FIX ID - User Guide
FIX ID App Description
The FIX ID app securely identifies FIX Network community members by means of subscriber-owned global phone numbers that serve as unique Digital Identities. This app and associated services allow participants to perform secure transactions through user-defined policies, sign transactions with cryptographic signatures, and even recover access to lost phone numbers. These highly flexible policies may be dependent on the participant's trusted social circle and multi-factor/multi-device parameters, including the use of FIX SIM cards.
The FIX ID ecosystem consists of four components:
FIX ID App - The app for defining and managing policies. This app is compatible with Android and iOS devices.
FIX Network Digital Identity Card - An NFC (near field communication) card that includes an embedded, unique FIX Network Digital Identity number.
FIX SIM card - This SIM card is capable of generating digital signatures created from a private key secured in the SIM, and also participates in FIX Security Policies that are implemented when using the FIX ID app. Note that the FIX SIM card does not support voice calls.
FIX SIM Firmware Toolkit - This is an add-on to the generic SIM Toolkit app that is installed in your Android or iOS device. The FIX SIM Toolkit is used to configure and control the actions of the FIX SIM card. The main functions supported by the toolkit are:
1) Reading the SIM serial number for use by the FIX ID App.
2) Importing or generating a random BIP39 seed that is used to support private/public key services. Note that if a seed is imported, then that seed must consist of 128 alphanumeric characters.
3) Controlling the generation of cryptographic signatures. By default, the SIM is "Disarmed" and signatures will not be permitted. If the signature state is set to "Armed", then A SINGLE SIGNATURE WILL BE ALLOWED, after which the permission automatically reverts to the "Disarmed" state. If the signature state is set to "Allowed", then MULTIPLE SIGNATURES WILL BE PERMITTED, until the signature permission is manually reset to the "Disarmed" state by the user.
Installation and Setup
Each FIX ID App user should have in their possession a FIX Network Digital Identity Card and a FIX SIM card. There is no requirement that a specific SIM card should be matched to a particular FIX Network Digital Identity Card.
Install the SIM card in an Android or iOS device. Ensure that the SIM is recognized by the device (SIM name "FIX") and is enabled for mobile data use, including data roaming and SMS texts.
Download and install the FIX ID app from the Google Play Store for Android devices, or the App Store for iOS devices.
In the FIX ID app, enter the FIX Network phone number as shown on the Digital Identity Card. Note that the prefix "883" should not be entered.
Once the phone number has been verified, an email with a 4-digit code will be sent to the email address of the primary contact (that is, the person who ordered the FIX SIM kit).
This code should be entered in the FIX ID app. Note this if you are not the primary contact, you must get this code from the primary contact.
The SIM serial number must now be entered in the FIX ID app. To find this number, open the generic SIM Toolkit app installed on your Android or iOS device, and select the "FIX Service" option. The 20-digit SIM serial number will be displayed, and this number should be copied and then pasted into the FIX ID app.
In the FIX ID app, enter a "friendly" name for this FIX SIM card, and add an icon to easily identify the SIM.
Before a FIX SIM may be used for FIX policies, a number of steps are required in order to verify the SIM as follows:
Access the SIM Toolkit and configure a PIN code to secure user access to the SIM.
Import a BIP39 seed, or select "Randomize seed" to automatically generate a random BIP39 seed.
In the FIX ID app, start the SIM configuration process.
An SMS with a password will be sent to the device in which the FIX SIM is installed. Enter that password in the FIX ID app.
On completion of this step, a check will be made to ensure that the SIM is protected by a PIN code, and has both a private and public key configured.
Only after the completion of all of these steps and configuration verifications will the SIM be able to be used in conjunction with FIX policies.
Using Policies in the FIX ID app
FIX Policies involve "trusted friends" and/or "trusted SIMs" that serve to authenticate those policies. Each policy may have a different set of rules, according to the requirements and specifications of the FIX ID App user.
A "trusted friend" is a person who has installed the FIX ID app and may be called upon to verify a specific policy through that app. A "trusted SIM" refers to a FIX SIM card that has been installed in any appropriate device and has been verified according to the installation steps detailed above.
Policies are highly flexible and may include rules that specify that the policy is able to be verified by, for example, two out of five trusted friends who have been listed in that policy. This architecture takes into consideration that not all trusted friends might be immediately available to verify a policy. However, policies also allow for "mandatory friends" and "mandatory SIMs", which mean that these friends or SIMs are essential for the verification of a policy.
A typical FIX policy may be used to enforce a secure login to the New Capital Exchange, using a single trusted FIX SIM to safeguard the policy. The steps required to implement such a policy are as follows:
On the bottom menu of the FIX ID app, select "Policies".
Click on the "+" sign at the top left-hand corner of the screen to add a policy.
Enter a name for this policy, such as "NCE Login".
Click on "Add Service" to add a specific service to the policy and select "New Capital".
Under "Add operation", select "Login".
On the "NCE Login" policy screen, set the "Trusted SIM" number to "1".
Important - Prior to using this policy to log in to the New Capital Exchange, the trusted SIM must be enabled to provide a secure signature. If this is not done, then the login will be unsuccessful.
Last updated