The process is simple for the user but complex internally. We will describe what happens from both sides.
User experience
The user has logged into the eSignus Backup Center. Now you will press the SCAN CARD button and place the card as shown on the screen. The position depends on the smartphone. In the following images, we can see the usual place for iPhones and android phones.
The next step is to remove the card while the following image appears on the screen. Now we will need to put the card again close to the phone and remove it when the apps require us to do so.
Voila, the card is included.
Internal process
We will explain step by step the complete initialization process below.
First step
You must place the card near the phone; when the NFC antenna detects it, the HAHSWallet Manager starts running the following process:
- Ensures the card is correct.
- Asks the card for an encryption public key.
- Asks the card for the Issuer Id.
Now you have to separate the card from the NFC antenna on the phone to finish the first step.
Second step
To start step two, you must place the card near the phone again, and when the NFC antenna detects it, the HASHWallet manager starts running the following process:
- Asks the HASHWallet Link card to generate the seed randomly and calculate the Recovery Key.
- HASHWallet Manager randomly generates a passphrase and sends it to HASHWallet Link card.
- HASHWallet Manager sends to the HASHWallet Link card the public encryption key.
- HASHWallet Manager sends to the HASHWallet Link card the encrypted UserId and CardName
- HASHWallet Manager asks the HASHWallet Link card to calculate the AES Key using the Recovery Seed.
- HASHWallet Manager asks to the HASHWallet Link card to store the FullCardName
- HASHWallet Manager asks the HASHWallet Link card to encrypt the RecoveryInfo file and to send it. It contains Recovery Key, Seed Public Key, and passphrase.
- HASHWallet Manager asks the HASHWallet Link card to encrypt the IssuerInfo file and to send it. It contains card id, card name and user id.
Finally, the HASHWallet Manager sends the RecoveryInfo file and the IssuerInfo to the Secure Vault in the eSignus Backup Center.
Third step
To start step three, you must place the card near the phone again, and when the NFC antenna detects it, the HASHWallet Manager starts running the following process:
- HASHWallet Manager asks the HASHWallet Link card to erase Recovery Seed, Recovery Key, user id, and passphrase.
- HASHWallet Manager asks the HASHWallet Link card to store the InitOk state.
The HASHWallet Link card has been initialized.