B.Chain

Concept Definition

B.CHAIN is a biometric hardware wallet suitable for mass deployment. It reinforces the security of self-custodial mobile wallet handling digital assets and Web3 access. B.CHAIN supports most cryptocurrencies such as Bitcoin, Ether, ERC-20 tokens and many others. B.CHAIN is easy to integrate with the existing mobile wallet application (App) and interacts through the phone’s NFC communication interface: end users just need to tap to sign a transaction! A convenient and secure way to also interact with Web3 decentralized applications (dapps). The mobile wallet application providers maintain complete control over their user interfaces and functionalities. They design their prefered user experience while leveraging the B.CHAIN SDK that handles all communications with the card. The SDK is a set of libraries running on iOS 13.3+ and Android 8.1+. B.CHAIN manages a Hierarchical Deterministic (HD) wallet which needs to be initialized by loading a seed generated by the App using the BIP39 standard. The seed is securely transmitted in a binary format by the SDK to the Secure Element that stores the corresponding master private key in a protected memory. The card is then able to compute key pairs for various cryptocurrencies following the BIP32 derivation mechanism. Private keys never leave the Secure Element while public keys can be retrieved by the App to compute public addresses enabling to receive assets and check balances autonomously. Requesting a new public key from the card can be done at any time for maximum flexibility (e.g. the App supports a new cryptocurrency). Transactions are driven by the App, this is where the users will enter all data using the comfort of the mobile wallet’s interfaces. When the transaction is ready, the users simply taps their card on the back of their phone to generate the signature. They need to unlock their B.CHAIN using their fingerprint or by entering a PIN code or both. If the card is lost or stolen, users can quickly restore their crypto hardware wallet. The users enter the BIP39 recovery phrase they saved from the App display during wallet creation and tap a new card!

Use Cases

  • Sign Transaction
  • Manage crypto coin in the wallet
  • Fingerprint enrollment
  • (BIP32) creation on card
  • Wipe the card

Service Benefits

B.CHAIN is a user-friendly and secure way to hold crypto assets and sign blockchain transactions.

Within the service benefits we could include:

  • Mobile-friendly: first hardware wallet designed for mobile
  • Easy to use: just tap the biometric card to transact
  • Certified chip: secure cold storage
  • Fingerprint locked: theftproof with on-card biometrics
  • Portable: no charge required and easy to carry
  • Web3-enabled: access to the decentralized web
  • Cost effective: suitable for mass deployment

User experience

Use case diagram

User receives a new B.CHAIN card

When the user receives a new B.CHAIN card, no Hierarchical Deterministic (HD) wallet is implemented inside yet. Therefore, the two possible operations for the user from the App are either creating or restoring a wallet at this stage. New BChain Card

B.CHAIN card contains a HD wallet

When a HD wallet is successfully implemented on the card, the App may offer the following options to the user: Card Contains Hd Wallet

Create a new wallet

In the App, the user can choose to create a new crypto wallet with the option to secure its private keys in the B.CHAIN cold storage. The App developers can preconfigure the Cardholder Verification Methods (CVM) or leave the decision to the user in the interface. Depending on the desired CVM, the App prompts the user to define a PIN code and/or enroll her fingerprints on the card with the sleeve to authorize further operations. The App generates and displays a BIP39 mnemonic phrase and instructs the user to write it down on a paper for a potential recovery. After verifying the user has properly saved the mnemonic phrase, the App is expected to send the corresponding binary seed to the card. The B.CHAIN SDK is called to pair with the card, set the PIN and load the seed to instantiate a HD wallet. The App prompts the user to tap her card on the phone while applying her fingerprint on the sensor to authorize the operation. If the fingerprint verification on the card is successful, the HD wallet is implemented. New Wallet

