[Proposal] Contact / ID exchange for attendees

One of the challenges we faced at IndiaFOSS last year was to collect contact information from attendees at our booth. We had to find ad-hoc ways to get past this. In the spirit of FOSS, to help resolve this for ourselves and others, I am looking at proposing the following contact sharing solution and Mecha will help with the logistics on implementing it.

Core

We use programmable NFC tags to allow users to exchange contact information.

How will it work

  1. Before the conference, we will share few utilities on a public git repository with the FOSS United team -
    1.1 A cloudflare worker that can be published by FOSS United for their domain fossunited.org - I already checked that fossunited.org is using Cloudflare NS. They will set an AES key to decrypt (Cloudflare Workers supports AES decryption). The worker when deployed will return a url that will be used to trigger the worker. Cloudflare allows 100,000 requests per day for free, which might just be plenty.
    1.2 This worker will render the ID information as basic HTML, and allow export to Image or VCF.
    1.3 A utility to generate urls for each registration. These urls will have encrypted information of the attendee (including contact, email), using the encryption key used by the worker in #1.1.
  2. One volunteer on the registration desk will have pre-printed 1000-2000 NFC tags (based on registrations estimates) and a NFC Writer setup.
  3. On consent from the attendee, the volunteer will write the matching pre-generated url to the NFC card using the writer and hand-over.
  4. Whenever someone needs access to your contact, just tap to their phones and the URL will open allowing them to access your information. No special app needed, it works out of the box on Android and iOS.

Advantages

  1. Privacy conscious: In other conferences I have seen issues of privacy breach in the conventional QR code on badge approach where scans are made without knowledge or consent. In case of this, users will have to pull it out and tap it to the other person’s phone.
  2. Environment Friendly: You don’t need to dispose the card after the conference, continue using it as your Digital ID or Visiting Card.
  3. Reusability: Repurpose by rewriting the contact information or URL into the card using your phone (search NFC Tools on your app store/play store) after the conference.
  4. FOSS Swag: Show your NFC powered FOSS Badge to your friends, for kingdom and glory :european_castle:!

Setup / materials required

  1. 1000-2000 NFC Cards
  2. NFC Writer

We can go ahead once we receive confirmation from the governing board. Looking forward to feedback!

Shoaib

3 Likes

Can you clarify what the benefit is compared to writing the vcf/contact ino the the card itself? Are you saying their will be some PKI between FOSS United and the booths?

I tried doing that but iOS out of the box doesnt pickup VCF/Contact written into the card, Android does. This is why I had to propose the URL approach.

No PKI between FOSS united and booths. The PKI is between the urls generating utility (encryption) and the Cloudflare worker (decrypting). The encryption is applied to parameter(s) passed to the url. This way cloudflare worker doesnt need any database storage or anything to lookup. It just decodes from the url.

2 Likes

@Nemo opinions on this ?

Can we make a client side site that takes the contact info as flags in the URL and makes a VCF download?

Then we just store the URL like https://contact.me/vcf?email=jreilly1821@gmail.com&phone=1234567890&…,

I made something/I got some AI help

~/Downloads 
āÆ cat "John Doe.vcf" 
BEGIN:VCARD
VERSION:3.0
FN:John Doe
N:John Doe;;;
EMAIL:john@example.com
TEL:1234567890
ORG:Acme Inc
TITLE:Engineer
END:VCARD

EDIT: I put it on CF Workers, you can try it yourself vCard Contact Generator

Its working on iOS, I’m way too proud of this:

We can set another field for FOSS United profile if they have one and we can even grab a profile pic from there. But that will make this more complex. As it is now it is now it seems like 80% of what’s needed.

Would this work @Shoaib_Merchant ? Re-reading what you wrote I guess you don’t want the unencrypted info on the tag… Just wondering what the security/privacy implications are of us sharing contact info from our own database.

EDIT: I made a simple client-side password thing here: GitHub - hanthor/vcfgen at password

https://vcf.reilly.asia/?data=U2FsdGVkX18Hpx0Mu%2BmdQLwsZ7Q48bTLfsX9D0j5emgiLRcNhWM5M9I4w7iPEd8WowlhQFbIxpThxDAYTU6hZuOq0h7pXIs6bjD6%2BpYmnGQJDR5njOE5%2FnqkovXUHO3e1nveDn7xXh53HtiHG9mp37g52Jgq%2Fau3UY2aWIyApeJjCGA8TnvPI5L%2FEEfVHy9N

password is 12345

This is the most important aspect that we have to consider first.

(EDIT: posted first by mistake, remaining items here)

Can you please explain what these challenges were ? In the absence of a conference provided method of contact sharing, booths typically use various ways of collecting data. Some ask interested people to write down contact details, some ask them to scan QR codes, some give away goodies in exchange for info.

I’ve been sharing my vCard over a QR code for the last 2 years, and it works great on iOS. Android on the other hand doesn’t like open standards and refuses to read VCF files - it is variable upon what apps you have installed, what you use to scan, and what vendor you are using. The only real limitation is the amount of info that you can squeeze into a QR and keep it scannable on potato cameras. Android also ignores a lot of Vcard extensions (such as X-URLs for social profiles).

