Integrating physical devices with IOTA — The IOTA debit card, Part 3

The 8th part in a series of beginner tutorials on integrating physical devices with the IOTA protocol.


Introduction

This is the 8th part in a series of beginner tutorials where we explore integrating physical devices with the IOTA protocol. This tutorial is the third part in a sequence of tutorials where we will try to replicate a traditional fiat based debit card payment solution with an IOTA based solution. In this third tutorial we will be implementing i PIN code protection mechanism for our IOTA debit card.


The Use Case

If you followed the previous tutorial in this series you probably noticed that you are not asked for any authorization or credentials when paying with your IOTA debit card. While this might be fine in some use cases, there may be other use cases where this is not acceptable. Imagine if you lost your IOTA debit card and it was picked up by a bad actor. Without any protection mechanism there would be nothing preventing him from using your card. In this tutorial we will be addressing this issue by implementing a PIN code protection mechanism for our IOTA debit card.

This tutorial will be a little shorter than the previous tutorials in this series as we will not be introducing any new hardware or PyOTA functions.


The Python code — Part 1

The python code used in this tutorial will be split into two parts where the first part is the code used when assigning a new PIN code to your IOTA debit card. The second part is a modified version of the iota_debit_card_pay.py script from the previous tutorial. Only difference is that the new version will ask you for a PIN code before scanning your IOTA debit card.

So lets start with the first Python script that will allow you to assign your own four digit PIN code to your IOTA debit card. Notice that the new PIN code will be written to the first four bytes of both block 11 and 15. The reason we need to write the PIN code to two different blocks is that each block functions as an the authentication block for the two individual sectors where the IOTA seed is stored. Check out the 6th tutorial in this series for more information on reading and writing data from the Mifare RFID tag.

You can download the source code from here


Running the project

To run the the project, you first need to save the code in the previous section as a text file in the same folder as where you installed the MFRC522-python library.

Notice that Python program files uses the .py extension, so let’s save the file as iota_debit_card_pin.py on the Raspberry PI.

To execute the program, simply start a new terminal window, navigate to the folder where you saved iota_debit_card_pin.py and type:

python iota_debit_card_pin.py

You should now see the Python code being executed in your terminal window asking you for the old PIN code. After providing the old PIN code you will be asked for a new four digit PIN code.

Note!
If you are using a new RFID tag you can just press enter when asked for the old PIN code as the script then uses the default authentication key that was assigned to the tag during manufacturing.

Warning!
It is very important that you remember or make a note of any new PIN code you assign to your IOTA debit card as there is now way of resetting or changing the PIN code later on without first providing the old PIN code.


The Python code — Part 2

The second part is a modified version of the iota_debit_card_pay.py script from the previous tutorial. Only difference is that the new version will ask you for a PIN code before scanning your IOTA debit card.

You may download the source code from here

Running the project

To run the the project, you first need to save the code in the previous section as a text file in the same folder as where you installed the MFRC522-python library.

Notice that Python program files uses the .py extension, so let’s save the file as iota_debit_card_pay_pin.py on the Raspberry PI.

To execute the program, simply start a new terminal window, navigate to the folder where you saved iota_debit_card_pay_pin.py and type:

python iota_debit_card_pay_pin.py

You should now see the Python code being executed in your terminal window, first asking you for the amount of “blinks” you would like to purchase, then asking for a PIN code. Type the PIN code you assigned to the tag using the previous Python script (or press Enter if you have not assigned a new PIN code). If you do not provide a valid PIN code the script will abort with an authentication error.


Whats next?

I was thinking it would be fun to build a Visa style IOTA based payment terminal using some off-the-shelf components such as a keypad, 2x16 digit display and an RFID reader. I just hope i have enough GIO pins on my Raspberry PI. Will see how it goes.., stay tuned.


Donations

If you like this tutorial and want me to continue making others, feel free to make a small donation to the IOTA address shown below.

GTZUHQSPRAQCTSQBZEEMLZPQUPAA9LPLGWCKFNEVKBINXEXZRACVKKKCYPWPKH9AWLGJHPLOZZOYTALAWOVSIJIYVZ