Docs

Tools

Blog

Guides

Mobile NFC Burner apps for the second-generation single-profile Token2 programmable tokens

This page provides information about our mobile apps, which can be used to program and configure our single-profile hardware tokens on iPhones and Android devices. Please note that these apps are not compatible with our first-generation tokens, such as the C105 and miniOTP-1. The information on this page applies to both iOS and Android versions of the app, as they share the same design and functionality in their latest updates.

Compatibility

Our NFC Burner app is compatible with a wide variety of Android smartphones and tablets. Whether you're using a flagship device or a more budget-friendly option, you can trust that our app will run seamlessly. Our iOS NFC Burner app is compatible with all iPhone models starting from the iPhone 7.
We have tested and optimized NFC Burner on devices from various manufacturers. If you happen to run into any compatibility issues, please do not hesitate to let us know. We value user feedback and are dedicated to resolving any concerns promptly to enhance your experience.

About the app

This is a simple yet powerful NFC Burner app that provides full control over your programmable tokens. In addition to burning the seeds, the app also allows configuring advanced settings, such as the hash algorithm (SHA-1 or SHA-2), the time offset (30 seconds or 60 seconds), the display power-off timeout (from 15 seconds to 120 seconds), and time synchronization.


Burning a seed

The main window of the app allows you to burn a seed to a programmable token by scanning the seed QR code or typing it in manually. This is the only screen you will use in 99% of cases.

  • To burn a seed, launch the app, then touch the "Scan QR" button to scan a TOTP QR code using your camera.
    Mobile NFC Burner apps for the second-generation single-profile Token2 programmable tokens
  • If the provisioning needs to be done by typing in or pasting a seed in text format, choose "Add account manually," then enter the seed in the "Seed (in hex)" field if the secret is in hex format, or touch "Enter in base32" if the seed needs to be entered in base32.
    Mobile NFC Burner apps for the second-generation single-profile Token2 programmable tokens
  • On the same screen, you can specify additional parameters, such as the time step (30 seconds or 60 seconds) and the hashing algorithm (SHA-1 or SHA-256). These parameters should match the settings defined by the authentication service. If you are unsure, leave the defaults as 30 seconds and SHA-1, as most TOTP authentication is hardcoded to these parameters. The display power-off timeout (from 15 seconds to 120 seconds) does not affect OTP calculation, so you can choose any value you prefer.
  • Once the seed and configuration are defined, turn the hardware token on and touch the NFC area of the device. Then, touch the "Burn Seed" button when it becomes active. A message box will display the process completion or any errors, such as "Seed successfully applied."

About NFC Stability

NFC operates by using electromagnetic fields to enable communication between devices. It works in two modes: active mode and passive mode. In active mode, both devices generate their own electromagnetic fields to communicate with each other. In passive mode, one device generates the electromagnetic field, and the other device uses that field for communication. Passive NFC devices, such as NFC-programmable TOTP tokens or NFC-enabled security keys, rely on an external electromagnetic field to power the chip and enable communication. These devices do not generate their own electromagnetic field. All Token2 devices with NFC operate in passive mode. Therefore, the aspects covered in this article are important.

Configuration window

By choosing "Token settings" from the app menu, you can access the configuration modification tool. This tool allows you to change the device settings. Please note that in most cases, it's best to leave the configuration at its default settings.

Mobile NFC Burner apps for the second-generation single-profile Token2 programmable tokens

It's important to note that the values displayed on the form above do not reflect the current configuration of the device; they are simply the default settings. This is because it's not possible to read the configuration or seed from the token; we can only write to it.

Additionally, exercise caution when making changes to the configuration. In some instances, altering the configuration may cause the token to stop working. For example, if you modify the time on a device with restricted time synchronization, the seed may be cleared for security reasons. Similarly, changing the algorithm setting, such as switching from SHA-1 to SHA-256, can break the configuration.

 About Timezone

Important: The time on the device is displayed and should be set in the UTC timezone (TOTP algorithm uses UTC only). By checking the "Auto" option, you can automatically use the system time of your device.



How NFC Works Differently on Android vs. iPhone
  • Android: NFC operates in the background, continuously scanning for tags or tokens to enable automatic detection and interaction without additional user input. When an NFC transfer is required, simply touch the NFC area of your device with a powered-on token. This action will activate the corresponding button, such as the 'Burn' button, allowing you to proceed.

  • iPhone: To use NFC, you must first activate it by pressing the relevant button (e.g., the 'Burn' button). An NFC dialog will then appear. Once the dialog is displayed, touch the NFC area—typically located near the top of the device, close to the front camera—with a powered-on token.


Install or Download

You can install the app from Google Play or Apple AppStore using the links below:

  


Or download the APK file from our server: