[Proposal] Contact / ID exchange for attendees

IndiaFOSS Conference
1

One of the challenges we faced at IndiaFOSS last year was to collect contact information from attendees at our booth. We had to find ad-hoc ways to get past this. In the spirit of FOSS, to help resolve this for ourselves and others, I am looking at proposing the following contact sharing solution and Mecha will help with the logistics on implementing it.

Core

We use programmable NFC tags to allow users to exchange contact information.

How will it work

  1. Before the conference, we will share few utilities on a public git repository with the FOSS United team -
    1.1 A cloudflare worker that can be published by FOSS United for their domain fossunited.org - I already checked that fossunited.org is using Cloudflare NS. They will set an AES key to decrypt (Cloudflare Workers supports AES decryption). The worker when deployed will return a url that will be used to trigger the worker. Cloudflare allows 100,000 requests per day for free, which might just be plenty.
    1.2 This worker will render the ID information as basic HTML, and allow export to Image or VCF.
    1.3 A utility to generate urls for each registration. These urls will have encrypted information of the attendee (including contact, email), using the encryption key used by the worker in #1.1.
  2. One volunteer on the registration desk will have pre-printed 1000-2000 NFC tags (based on registrations estimates) and a NFC Writer setup.
  3. On consent from the attendee, the volunteer will write the matching pre-generated url to the NFC card using the writer and hand-over.
  4. Whenever someone needs access to your contact, just tap to their phones and the URL will open allowing them to access your information. No special app needed, it works out of the box on Android and iOS.

Advantages

  1. Privacy conscious: In other conferences I have seen issues of privacy breach in the conventional QR code on badge approach where scans are made without knowledge or consent. In case of this, users will have to pull it out and tap it to the other person’s phone.
  2. Environment Friendly: You don’t need to dispose the card after the conference, continue using it as your Digital ID or Visiting Card.
  3. Reusability: Repurpose by rewriting the contact information or URL into the card using your phone (search NFC Tools on your app store/play store) after the conference.
  4. FOSS Swag: Show your NFC powered FOSS Badge to your friends, for kingdom and glory :european_castle:!

Setup / materials required

  1. 1000-2000 NFC Cards
  2. NFC Writer

We can go ahead once we receive confirmation from the governing board. Looking forward to feedback!

Shoaib

2 Likes
2

Can you clarify what the benefit is compared to writing the vcf/contact ino the the card itself? Are you saying their will be some PKI between FOSS United and the booths?

3

I tried doing that but iOS out of the box doesnt pickup VCF/Contact written into the card, Android does. This is why I had to propose the URL approach.

No PKI between FOSS united and booths. The PKI is between the urls generating utility (encryption) and the Cloudflare worker (decrypting). The encryption is applied to parameter(s) passed to the url. This way cloudflare worker doesnt need any database storage or anything to lookup. It just decodes from the url.

2 Likes
4

@Nemo opinions on this ?

5

Can we make a client side site that takes the contact info as flags in the URL and makes a VCF download?

Then we just store the URL like https://contact.me/vcf?email=jreilly1821@gmail.com&phone=1234567890&…,

6

I made something/I got some AI help

image
image1088Ă—439 38.2 KB

~/Downloads 
❯ cat "John Doe.vcf" 
BEGIN:VCARD
VERSION:3.0
FN:John Doe
N:John Doe;;;
EMAIL:john@example.com
TEL:1234567890
ORG:Acme Inc
TITLE:Engineer
END:VCARD

EDIT: I put it on CF Workers, you can try it yourself vCard Contact Generator

Its working on iOS, I’m way too proud of this:

7

We can set another field for FOSS United profile if they have one and we can even grab a profile pic from there. But that will make this more complex. As it is now it is now it seems like 80% of what’s needed.

Would this work @Shoaib_Merchant ? Re-reading what you wrote I guess you don’t want the unencrypted info on the tag… Just wondering what the security/privacy implications are of us sharing contact info from our own database.

EDIT: I made a simple client-side password thing here: GitHub - hanthor/vcfgen at password

https://vcf.reilly.asia/?data=U2FsdGVkX18Hpx0Mu%2BmdQLwsZ7Q48bTLfsX9D0j5emgiLRcNhWM5M9I4w7iPEd8WowlhQFbIxpThxDAYTU6hZuOq0h7pXIs6bjD6%2BpYmnGQJDR5njOE5%2FnqkovXUHO3e1nveDn7xXh53HtiHG9mp37g52Jgq%2Fau3UY2aWIyApeJjCGA8TnvPI5L%2FEEfVHy9N

password is 12345