The big knowledge behind the little "connection"

The big knowledge behind the little "connection"

During the long-term user support process, we found that many users often encounter the small "threshold" of Bluetooth connection when using imKey for the first time. At the same time, with the significant improvement of security awareness among digital asset users, the types of hardware wallets on the market are becoming more and more abundant, and the connection methods used are also different, such as USB, QR code scanning, NFC, Bluetooth, etc., each with its own strengths. Some users also have certain doubts about the security of Bluetooth connection.

This article will focus on introducing relevant knowledge about "Bluetooth connection".

Q: Why does the Bluetooth connection prompt fail to find imKey when imKey is first paired?

A: Many users have used Bluetooth headsets, Bluetooth speakers, and other Bluetooth devices. Therefore, when using imKey for the first time, they often habitually search for devices to connect to imKey in the Bluetooth menu in the system settings of their mobile phones. However, this connection method makes the Bluetooth channel occupied by the system-level Bluetooth, and imKey only supports one-to-one connections at the same time, which causes the App (such as imToken wallet) to fail to discover the imKey device and the Bluetooth connection fails. Therefore, the correct unlocking method is to search for imKey and connect directly in the App. For specific operations, please refer to the "imKey first pairing tutorial" in the imKey official website help center.

Q: What is the Bluetooth pairing code?

A: The Bluetooth pairing code is a 6-digit random verification code, mainly to improve the security of Bluetooth connection, to ensure that not any device can access imKey. The principle of the Bluetooth pairing code matching mechanism is that the Bluetooth chip internally maintains a list of external device access. When an external device tries to access imKey, imKey will check and verify. If it cannot be found in the access list, it will force a pairing code input box to pop up, requiring verification input on the external device.

Q: Do I need to enter the Bluetooth pairing code every time I connect?

A: After the Bluetooth connection is successfully paired, the paired device has been added to the access list, and there is no need to enter it again when accessing again.

Note: If the user accidentally deletes or cancels the device name in the Bluetooth menu of the mobile phone system, then when accessing it again, they need to re-enter the verification code because just like imKey, the Bluetooth of the mobile phone system also maintains an access list and deleting it will require re-verification when accessing again.

Q: There are related articles introducing security vulnerabilities in Bluetooth connections. How does imKey ensure the security of Bluetooth connections?

A: There is a potential risk of man-in-the-middle attacks in Bluetooth connections. ImKey has fully considered this point in the product design stage and therefore adopts the security mechanism of binding code to prevent the risk of man-in-the-middle attacks. For those who are not familiar with the binding code, please refer to the previous classroom "How to use the binding code to guard asset security."

Q: How long does the Bluetooth connection last for imKey?

A: When imKey is in use and there is data access, the connection will be kept valid all the time.

Due to the limited battery capacity of the device, if there is no data communication within 5 minutes, imKey will automatically enter a low-power sleep state. This mechanism can save power and extend standby time.

If data access or button operation is received within 5 minutes, Bluetooth will be awakened again, the screen will be lit up, but at this time, you need to enter the PIN verification again to perform subsequent operations.

Q: Can the device name of imKey be changed?

A: The device name is randomly generated in the initial state, but after successfully binding with an app (such as the imToken wallet), the device name can be changed on the wallet management page. The device name consists of letters and numbers and is 1-12 characters in length.

Q: What other security designs does imKey adopt to address potential security risks associated with Bluetooth connections?

A: In addition to the security mechanisms mentioned above, imKey also implements security measures from the following aspects:

  • The Bluetooth access API of imKey is restricted, which means that when you search for a Bluetooth device in the app (such as the imToken wallet), only the imKey device can be searched for, and other non-associated devices cannot be searched.

  • The Bluetooth connection of imKey is one-to-one, and when the imKey device is in a Bluetooth connection, other devices cannot discover the current imKey device.

  • The Bluetooth communication adopts the highest level of security to ensure the security of the Bluetooth link-layer data.

Through systematic security mechanisms, imKey's interaction method using Bluetooth connection strikes a balance between security and convenience, and users can use it with confidence.