Keycard: Our Key to Contactless Crypto Adoption

Keycard: Our Key to Contactless Crypto Adoption

Keycard is an open-source hardware wallet for managing private keys and signing transactions. It takes the form-factor of a credit-card and uses NFC technology for a contactless experience with the Status Mobile App.

Keycard = Smartcard + Smartphone.

It can't get any smarter.

Keycard introduces the convenience of a contactless credit-card combined with the security of a hardware wallet.

Keycard = Convenience + Security.

It can't get any better.

Keycard provides added security to our daily crypto transactions, whether it's playing games, earning with DeFi, collecting NFTs or sending funds to friends. The fact that it really fits in the wallet and is designed to be always carried provides a different design point compared to existing hardware wallets.

We see three different value propositions with Keycard for now:

1. Keycard for Status users: Keycard extends the security of the Status app significantly. It upgrades Status from a mobile wallet to a hardware wallet without sacrificing the UI/UX of a smartphone. It also enables two-factor authentication.

2. Keycard API for developers: Keycard API is entirely open source and allows any developer to integrate smart cards with mobile apps, desktop wallets and even create their own smart cards.

3. White-label Keycard for businesses: Keycard hardware can be leveraged by businesses that want to design and distribute their own smart cards for crypto applications.

With these three broad ecosystem enablers, our vision at The Status Network is that Keycard will become an open framework for smart cards in crypto.


Smart Card

Smart cards are tiny computers with hardware optimised for security. They have microcontrollers with a CPU, little RAM and some persistent storage for code and data. They typically also have cryptographic accelerators and security countermeasures for tamper-resistance.

All of us use several smart cards already in the form of SIM cards, bank credit/debit cards, transportation cards etc. for authentication and payments. There are already 50 billion smart cards deployed with another 10 billion more being deployed in 2020. The implications of these huge volumes are that these smart cards are standardised, highly secure and very cost effective. People are already comfortable using smart cards.

Smart card interfaces have contacts or are contactless e.g. NFC. Majority of smart cards are Java Cards. These cards are popular for several reasons as highlighted below:

Java Card technology preserves many of the benefits of the Java programming language – productivity, security, robustness, tools, and portability – while enabling Java technology for use on smart cards, secure devices and other secure execution environments. The Virtual Machine (VM), the language definition, and the core packages have been made more compact and succinct to bring Java technology to resource – constrained environments. Java Card technology also includes specific security features, such as user authentication classes to manage PINs and passwords, as well as specific application isolation features, known as the firewall, that allow applications from several providers to cohabit securely on the same device.

Keycard

Keycard is based on the Java Card version 3.0.4+. All the Keycard functionality today is implemented in three Java applets which run on the Keycard:

1. Wallet: This applet implements a BIP-32 HD wallet with features of generation/loading of a 12-word BIP-39 seed phrase, loading a key pair, BIP-32 key derivation and key signatures all based on ECDSA secp256k1. The private keys never leave the applet and all communication with the applet is over a secure channel based on a shared secret. All interactions with this wallet require a Passcode.

Wallet enables all the hardware wallet functionality for storing private keys and signing transactions in conjunction with a paired and trusted device.

2. Cash: This applet implements the generation of one key pair and signing of transactions with it, but without requiring the setup of a secure channel or the Passcode with every transaction. This is supposed to be used for lower-security applications because the security here depends on the physical possession of the Keycard.

This “Tap” usage enables scenarios where the developer thinks a tap (i.e. physical access of card) is good enough with the knowledge that some security is being traded-off for the extra convenience of not having to use a Passcode.

3. NDEF: This applet implements NFC tag emulation where the SDK APIs can be used to set the NFC Data Exchange Format (NDEF) record for storing a link or QR code. This applet is used to implement the downloading of an app or opening a dApp link on the device of choice.


Value Propositions

As mentioned earlier, we see three different drivers of value propositions with Keycard for now:

1. Status Users

For Status app users, Keycard currently offers two significant benefits:

1. Hardware wallet: This implements a BIP-32 Hierarchical Deterministic (HD) wallet. Private keys are generated and stored on the card. Crypto transactions generated on the Status app are authorised by tapping the Keycard and entering the associated Passcode. Chat messages are also encrypted with a key obtained from the Keycard.

