Difference between revisions of "Wireless Credential Device"
(→Context) |
(→Context) |
||
| Line 13: | Line 13: | ||
* Integration with Windows logon and certificate-based authentication (e.g., Entra ID smart card sign-in) | * Integration with Windows logon and certificate-based authentication (e.g., Entra ID smart card sign-in) | ||
| + | * [https://tech.springcard.com/2022/how-to-read-rfid-nfc-passes-with-springcard-pc-sc-couplers/ How to read RFID/NFC passes with SpringCard PC/SC couplers] | ||
how to **architect a USB NFC reader setup like the ACR122U** for use in **credential workflows or trust registry environments**—perfect for your digital identity work. | how to **architect a USB NFC reader setup like the ACR122U** for use in **credential workflows or trust registry environments**—perfect for your digital identity work. | ||
| − | + | NFC on iPhone supports more than just PC/SC, especially in newer models running iOS 13 and above. While PC/SC (Personal Computer/Smart Card) is a standard for smart card communication—used in desktop environments—Apple’s NFC stack goes beyond that with Core NFC, Apple VAS, and App Clips, enabling richer interactions. | |
===Hardware Layer: ACR122U or Similar USB NFC Reader=== | ===Hardware Layer: ACR122U or Similar USB NFC Reader=== | ||
Latest revision as of 21:43, 19 July 2025
Contents
Meme
Device to interact with local presentation.
Context
Apple does support PC/SC natively on macOS, including Apple Silicon systems. The PC/SC (Personal Computer/Smart Card) specification enables smart card communication through a standardized API, and macOS implements this via the Smart Card Services framework.
Microsoft does support PC/SC natively across multiple versions of Windows—including Windows 10, 11, and Server editions2. The PC/SC (Personal Computer/Smart Card) specification enables smart card integration via a standardized API, and Microsoft implements this through the Smart Card Resource Manager (winscard.dll). What Native PC/SC Support Includes
- Smart card reader enumeration (SCardListReaders)
- Connection and data exchange (SCardConnect, SCardTransmit)
- Event monitoring for card insertion/removal
- Support for ISO/IEC 7816 APDUs and ATR parsing
- Integration with Windows logon and certificate-based authentication (e.g., Entra ID smart card sign-in)
how to **architect a USB NFC reader setup like the ACR122U** for use in **credential workflows or trust registry environments**—perfect for your digital identity work.
NFC on iPhone supports more than just PC/SC, especially in newer models running iOS 13 and above. While PC/SC (Personal Computer/Smart Card) is a standard for smart card communication—used in desktop environments—Apple’s NFC stack goes beyond that with Core NFC, Apple VAS, and App Clips, enabling richer interactions.
Hardware Layer: ACR122U or Similar USB NFC Reader
- **Plug-and-play via USB**: No internal hardware required, compatible with Windows, macOS, and Linux. - Supports **ISO/IEC 14443 Type A & B cards**, MIFARE, FeliCa, and NFC Forum tags. - Comes with **PC/SC drivers**, often already bundled with the OS or available via [ACS](https://acs.com.hk/).
Middleware + API Layer
To integrate credential operations:
- Use the **ACR122U SDK**, which includes:
- C/C++ sample code - Java and .NET wrappers - Python bindings via libraries like `nfcpy` or `pyscard`
- For trust registry interaction or VC presentation:
- Develop middleware that **interprets NFC payloads as signed credentials** - Normalize output via **JSON-LD, JWT, or CBOR**, depending on your protocol (OpenID4VP, DC API, etc.)
Example stack: ```python
import nfc
def on_connect(tag):
print(f"Tag UID: {tag.identifier.hex()}")
# Credential logic goes here
clf = nfc.ContactlessFrontend('usb')
clf.connect(rdwr={'on-connect': on_connect})
Secure Credential Flow Architecture
| Component | Role | |----------------------------|---------------------------------------------------------------| | **NFC Reader (ACR122U)** | Reads tag data (VCs, DIDs, signed attestations) | | **Credential Handler** | Maps NFC input to credential schema and verifies signatures | | **Wallet Agent** | Cross-verifies holder binding or issuer provenance | | **Trust Registry Lookup** | Confirms issuer status and protocol validity (e.g., via EU trust list) |
Use **immutable audit logging** and **nonce-based replay protection** to secure the flow.
Real-World Deployment Examples
- **Estonia’s digital ID pilots**: NFC-based card readers validate credentials for public services. - **EUDI Wallet pilots**: Some use NFC chips in phones or reader dongles to support **offline VC presentation** in border or roadside environments.
help designing a UI for wallet interaction or mapping it to OpenID4VP trust flow
