PassNinja demo

[JulienParticipant]

First, I would like to thank you for the PassNinja demo, it is clearly a solution we would like to investigate for our project.

However, I am not sure if I have got a correct understanding of how the validation of the users identifier will be done by PassNinja.

Could you please confirm if I understood the validation process
correctly :

1- The PassNinja reader is running on a Raspberry device, equiped with an NFC interface.

2- The Raspberry will validate the passes, either online (using a server in AWS) or
offline (using a secure module).

3- Then we will have some of our code running in the Raspberry
that will check the validated identifier against our user database (on our servers), and
proceed accordingly.

Best Regards,
Julien

[JulienParticipant]

forum seems buggy, please see the rest of my question here : https://gist.github.com/jeyries/165b13f96537d6821836c5491b510d13

• This reply was modified 5 years, 7 months ago by  Julien.

[MatthewKeymaster]

Hello Julien,

Thanks for taking the time to reach out. To answer your questions above

1) You are correct. The reader is running on a RaspberryPi device with our proprietary NFC interface.

2) You are correct again. The reader hardware is linked directly to our infrastructure and can validate passes over an internet connection. We are working hard to bring offline validation to the system and will be rolling that out in the future. It will be possible, in the future, to download passes from an internet connected device, like an android cell phone running our application. That device can then securely connect to the non-internet connected RaspberryPi to transfer access tokens that can be expected to be presented.

3) There should be no need to run any validation on the RaspberryPi at all actually! Our proprietary hardware connects to our cloud infrastructure and there are a number of ways that our cloud infrastructure can validate your end users. All of this happens on our servers and before the customer knows it there validation is complete. This federated identity, and validating against existing auth providers helps makes life easy. Depending on your exact use case this make require some further discussion.

Thanks,
– Matt

[JulienParticipant]

Hello Matt,
Thanks for the answer. I have some more questions about the last point:
4) After validation of a pass, our server will need to get notified (we plan to do some analytics and reporting for our customer). How will that happen ?
5) Also, some action should be triggered locally by the reader (for example enabling an external device, opening a door lock etc.. ). I guess we could use some of the GPIO on the RaspberryPI for that purpose ?
Best Regards,
Julien
​

[MatthewKeymaster]

Julien,

4) After validation of a pass on our servers, we will make a POST request to a URL defined by your engineering team. Once we get to the point of secured validation, without an internet connection, we will be able to sync logs whenever a controlling android device is in range.

5) Our Node.js client on the Flomio RPi runs a daemon that provides this functionality. We can coordinate technical requirements and circumstances to confirm, but we have designed our system for flexibility to meet the most rigorous demands. We also have an in-house mechanical engineer that can assist with discussion about interactions with external relays and such.

Thanks,
– Matt

• This reply was modified 5 years, 7 months ago by  Matthew.
• This reply was modified 5 years, 7 months ago by  Matthew.

[JulienParticipant]

Thanks Matthew for these useful answers .

[Author]

Posts