• State Not Answered
  • Replies 18 replies
  • Subscribers 63 subscribers
  • Views 2512 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 292582
Options

ncs 1.8.0 + NFC + OOB + nrf52833

embeddedER

Hi Team,

We are in process of developing pairing mechanism for our peripheral device. We are considering using NFC for OOB. Here is what we think we should be doing:

1. Use Mobile (NFC) to wake-up our peripheral device

2. Our peripheral device sends Key (unique per device) over NFC to our Mobile App

3. Our mobile app uses this "key + encryption" to pair with our device

Idea here is to restrict any other app to connect to our device.

We've few questions here:

1. Is this a viable option?

2. In above steps at Step-2, how do we send data from peripheral device to mobile app? 

3. Is there any example/blog around this?

4. Any other suggestions t this approach?

TIA!

Parents
  • 0

    Hi Hung,

    I liked the idea of "challenge and response authentication", however, one of our future extension is to have our own Central Device which may not have OOB/NFC, but will have a way to know the serial number of our peripheral via cloud.

    So, OOB we are considering just to send serial number from the peripheral to the mobile.

    Referring to your quote:

    "Yes you can do what you planed. So instead of showing a pass key on a display. You only provide the passkey with your own way of encryption into NFC. The phone then read NFC data and in your app you can decrypt the data to show the user the passkey. However the pairing process will be not very smooth as there will be a popup from the system to ask for inputting the passkey, and then you need to switch to the app to read NFC."

    Is there a way we can skip that "confirmation step" from the user? Basically idea is to use the static key so that there is no user interruption is required. We will anyway need to find a way to connect our central which won't have keyboard/display to pair with our peripheral using serial number that it knows.

    So the question is, can we really skip user confirmation (mobile and central device) if we use the static pass-key? (This static pass-key will be unique and known to peripheral and mobile in some way, either via NFC or cloud)

     

    TIA!

Reply
  • 0

    Hi Hung,

    I liked the idea of "challenge and response authentication", however, one of our future extension is to have our own Central Device which may not have OOB/NFC, but will have a way to know the serial number of our peripheral via cloud.

    So, OOB we are considering just to send serial number from the peripheral to the mobile.

    Referring to your quote:

    "Yes you can do what you planed. So instead of showing a pass key on a display. You only provide the passkey with your own way of encryption into NFC. The phone then read NFC data and in your app you can decrypt the data to show the user the passkey. However the pairing process will be not very smooth as there will be a popup from the system to ask for inputting the passkey, and then you need to switch to the app to read NFC."

    Is there a way we can skip that "confirmation step" from the user? Basically idea is to use the static key so that there is no user interruption is required. We will anyway need to find a way to connect our central which won't have keyboard/display to pair with our peripheral using serial number that it knows.

    So the question is, can we really skip user confirmation (mobile and central device) if we use the static pass-key? (This static pass-key will be unique and known to peripheral and mobile in some way, either via NFC or cloud)

     

    TIA!

Children
  • 0 in reply to embeddedER

    Hi 

    Hung is currently on vacation, and I will help you out in the mean time. 

    Unfortunately there is no way to skip the user confirmation on the mobile side. There is no API on the phone side to configure a static passkey directly from the app, this is handled by the OS directly meaning you will always get the extra confirmation step. This is the same both on iOS and Android. 

    Normal NFC OOB pairing is supported in Android, but not in iOS. 

    Best regards
    Torbjørn

Related