As said, the ownership of a card is the right granted to someone to allow him to perform sensitive operation on the card. This right is always given to a user using the wired interface (via smart card reader). While it’s only given at the first use of the card through the NFC wireless interface. That means the very first user to scan a freshly bought card got the ownership’s right on his mobile and can thus perform sensitive operation on the card.
Sensitive operations include :
- Create and seal a new crypto vault.
- Unseal a vault and display private keys.
- Reset a vault.
It also includes the right to transfer ownership.
To distinguish the legitimate owner of the card from other users, a pairing process is initiated when the card is transfered to a new owner. To initiate this transfer, the former owner simply click on the ‘Transfer card’ or ‘Transfer ownership’ button in the in the main menu. Immediatly after, the card should be disconnected and provided the new owner to initiate new pairing.
A message is then shown to confirm that a new pairing has been successfully established with the new owner through the app. If the transfer of ownership has not been initiated by the previous owner, the new owner SHOULD perform this transfer as soon as possible. The procedure is the same, except that in this case, it MUST be done via the ‘trusted’ wired interface (since pairing is a sensitive operation and it can only be done via the NFC interface by the legitimate owner).