iOS NFC Burners for single profile Token2 programmable tokens
This page describes apps that can be used to program and configure our single profile hardware tokens using Apple iPhone devices. Kindly note that only iOS compatible tokens can be used with these apps. iOS compatible token models will have "-i" appended to their part number.
CompatibilityAll iPhones starting from iPhone 7 support NFC (iPhone 6 and 6S have the required hardware but Apple somehow limited access to these chips, so it’s not usable to third parties). None of the iPad models has the chip, nor do iPod touch devices. While our burner apps will most probably work on all devices mentioned above, we were only able to test on the following models so far: iPhone 8, iPhone SE2nd, iPhone X, iPhone 11.
Please note that some customers have reported intermittent NFC issues with iPhone 7, newer models are all fine.
TOKEN2 NFC Burner
This is a simple NFC burner and is very similar to our Android app. In addition to burning the seeds, the app will also allow configuring advanced settings, such as the hash algorithm (sha-1 or sha-2), the time offset (30 seconds or 60 seconds), the display power-off time out (from 15 seconds to 120 seconds) and time synchronization.
Burning a seed
The main window of the app is allowing to burn a seed to a programmable token by scanning the seed QR code or typing it in manually. This is the only screen you will be using in 99% of the cases.
- To burn a seed, launch the app, then touch the 'Scan QR' button to scan a TOTP QR code using your camera. If the provisioning needs to be done by typing in or pasting a seed in text format, you can enter the seed in the 'Seed (in hex)' field if the secret is in hex format, or touch 'enter in base32' button if the seed needs to be entered in base32.
- Once the seed field has been filled, touch the "Burn seed" button, then turn the hardware token on and touch the top of the device.
the process completion (or any errors) will be shown in the 'Results' area
When you click on the "Gears" icon in the seed burning window, you can access the configuration modification tool. This tool allows you to change the settings of the device. Please keep in mind that, in most cases, it's best to leave the configuration at its default settings.
It's important to note that the values displayed on the form above do not reflect the current configuration of the device; they are simply the default settings. This is because it's not possible to read the configuration or seed from the token; we can only write to it.
Additionally, exercise caution when making changes to the configuration. In some instances, altering the configuration may cause the token to stop working. For example, if you modify the time on a device with restricted time synchronization, the seed may be cleared for security reasons. Similarly, changing the algorithm setting, such as switching from SHA1 to SHA256, can break the configuration.
Seed display security mode
In the "secure" mode that can be selected on top of the app, the seed value will not be shown in the text field and will be automatically removed on every successful burn operation.
Token2 TOTP+ is an app that combines a regular TOTP mobile authenticator app with an NFC burner app allowing to enroll TOTP profiles and copy them over to Token2 programmable hardware tokens. Any TOTP profile that was added to TOTP+ app can be instantly transferred over to a programmable token by touching the "burn" icon of the profile.
TOTP+ will store the TOTP profiles in iCloud Keychain, so when you move your iCloud account to another device, you the profiles will be restored on the new device automatically. This is why we recommend using the app only if your iCloud account is protected with two-factor authentication
Subscribe to our mailing list
Want to keep up-to-date with the latest Token2 news, projects and events? Join our mailing list!