Molto-1-i NFC Burner app for iPhone

This page describes the app  that can be used to program and configure our multi-profile hardware token using Apple iPhone devices. Kindly note that only the iOS compatible token can be used with this app. iOS compatible token models will have "-i" appended to their part number: Molto-1-i


Compatibility 

All iPhones starting from iPhone 7 support NFC (iPhone 6 and 6S have the required hardware but Apple somehow limited access to these chips, so it’s not usable to third parties). None of the iPad models has the chip, nor do iPod touch devices. While our burner apps will most probably work on all devices mentioned above, we were only able to test on the following models so far: iPhone 8, iPhone SE2nd ,  iPhone X series and iPhone 11.
Please note that some customers have reported intermittent NFC issues with iPhone 7, newer models are all fine.

TOTP Profile selection

To burn seeds or configure TOTP settings, you first need to select the profile number (from 0 to 9) on the top of the app. The selection is maintained when you navigate between screens in the app.

Molto-1-i NFC Burner app for iPhone


Burning your first seed

Profile number 0 is pre-configured at the factory (for quality checks and initial testing) with the defaults settings, namely: 6-digit OTP, SHA1 hash and timestep of 30 seconds. Therefore, profile number 0 can be seeded without the need of configuring it first. All other profiles (from 1 to 9) will need to be configured before the seed can be burnt (described in the next section)

1. Scan the QR code using "Scan QR" button, this will extract the secret key from the TOTP QR code and populate the hex field. You can also enter the hex value of the secret directly in the text field. You can also enter the secret in base32 format using "Base 32" button, this will automatically convert it to Hex value and populate the field.

Molto-1-i NFC Burner app for iPhone

2. Before burning the seed, turn off the Molto-1-i device (if powered on) then long-press the power button (for about 5-7 seconds). This should enable “Programming mode” on the device.

Molto-1-i NFC Burner app for iPhone

3. Touch "Burn seed" button, and once the NFC Prompt appears, touch the top of your iPhone with the token. Again, make sure the token is in "programming mode"

Molto-1-i NFC Burner app for iPhone

4. After the process is completed successfully the NFC Prompt should show "Success!" text and disappear

Molto-1-i NFC Burner app for iPhone


TOTP Profile configuration

The TOTP profiles (except pre-configured №0) have to be configured before they can be used. The profiles can be configured separately - to access the profile configuration settings, select "Configure Profiles" from the app menu

Molto-1-i NFC Burner app for iPhone

Select the profile (from 0 to 9) and set the configuration as shown on the screen. You can select the following values: 

  1. Timestep:  30 or 60 seconds
  2. Hash algorithm: SHA1 or SHA256
  3. System time: you can enter the time value manually, or keep it in Auto to use the iPhone's system time
  4. OTP Length: 4,6,8 or 10 digits
  5. Profile title: sets the text title for the profile (i.e. "Google" for profile №3, will show "3.Google" on the token's LCD screen)

Please note that settings from 1 to 4 in the list above are applied using "apply profile config" button. Profile title (5) is applied using "set title" button

Device configuration

The settings below are not per profile and apply to the device itself. You can access these settings from the App menu -> Device Configuration

Molto-1-i NFC Burner app for iPhone

The following settings are possible to change:

Customer key

You can change the customer key of your Molto-1-i device to make sure nobody else can change the settings of your TOTP profiles. The app should have the correct customer key entered in the system configuration to allow to perform TOTP Profile configuration changes and burning the seeds. To prevent brute-force attacks, the system will perform a factory reset after 200 unsuccessful attempts. Please note that currently, the key is only accepted as a hex string.

PIN Code

Starting from this version (Molto-1-i), it is possible to protect your OTP codes with an optional PIN code. If configured on the device, the TOTP profiles can only be used after the correct PIN is entered. 
Molto-1-i NFC Burner app for iPhone

You can set the PIN of 6 digits for the OTP device via ‘PIN Change’ button to enter 6 digits PIN and click the “set PIN code” button (No PIN is set by default). If the PIN fails for more than a predetermined number of times, the device will be reset. To remove the PIN, leave the PIN field empty and press "set PIN code" button again.  For both setting and removing the PIN code, it is also necessary to complete the PIN set operation by pressing the key 0 on the OTP token when it prompts.

Molto-1-i NFC Burner app for iPhone


Screen standby time

The display of the hardware token automatically turns off after a certain period of time. You can change this period in the “Set standby time” section. 

Factory reset

If for some reason, you want to clean all profiles or in case you forgot the customer key and want to set a new one, you can use the "restore to factory settings" button. Kindly note that this operation will not only delete all TOTP seeds but also clear the configuration, including the time settings and the default profile settings.