Sign a transaction

The App initiates transactions depending on user intentions such as sending a payment or interacting with a Web3 decentralized application. The App formats and hashes the transaction for the required blockchain before requesting B.CHAIN SDK to perform a signature of it. Depending on the CVM, the App prompts the user to enter a PIN code and/or apply her fingerprint on the card to authorize the operation. The user taps the card to the back of her phone and the B.CHAIN SDK returns the expected signature if the user authentication was successful. The App can then broadcast the transaction on the network. Sign a transaction

Add a new cryptocurrency

The App may support various cryptocurrencies and offers the user to add a new asset to her wallet. If the user selects such option, the App requests the B.CHAIN SDK to get a public key by specifying the desired BIP32 path. Cardholder authentication is requested (i.e. enter PIN and/or apply fingerprint on the card sensor) and the user taps her card on the phone. The card returns a public key compressed or not and with or without the chain code if the cardholder verification was successful.

Change PIN

If the PIN is made available as a Cardholder Verification Method, the user may decide in the App to select the option to change its value. In that case, the App prompts the user to enter a new PIN value and requests a cardholder authentication such as entering PIN and/or applying finger on the card sensor. The user taps her card on the phone and the PIN value update is effective if the authentication was successful.

Restore a wallet

Restore a wallet

Wipe the card

Wiping a card is an irreversible operation. The user might decide to decommission the card if it is not needed anymore before disposing of it. This operation will delete the seed, keys and fingerprints stored in the card. In a wiped state, the card cannot be used again to create or restore a wallet. To wipe the card, the user selects this option in the App interface. The App prompts the user to enter a PIN code and apply her fingerprint on the card to authorize the operation. The user taps the card on the phone and B.CHAIN SDK requests the deletion of all data in the cold storage. If the cardholder authentication is successful, the wipe is performed and a status is returned to the App.

Wipe a card

Cardholder verification methods

The cardholder must authorize the operations of creating/restoring a wallet, signing a transaction, getting a public key, changing PIN or wiping a card. App providers have the flexibility to preconfigure the number of authorization factors required to pass these operations or leave the choice to the user in the App interface.

The cardholder verification method (CVM) can be one of the following:

  • PIN code verification,
  • on-card fingerprint verification,
  • PIN code verification AND on-card fingerprint verification.

They are usually setup during the creation of a wallet. App providers have the flexibility to design the application flow and user interfaces to enable these verification methods. Supporting for on-card fingerprint authentication is a unique differentiator for B.CHAIN. Both user experience and security are enhanced by choosing this verification method:

  • user simply applies her finger on the card sensor to trigger an authorization,
  • a lost or stolen card is protected by a biometric authentication.

User’s fingerprints enrollment on the card requires the use of a sleeve, which is included in the pack received by the customer. This enrollment device permits the cardholder to enroll the biometric template in an intuitive and user-friendly way. Any operation such as signing a blockchain transaction would require the user to apply her fingerprint on the card sensor. An IDEMIA algorithm matches the fingerprint put on the card’s fingerprint sensor, with the biometric template stored on the card’s chip during enrollment. The matching takes place “on the card” and the fingerprint never leaves the card to ensure privacy. No third party has access to the consumer fingerprint. The user applies her fingerprint on the card sensor and taps her card on the back of her phone to exchange securely information via NFC with the App embedding the B.CHAIN SDK.

Explore

Digital Card

Digital Card is a suite of services that enhances mobile banking apps, introduces new payment options, and creates unique cardholder experiences. Designed for issuers, it enables virtual card generation, contactless payments via digital wallets, and secure, seamless authentication.

Token Platform

IDEMIA Token Platform manages end-to-end processes to create, provision, and manage digital cards or payment tokens across diverse Token Requestors, including OEM PAY wallets, Issuer PAY wallets, QR code wallets, P2P wallets, and Token-on-File.

SRC Platform

IDEMIA SRC Platform offers a cross-network wallet for global payment networks, featuring an EMVCo-compliant Secure Remote Commerce (SRC) Buy Button for safe and convenient online checkout. It enables customers to pay with just a few clicks using stored payment details.