IntroductionThere are circumstance where you may want to replace a mobile phone based authentication app (such as google authenticator) with a programmable hardware token (such as the SafeID/Diamond or SafeID/Pro programmable tokens). Before you can produce OTP codes using a programmable token you will need to obtain the seed data in the form of a compatible QR code.
| Column |
|---|
| 
|
| Column |
|---|
|
|
PreparationBefore you can use an NFC enabled phone to burn programmable tokens you will need to perform the following preparatory steps;
| Expand |
|---|
| title | Enable NFC on an Android mobile phone |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| Make sure you’re running the latest version of Android (the majority of new Android smartphones have an NFC chip in the phone). Turn on your device and slide from the top down to access the android settings. Maximise the displayed icons then ensure the "NFC" icon is enabled; 
If asked if you want to turn on "Android Beam", confirm that you want the feature enabled.
|
|
| Expand |
|---|
| title | Downloading the programming tool on Android devices |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| 
If your mobile device runs android you will need to visit the Google play store and search for the app "Deepnet SafeID Programmer" 
Download, Install and run this app. |
|
| Expand |
|---|
| title | Obtain and enter your Seed |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
|  Image Added
Before you can produce OTP codes using a programmable token you will need to obtain the seed data (either in the form of a compatible QR code that can be scanned, or in hex or base32 encoded format). Once the seed data for the token has been obtained it can be transferred to the app either by scanning the QR code, or manual entry of the Base32/Hex encoded seed  Image Removed
There are 2 ways you can obtain the seed data or secret key:
| Expand |
|---|
| When scanning a QR Code on an Android (or IOS) SafeID programming App you first need to make ensure that the QR code is ready for scanning using the camera on your smartphone. Display the QR Code ready for scanning (the QR code below is just an example); 
Next launch the app on your mobile device, and use the following instructions to burn the programmable tokenLaunch the app, point the camera at your QR code, then click on on  the button;  Image Removed Image Added
After clicking on the the button point the camera the QR code and the code will be automatically scanned; 
The token's seed/secret is extracted from the QR code, and displayed in the "Seed" box;you will progress onto the next step "Token Configuration";  Image Added Image Removed
You are now ready to burn the seed details onto the token. |
| Expand |
|---|
| title | Manual entry of seed data |
|---|
| Manual entry of the seed may be performed with either a Base32, or Hex encoded seed. Copy and paste your seed into the input area then click  Image Added;  Image Added
The software will then examine your seed and confirm if it is a valid Base32 or Hex seed (If the programming app cannot identify a valid seed then you may be requested to correct the entry). When a valid seed has been entered you will still need to confirm the time and algorithm parameters. Generally speaking, if the token is to be replacing an authentication app, then these parameters can be left at their default settings (but if you are aware that either a different time window size, or algorithm setting are needed, then you will need to manually adjust these settings from the default. Once the token configuration settings match your requirements click on the  Image Added button;  Image Added
Before you manually enter you seed data you need to ensure the seed is hex encoded (Hexadecimal encoded seeds are formed as a mixture of the letters " "A" to "F", together with any numerical digits (e.g. "0A9FBED34E0E504161F83B08BF000D3CF3418EDA").). If the seed is Base32 encoded, then you will need to convert the seed to hex format (example tool provided below); | Expand |
|---|
| | title | Base32 to Hex Conversion Procedure ... |
|---|
| To convert Base32 encoded seed data to hexadecimal we suggest using the following online conversion tool: In the field "Base32 string" copy the seed data you received in hex format then click the  Image Removed  Image Removed
The base32 version of the seed will be displayed in the "Output (base32)" field (see example below); The field prompted "Seed (hex)" is not locked, so you will be able to directly enter your hex encoded seed into the app;  Image Removed
Ensure the time and algorithm settings are set as follows;  Image Removed
You are now ready to burn the seed details onto the token.
|
|
Burning Seed data onto the Programmable Tokens using an NFC enabled smartphoneWhilst Once the token can be programmed using the  Image Removed button, we suggest you enable the option "Program Token Automatically";  Image Removed
parameters have been confirmed you will be asked to turn on the token. Turn on the token then click  Image Added;  Image Added
The app will update to show that the token is currently not connected to the app;  Image Added
With NFC on the mobile enabled, ensure your token is turned on, then place the token near the NFC reader on your phone (typically this will be near the top Once this option has been enabled. programming of the token may be performed by simply turning on the token and placing it at the back of your mobile phone). The app will update and show that the token is now connected, and will display details about the token that it has found;  Image Added
Part of the information displayed is an assessment of any time drift that has been detected on your token. Generally speaking, if more than 2 seconds drift has been detected we would advise you click on the "Synchronise Token Clock" option prior to burning your token. If you are ready to burn the token click on theImage Added button, and the token details will be transferred to the token, and you will notified with the message "TOKEN PROGRAMMED SUCCESSFULLY";  Image AddedWhen you hear a beep, do not move the token until you hear the second beep, and the message "Token programmed successfully" will be displayed (indicating that the token has been programmed).
| 
