Hi,
My product have no keyboard or display , no nfc too. We want a paring procedure to not let open the connexion to everybody not paired first.
My idea was to use a fixed passkey into the code, and print into a qr code this passkey and mac adress. Our smartphone app will use this two parametres to scan and list only the product with concerned mac adress and then establish a paired connexion with the passkey, previously got by scanning the qr code.
My software also use secure bootloader to do DFU (s113 + ble_app_buttonless_dfu_ + secure_booloader_s113_pca10100) , nrf52833.
My questions is :
1. Where to find this passkey into the code to set it ?
2. In production, i will have to personnalise this passkey into each product, making a different .hex with a specific crc to be able to boot i guess. Fastest way will be to build to get the good crc and flash only the memory adresse with good crc and passkey. Is it the good way to proceed ?
3. If it is, may be we need some script to first change the passkey into the source code, then build application , and finally program the device with nrfconnect command ? It seems to be quiet heavy but may be the unic solution?
4. in case of update of the firmware with dfu once customers has bought the product, does it means we will have to generate a unic zip for each product sales ? What is just impossible. So finally i dont't really see how to proceed a part of placing the passykey somewhere into the memory that is independant of crc check, what i don't think possible.
I didn't found easiest way to do something quiet simple in fact. This seems to be a typical case for BLE products , no?
Thanks a lot for your help, there is so many questions... 
