SafeID Diamond Programmer for iOS

Introduction

There are circumstance where you may want to replace a mobile phone based authentication app (such as google authenticator) with a programmable hardware token (such as the SafeID/Diamond or SafeID/Pro programmable tokens).

Before you can produce OTP codes using a programmable token you will need  to obtain the seed data in the form of a compatible QR code.

Preparation

iPhones 7 and the more recent released models can read NFC tags and make NFC payments. However, no NFC support was added to iPhones 6 and 6S, yet it can be used to make NFC payments only. 

Before you can use an NFC enabled phone to burn programmable tokens you will need to perform the following preparatory steps;

1. Downloading the programming tool on iOS devices

   

   To obtain the programming app you will need to visit the apple play store and search for the app "SafeID Programmer"

   

   Download, Install and run this app.

2. Obtain and enter your Seed

   In order to burn programmable tokens you need to obtain seed data either by scanning  a QR code, or via manual entry of seed data (provided in text form);

   • Scanning the QR Code on an iOS phone

     Launch the SafeID programming app on your mobile device, point the camera at your QR code, then tap on the "SCAN" button to open the QR code scanner;

     

     
     

     After tapping the scan button, point the camera at the QR code and the code will be automatically scanned;

     

     
     

     The token's seed/secret is extracted from the QR code, and you then be asked to confirm the parameters that were scanned by tapping "CONFIRM";

     

      You are now ready to burn the seed details onto the token.

   • Manual entry of seed data

     Manual entry of the seed may be performed with either a Base32, or Hex encoded seed.

     Copy and paste your seed into the input area then click ;

     

     The software will then examine your seed and confirm if it is a valid Base32 or Hex seed (If the programming app cannot identify a valid seed then you may be requested to correct the entry).

     When a valid seed has been entered you will still need to confirm the time and algorithm parameters.

     Generally speaking, if the token is to be replacing an authentication app, then these parameters can be left at their default settings (but if you are aware that either a different time window size, or algorithm setting are needed, then you will need to manually adjust these settings from the default.

     Once the token configuration settings match your requirements click on the button;

     

     You are now ready to burn the seed details onto the token.

     
     

   
   

Burning Seed data onto the Programmable Tokens using an NFC enabled smartphone

Once the token parameters have been confirmed you will be asked to turn on the token.

Switch on the hardware token device, and place it on the phone, then click ""READ TOKEN"., and a new popup will appear "Ready to Scan";

Adjust the token position until a read is successful

When the details of the token are shown, tap "PROGRAM TOKEN", and once programmed you will be notified that token programming was successfully performed;

Verifying the burn was performed correctly

To confirm that the token was burned correctly first tap on the "Verify Token" button'

Turn the token off, then back on again (this ensures that the OTP code being displayed is from the newly burned seed).

Check that the generated OTP code on the screen matches the on4e displayed on the token, if they match you have confirmed that the token was burned properly.