This is my VCF QR, you can test it and see what all fields you get. It has my email, homepage, twitter, and mastodon.

We started doing NFC tags at Puzzled Pint BLR recently (stamped cards that hold your team name), and the fastest writing solution still takes ~20 seconds (finding the right URL on the laptop, clicking a button to trigger a QR, scanning that on my phone which immediately writes to the tag). There’s also pricing - NFC cards are ~20-25/INR, which will eat into the ticket prices. Also, not all phones have NFC, thus limiting usability.

Since the only reason for proposing a NFC over QR seems to be privacy, can we instead have a foldable QR? Or a sticky QR that you decide where to stick? That way, you need to intentionally show your QR to let others scan it?

3 Likes

I assumed this was more of a policy than a technical challenge for FOSS United. I may be wrong.
Proposed solution has its merits, but need to assess if the juice is worth the squeeze.
Interested to have some of the other folks weigh in.

4 Likes

Yeah, thinking about it. I’d prefer just a QR code on my phone than a printed QR or a NFC tag. Last year I just shared my LinkedIn… Seems like people make do person-to-person, @Shoaib_Merchant is trying to solve the ā€œbooth wants to make a contact listā€ issue. I’m thinking I agree with Ram that it’s not worth having a conference wide system. But it was fun to play around with!

Google Lens picks up some of it (your website link) but only let’s me save your email

Binary Eye works but still won’t save the socials to a contact

We discussed using FOSS United profiles for this. Participants already get a ticket QR that we use for checkins. Once that is done, these qrs can be redirected to their FOSS United profile (Ansh Arora), where users already share their social media platforms. We can add email as another option there

@Shree_Kumar the challenge on the booth was to collect their contact info and also add some notes. We ended up using a tablet to let them populate their details, but this wasnt effective because at a time only one person would be using the tablet and when there is a crowd at the booth it was hard to attend to everyone. Also folks get impatient when we cant address them. Also making them scan QR code to submit their info was not effective as people thought of it as a ā€˜chore’.

On a side note, having access to their display picture would also help us recollect, because of the number of people we end up interacting with it in the two days.

@James_Reilly we can pass all the parameters directly in the url and generate the VCF, my only concern in that approach is the treatment of personally identifiable data. I would not prefer it to be easily logged or recorded anywhere, for example anyone with access to Cloudflare within FOSS United should also not easily be able to retrieve it. The AES encryption I suggested would not be too difficult to implement. Also prevent any abuse of the worker (nobody can use it outside FOSSunited) as key would not be known.

@Nemo @Shree_Kumar I am okay with the printed QR codes approach as well, the only challenge is unsolicited scans. If this is not a big issue then badge QR is the way to go.

@ansh - I thought of this too, but I wouldn’t want my email and contact number to be published on a public link.

Person to person is not an issue at all, but that would be an added advantage. The main purpose of this is to solve it for booths as on the booth you are interacting with a lot of people. I will give a real scenario, we spoke to so many students that we would have loved to engage with after few months for internships but we just dont have their info as it wasnt possible to do that.

Most conferences end up having some scanner app for the sponsors/booths to use. I wanted to try and avoid that approach and rather rely on something open and useful for the rest of the folks too (maybe even after the conference)

Bumping this @Shree_Kumar, I am keen to solve this problem before IndiaFOSS 2025 - irrespective of the specific solution.

There’s something @ansh had come up with. Will let him describe it here.

We discussed using FOSS United profiles for this. Participants already get a ticket QR that we use for checkins. Once that is done, these qrs can be redirected to their FOSS United profile (Ansh Arora), where users already share their social media platforms. We can add email as another option there.

This is what I had in mind.

@ansh - I thought of this too, but I wouldn’t want my email and contact number to be published on a public link.

I guess I was looking at this more as a way for ā€œparticipants to connect with each other through their preferred platformā€ and less for ā€œbooths to collect participant informationā€. So yes in your case, this will only work for participants who are okay mentioning their email on a public platform (github profiles allow this too), and several others might choose to be contacted over linkedin etc.

the fastest writing solution still takes ~20 seconds (finding the right URL on the laptop, clicking a button to trigger a QR, scanning that on my phone which immediately writes to the tag). There’s also pricing - NFC cards are ~20-25/INR, which will eat into the ticket prices. Also, not all phones have NFC, thus limiting usability.

I think everyone agrees that NFC is not the right approach to be doing this. We’re expect a LOT more participants this year so I don’t want to add anything that slows down the registration desk process further.

I don’t see any objections to the QR proposal, so we can perhaps start working towards that direction (and eliminate FU profile from the picture)? @Shree_Kumar @rahulporuri @Nemo @Shoaib_Merchant

@Arya_Kiran you had mentioned that you will try to check if a redirect can be setup on the tickets QR once participant check-in has completed. Any progress there?

Hey, I dont have the bandwidth atm to work on the PR, so it’d be great if someone else can take that up

1 Like