BlogKeycard
Introducing Keycard - The secure, contactless hardwallet & open source API
Keycard

Introducing Keycard - The secure, contactless hardwallet & open source API

Us
Us
on Feb 13, 2019

Keycards are available for purchase at keycard.tech.

2020 is an exciting time in which we are seeing real world applications of blockchain technology and cryptocurrencies as a viable form of transacting. According to Etherscan, as of February 10th, Ethereum alone contained over 55 million addresses and processed over 390 million ETH transactions. Keep in mind, this only accounts for ETH transactions and does not consider the millions of ERC-20 token transactions nor non-Ethereum transactions such as Bitcoin.

This data reflects the adoption of digital currencies as much more than a trend but rather a lasting financial movement.

Not to mention, DAI and other stable coins now make cryptocurrencies a legitimate and viable method for everyday transacting.

Amidst the increasing adoption of cryptocurrencies, inlies a growing attack vector for malicious actors to exploit. At the end of the day, web3 and the ownership of cryptocurrencies places token holders in full and total responsibility of their assets. Therefore, it is of the utmost importance that security measures are put in place to protect both the power users and mainstream adopters alike.

Status Hardwallet has relaunched as Keycard – a new type of hardware wallet built with an open API that enables developers to integrate with wallets or hardware and even build their own smartcards. It enables end users to safely send, store, and receive cryptocurrencies in a seamless, contactless experience.

Status launched the Hardwallet on November 2nd, 2017 at Devcon3 in Mexico. Since then, the blockchain landscape has evolved significantly. There are now a number of crypto wallets, countless tokens, and thousands of new developers contributing to the ecosystem. It is only natural that Keycard reflect this change.

This is precisely why the Keycard team has been steadily building the following products:

1. Keycard API - An open source protocol for a client (e.g. mobile wallet, point of sales terminal) to integrate with a crypto smartcard to handle several type of usages like storing private keys, signing transactions, authenticating users, backing-up master secrets on a secondary card, tap-to-pay, and more.
2. Keycard Hardware - A physical smartcard that is manufactured by Status GmbH and designed to integrate with the Status Android client.

Both Keycard and the Keycard API are entirely open source and allow any developer  to integrate with their mobile apps, desktop wallets, and point of sale retail devices. Any wallet team or developer can use the keycard hardware, software, or both to build a smartcard that fits their needs.

The Keycard API provides compatibility between clients and cards for a secure and open crypto ecosystem.

The team have also built and easy to use Java SDK for Android & Desktop devices. High-level classes abstract away the most tedious tasks including Secure Channel, APDU parsing, and serialization.

Features for developers:

  • Easy setup of a Secure Channel between the mobile and the card
  • Generation of a master secret on card with True Random Number Generation (TRNG)
  • Ability to upload an existing master secret from client to Keycard
  • Ability to derive any key pair following BIP32 paths
  • Key export for non-wallet usage of some keys in accordance with EIP-1581 paths
  • Signature of any transaction using ECDSA (ETH, BTC, LTC etc.)
  • Secure back-up of the master secret from one card to another one
  • PIN/PUK management

Keycard API and hardware are already being developed on by reputable teams in the Ethereum community. Both GRID+ and WALLETH are actively building smartcards using the open source Keycard API

Grid+ is using the Keycard API to build a smartcard-based offline storage for their Lattice1 vault

“The Keycard API is an excellent open-source reference implementation for applying standards across the crypto industry to JavaCard development. If you're developing a JavaCard applet that utilizes crypto, this is the place to start.” - Mark D'Agostino - Co-Founder, CEO of Grid+
"The Keycard API is great code written by a great team. We started experimenting with the javacard and the Keycard API to integrate with our wallet at the Cryptolife Hackathon. The Keycard API makes it easy to support this new type of hardware wallets. " Marcus Ligi - Founder WallETH

As we start to see distributed technology more deeply integrated into our daily lives via devices such as crypto ATMs and blockchain point-of-sale systems, it is imperative these transactions are safe and secure. It is crucial that the mundane act of verifying a transaction becomes second nature, and that the end user experience is simple, seamless, and trusted.

Keycard protects users' private keys via offline cold storage while making the card simple and easy to use for quick, contactless transactions. With Keycard, your private keys are offline and they will never leave the secure element of the card.

Keycard generates master secrets with the built in True Random Number Generator.

This ensures true randomness for the most secure form of key creation.
Keycard hardware security is compliant with most stringent standard (Common Criteria EAL5+) which means that no one will be able to access your keys even if the card is stolen.

Keycard will make it simple for users of all experience levels to easily and safely store, send, and receive crypto. The hardware resembles that of a credit card – a form factor that people are accustomed to when transacting in fiat. Not only is this a familiar experience and design, it also lends itself to extremely low production costs. Meaning it can become a cost efficient and simple way to onboard new users into the world of crypto (Keycard retails for ~$29).

Unlike most hardware wallets in the market today, keycard relies on NFC technology instead of a connected USB port to unlock private keys. This enables users to sign and verify transactions on the go with the touch of a card on their mobile phone.

Keycard introduces a number of features built for client developers as well as mainstream end-users:

  • Compatible with all Major Cryptocurrencies: Keycard is a HD BIP-32 wallet that safely stores Bitcoins, Bitcoin Cash, Litecoin, Ripple Ethereum, ERC20 tokens, and any currency based on ECDSA signatures
  • Contactless Transaction Verification: With NFC, you can securely sign and verify transactions & payments by tapping Keycard on your mobile device
  • Can be integrated with a Desktop Wallet: Keycard can be used with a desktop application with any USB-contact reader
  • Tap-To-Launch: Users can launch a designated app or a URL simply by tapping their card on their phone
  • Inexpensive and Familiar Design: Designed similar to a credit/debit card, smartcards are an inexpensive, simple and secure way to onboard new users. Smartcards are everywhere (SIM cards, debit/credit cards). Familiar design is an easy way to onboard new users and is inexpensive to produce.

Join the core Keycard team members and the growing community in the Status public channel #status-keycard.

Us
Us
Share article on: