobile.

Instead of having everything in the mobile phone, I think we will start to see a trend that the technology is dissolved into its components, and I actually think that Apple is one of those driving the trend.

With headphones who control Siri and the Apple Watch on your arm, your body starts getting connected, and you can interact with your mobile phones and other technology in the environment without picking up the phone.

 

Securing KeePass databases with OTP codes generated on a Fidesmo device

June 3rd, 2016

Securing your KeePass 2.x password database with OTP codes generated from a seed safely kept on a Fidesmo device is really simple. We do however recommend that you have gone through our instructions on how to use basic OTP functions with your Fidesmo device before trying this. If you feel ready then read on! Warning[…] Read More

Fidesmo Android app v0.12.1

April 19th, 2016

Version 0.12.1 was supposed to be a small bug fix update. But when checking the changes that have happend since the last update it turned out to be quite a few. See the huge changelog below: Roll back usage of TagArbiter for now. Stop supporting NFC-less delivery Remove starting the app with NFC Stop supporting[…] Read More

Fidesmo Android app v0.12.0

February 22nd, 2016

Version 0.12.0 of the Fidesmo Android app is a big release that we have been working on for over a month. Lots of stuff have been going on behind the curtains and we have updated and refactored some of our own systems and tools. We have finally introduced the first UI testing in the Android[…] Read More

U2F via NFC on Android

January 7th, 2016

After an unusually warm but cozy Christmas we at Fidesmo are slowly getting back to full power. Besides presents (and a lot of good food) December brought with it several important announcements in the context of U2F and Android: Ledger FIDO U2F Our partner Ledger has released Ledger FIDO U2F on the Fidesmo platform! The[…] Read More

How to use the Fidesmo PGP applet to encrypt and sign emails in Android

November 12th, 2015

There are many good reasons to protect your email from prying eyes with encryption. There are also many reasons to ensure nobody can impersonate you by digitally signing your messages. PGP has been providing the tools to do both encryption and signing since 1991. This blog post, written as a tutorial, shows how to use it on the most popular[…] Read More

How to set up and use our secure One Time Password generator (updated)

August 20th, 2015

Note: this post is the updated version of this one. The recommended Android app to generate one-time passwords is now Yubico Authenticator. Passwords have been quite unpopular for a while. Every few weeks major news sites publish some variation on the “password is dead” topic. In order to improve login security, many of the leading[…] Read More

Why doesn’t Fidesmo use default ISD keys?

July 14th, 2015

We have been asked several times: how come Fidesmo Cards are personalized with secret ISD keys? If you want to be developer-friendly, why don’t you distribute them with the default ISD keys, so developers are able to install whatever they want? There are several reasons for that: It would decrease the system’s overall security Our[…] Read More

Fidesmo on the radio

July 6th, 2015

Two weeks ago, one of our co-founders was interviewed in Estartapeando, a space about the startup scene in Spain in Cadena SER’s Hora25 evening news programme. Cadena SER is the largest radio broadcasting network in Spain, so it was a pretty big thing for us. And being greeted by the fishmonger because he heard you on[…] Read More

Interested in a Fidesmo-enabled Yubikey?

June 22nd, 2015

Yubikey is a well known security device that generates one-time passwords, acting as a second authentication factor for secure log-in. There are USB-only and USB + NFC versions (the Yubikey NEO). They are used to login securely into Google, Facebook, GitHub, and to access corporate networks. Together with Yubico we have designed a Yubikey NEO[…] Read More

How to set up and use our secure One Time Password generator

April 8th, 2015

Note: now we recommend a different Android app to generate one-time passwords. See the updated instructions in this blog post. Passwords have been quite unpopular for a while. Every few weeks major news sites publish some variation on the “password is dead” topic. In order to improve login security, many of the leading online service providers[…] Read More

Important evolution of the Fidesmo platform

March 18th, 2015

Just a little bit more than 6 months ago we shipped our first development Fidesmo Card, and our platform has since then undergone a massive development. We have implemented support for Java Card. The Fidesmo App has evolved from being just two lines of very user unfriendly text input, to an embryo of a cardapp[…] Read More

The Higher Education Smart Campus Association (HESCA) meeting in Warwick

February 23rd, 2015

Both the two main Fidesmo propositions – use your mobile phone to interact with your Fidesmo card and use one card everywhere – rhymes very well with university use cases. In particular, the university is in most cases part of an extended ecosystem including for instance public transport ticketing, loyalty, ID and closed loop payments.[…] Read More

Java Card applications on the Fidesmo Card

August 26th, 2014

by Yves Bringing the “smart” to the smart card, we now allow not only the storage of MIFARE tickets on the Fidesmo Card, but also the installation of Java Card applets. These applets are programmed in a reduced version of the Java programming language and are directly executed on the card, while it is powered[…] Read More

Fidesmo in New York

May 19th, 2014

Working for a start-up sometimes require some travelling. This time it was mine and Mattias’ turn. The destination: New York! Why? To present at TechCrunch Disrupt. If you are curious about the event you can read more about it here. We found a nice hotel on Manhattan not too far away from the venue where[…] Read More

Our new branding

April 28th, 2014

The first thing we did when we started Fidesmo was to create a logo at 99designs, and you can read more about that here. A year later and a long creative process regarding what our offering will be, it is now time to update our logo and corporate profile to better reflect the company and[…] Read More

Service Delivery API is now available on developer.fidesmo.com

April 23rd, 2014

by Mattias As was previously discussed in our roadmap the Service Delivery API would be our next release, and we are now happy to announce that it is fully supported on developer.fidesmo.com, in the Fidesmo Backend server as well as in the Fidesmo App. With the Service Delivery API you as a developer can tie[…] Read More

We love cloud services

April 15th, 2014

by Miguel At Fidesmo we are strong believers in cloud services, and we use them a lot. This blog post is a big thank you to all our suppliers! Squarespace, we love the simplicity you provide in bringing our website to life. Github, we love the way you make our development work flow. Travis CI,[…] Read More

Cards as the New Computing Platform

March 31st, 2014

by Mattias Over at avc.com, Fred Wilson is writing about the search for the next platform, spurred by the recent Oculus acquisition. Now, we can debate what a platform is – is it a software framework like facebook, instagram and twitter, or is it more the underlying computing platform, like desktop, cloud and mobile, or[…] Read More

The Fidesmo developer portal is open!