The current implementation generates the 12-word seed phrase on the Status app. This is used to seed the wallet master key which is then loaded into the Keycard to further derive the two key pairs for the Status App.

The wallet key pair is generated on the standard BIP-44 m/44’/60’/0’/0/0 path. The wallet private key never leaves the Keycard and is used along with the Passcode to sign every value transfer transaction.

The chat key pair is created on path m/43’/60’/1581’/0/0 as per EIP-1581 and is exported from the Keycard to the Status app so that the app can automatically encrypt every chat message without requiring Passcode entry for sending each chat message as that would be cumbersome.

2. Two-factor Authentication: Passwords for authenticating to the Status app are replaced by the Keycard - what you have (card) + what you know (Passcode), i.e. two-factor authentication (2FA).

This makes the signing-in process more secure and also more convenient. The risk of weak and reused passwords is mitigated by requiring the physical possession of the Keycard and the knowledge of the 6-digit Passcode. Two-factor authentication thus becomes the default going forward with Keycard.

Keycard will be compatible with Status App v1.4 on Android at launch and iOS support will be coming soon. Existing Status users who already have an older version of the Status app installed have to uninstall the app and reinstall this latest version to start using the app with Keycard. Note that reinstalling loses prior chat history, contacts and imported accounts.

2. Developer SDKs

With the Keycard API, Android, iOS and Go SDKs are available. These SDKs allow developers to build mobile apps or desktop apps that can interact with the Keycard. The SDK handles complex tasks such as setting up secure channels and supporting various commands for authentication, wallet generation, managing keys etc. It also supports the various aspects of Application Protocol Data Unit (APDU) functionalities for enabling communications between the smart card and the app.

More details on the SDKs and the underlying protocol and commands can be found here.

3. Business White-label

With white-labeling, businesses can buy Keycard smart cards and implement their own applications on them using the publicly available SDKs. This tremendously reduces their burden to source, design and manufacture such cards.

They can also print branded cards for their own distribution, for e.g. preloaded with tokens and NFT’s. Branded cards can also initiate opening of websites or apps upon tapping on a mobile phone.

The B2B services offered here include supporting the manufacture of custom smart cards, custom printing of cards, bespoke software personalisation of cards e.g. dedicated applets.

Inquiries on branded cards can be made here.


Security

Keycard is designed from the ground up to securely store your private keys offline in an air-gapped environment. Transactions generated on the associated device are sent to the Keycard over NFC where they are signed and sent back to the device. Keys never leave the secure element of the card.

Keycard's hardware security is compliant with the most stringent standard Common Criteria EAL5+ which makes it nearly impossible to extract private keys from the card even if it is stolen.

Keycard use is also protected using other security features such as the Passcode, Personal Unlocking Key (PUK) code and a Pairing-code. Passcode is a 6-digit numeric code which is created during setup and is required to be entered to authorise every wallet transaction. PUK-code is a 12-digit numeric code which is displayed only once during setup and is required when the user forgets the Passcode. Pairing-code is a 16-character alphanumeric code which is also displayed only once during setup and is required to pair the Keycard with another app or device.

These security features protect against scenarios where the user loses the Keycard or the associated smartphone or even both to a potential attacker. Brute-forcing the Passcode is protected by requiring the entry of the secret PUK-code after three incorrect Passcode attempts. Brute-forcing the PUK-code blocks the card permanently after five incorrect PUK-code attempts. So the attacker is left with an unusable Keycard. The user however can always reinitialise a new wallet with the previously saved 12-word seed phrase to recover prior wallet assets.

In this threat model, the user has to trust the Keycard and the Status mobile app (or any other app) that interfaces with Keycard. Keycard therefore provides the highest level of security possible in this smart card form-factor.


Summary

Keycard is a secure, contactless, open-source crypto hardware wallet with an open SDK. The design point integrates the convenience of a contactless credit-card with the enhanced security of a hardware wallet. While the initial application is the integration with the Status mobile app, the open design encourages other developers and partners to leverage the software and hardware capabilities of Keycard, bringing forth their unique innovations in this space.

We, at Status, believe that this is our first step towards making Keycard an open framework for smart cards in crypto and further enhance crypto adoption with increased security and improved convenience. A win-win-win for the future of crypto.

Learn more about Keycard here and install Status for and iOS, Android here