“nfc”

I would be more than happy to find some tutorials or insights. We are empty (don't have the NFC reader) but we are ready for an android version that uses Host Card Emulation. We would need to know if it is feasible in Apple iOS to create a pass in our app that goes to Wallet and then is ready to be used as an NFC card. It's quite difficult to understand if it is possibile, if so how, and what kind of readers do we need. Android docs states that reader should be ISODep compatible, here i'm searching but could not find any help. We can't go for external paying services

Does this mean through CTK we can detect PIV smart card through any reader (lighting/USB/NFC) without the need of any vendor intervention? If the PIV smart card is supported by the built-in PIV CTK appex, you don’t need any extra vendor support. You don’t even need CTK! You can work with the credentials on the smart card using just Security framework APIs. As to whether a specific PIV smart card is supported by iOS, I don’t have a comprehensive list of what is or isn’t supported [1]. I can only relate my own experience, namely, that a YubiKey 5 NFC works out of the box, with no Yubico software, when I plug it into the USB-C port on my iPad. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com [1] You might find more info about this on the Apple Support website.

Thanks. **If the smart card supports PIV, the system’s PIV support kicks in. This comes in the form of a CTK appex, which gets you to the same end state. ** Does this mean through CTK we can detect PIV smart card through any reader(lighting/USB/NFC) without the need of any vendor intervention?

Yes, I configured the NFC capability. Here is my entitlements file: com.apple.developer.nfc.readersession.formats NDEF TAG And my info.plist: com.apple.developer.nfc.readersession.iso7816.select-identifiers 315449432E494341 NFCReaderUsageDescription NFC reason

macOS does have a setting to disable debugging: https://developer.apple.com/library/archive/qa/qa1361/_index.html (and which itself can be circumvented) and does offer hardened run-time: https://developer.apple.com/documentation/security/hardened_runtime If you're already using that and want more... There are papers and write-ups on reverse-engineering and anti-reverse-engineeringposted around the 'net. Some folks will use a licensing dongle, whether USB or NFC or otherwise. Some vendors will use a support-based licensing scheme, and which requires periodic contact with servers you control. If the crack is loading exploit code at run-time (and somehow the hardened run-time isn't an option or isn't working for your case), you could submit known-bad license keys from various spots in the code (after the first real check, and fail (and preferably failing well after the good and bad checks, and preferably failing with an obscure run-time error selected from a list of reserved-for-cracks error codes, and

I see very limited documentation on how exactly CryptoTokenKit can detect the readers and fetch certificates from smart card. That’s because detecting the reader and fetching the certificates is done by the CTK appex, and how it does that is entirely up to it. Consider my YubiKey 5 NFC. It has multiple hardware interfaces, including USB and NFC. If I plug it into the USB-C port on my iPad, using a standard USB to USB-C adapter, it Just Works™. The token supports PIV and iOS has built-in PIV support. OTOH, if I try to use it over NFC, I must install Yubico’s app so that its CTK appex can route the request to the token’s NFC interface. If we want to fetch the certificates from smart cards connected via Bluetooth/lighting port, do we have to write an CryptoTokenKitExtension app? That depends on the token’s vendor: If the vendor has already written a CTK appex, your app can talk to the token that way. This is exactly what happens when I use my YubiKey over NFC. If not,