February 19th, 2014

by Mattias Today Fidesmo is opening up its developer portal with the Transceive API for interested beta developers! The Transceive API is the first building block of many, but it nevertheless gives the developer a hint of what is expected in the future. The API allows a Service Provider to send APDUs from a backend[…] Read More

New office (again)

December 11th, 2013

by Mattias Start-up life is very dynamic, and one of the things that is changing very often in the beginning is the office address. Fidesmo yesterday moved in to SUP46, our second office, and it feels great! SUP46 is a meeting place for start-ups, early stage investors and the tech-scene in general in Stockholm. It[…] Read More

Scala eXchange 2013

December 9th, 2013

by Petter As a part of developing our software architecture me (Petter) and Fredrik visited this years’ Scala eXchange. A lot of the software we use to develop our systems was discussed, and especially interesting for us were the talks about Akka (Jonas Bonér), Spray (Mathias Doenitz) and Scalatest (Bill Venners) since these packages form[…] Read More

We won!

November 22nd, 2013

Today we received a 300k SEK grant by Vinnova as part of their Vinn nu competition. Vinnova is Sweden government’s innovation agency. We were one of 21 selected companies out of 209 participating in the competition. The grant came in the form of a classical diploma and today was the price ceremony at Vinnova. It[…] Read More

Our APDU library is ready!

October 31st, 2013

by Petter After months of hard work, we are proud to announce that our APDU library has reached beta state, that is, it can be used to build program logic that interacts with a smart card, using of course APDU scripts. Although the library is by no means finished, its architecture and main processes are[…] Read More

Back in Stockholm…

October 28th, 2013

by Miguel Having worked with my co-founders for more than two years before creating Fidesmo, we have pretty much nailed down how to run a geographically-distributed team. But it is always good to meet in person, and sometimes even necessary: for example, to have a long architecture design session, review the company’s strategy, or simply[…] Read More

New office

August 27th, 2013

 by Mattias We have finally moved to our first office at Adlerbethsgatan 21 in Kristineberg in Stockholm. It feels good to finally meet everyday in a “neutral” place, not having to hang around in each others apartments. Plus that the location is nice next to the Fredhäll park where the sun is always shining! (At[…] Read More

Designing a business model top-down. Does it make sense?

July 11th, 2013

by Miguel Some weeks ago (18th June) GlobalPlatform organized a TSM seminar a few subway stops from where I live, hosted by the Spanish Royal Mint (“Real Casa de la Moneda”, no less). No, they didn’t let us see where they print those nice Euro notes. But the food was excellent. It was a busy[…] Read More

Tough requirements

July 5th, 2013

By Petter A core part of what we are doing at Fidesmo is related to implementing standards like Global Platform card specification, ISO 8825-1 or Mifare 4 Mobile. All these standards are fairly low level and are related to coding the data to be sent on the “wire”. The implementation of a low level standard[…] Read More

Fredrik says hi!

June 28th, 2013

by Fredrik Hi, I’m Fredrik and recently started working as a developer at Fidesmo. For someone who enjoys the startup climate and loves working on technical challenges, Fidesmo has shown to be an excellent place to work during the last three weeks. Most recently, I have worked as technical lead for the startup company evisto[…] Read More

Future Perfect triggers thoughts…

June 4th, 2013

By Mattias A few weeks back I wrote a short blog post regarding why we started Fidesmo. There I mentioned that we want to break down the barriers for NFC by providing software and connectivity in an Internet-fashion. A few days ago I then read “Future Perfect” by Steven Johnson (an all in all very[…] Read More

Are we disruptive?

May 27th, 2013

By Miguel This is the promised follow-up to ‘The Innovator’s Dilemma’ review, applying the book’s analysis to our own case. It could be presented as one of Clayton Christensen’s examples: a technology industry, the smartcard industry, facing a technology change: the migration from plastic cards to ‘virtual cards’ pushed to users’ mobile phones. This industry[…] Read More

On Disruptive Technologies

May 20th, 2013

By Miguel A few years ago, while working at a big company in a pure technical position, I got this recommendation: “read this, it is not the typical book for Dilbert-esque managers”. I don’t remember who recommended it to me, probably it was my own manager at the time (not “Dilbert-esque” at all); the case[…] Read More

Stockholm start-up city!

April 26th, 2013

By Mattias The last week and a half has been busy for people attending start-up events in Stockholm, including myself. First, on Tuesday last week, there was 33-listan, which is an event to celebrate the 33 most promising young companies in Sweden. On Saturday there was Start-Up Day 2013 (SUD13 for short), and finally Wednesday[…] Read More

Why we started Fidesmo

April 8th, 2013

By Mattias One of the first questions people ask you when you say you have started a company: why did you do it? In our case, a lot of the people we know are also from the industry, and then the question might be something like: how are you going to make a difference, there[…] Read More

How we got our logo

March 31st, 2013

by Miguel Designing a website, writing down some content, setting up a Twitter account are some of the activities most startups nowadays have to do, while chasing investors and coding our magic (more about that in our technology section). We even have ordered some visit cards, God have mercy of our souls. All those things[…] Read More