QMFA Wallet Guidelines

Q: What is the Qwantum Platform?

A: The Qwantum Platform is a security framework that harnesses tokenization and authentication. It creates digital tokens in real time to replace old security methods like cards, tags, usernames and passwords. The platform modernizes how you manage identity and access, helping to prevent fraud.

Q: How is the Qwantum Platform different from older security systems?

A: Unlike traditional systems, the Qwantum Platform eliminates static information like passwords or personally identifiable information (PII). Each authentication event is unique, tied to a user, their token, their device, and the exact moment in time. The platform is flexible, OS-agnostic, and can work with your existing hardware.

Q: What are the main benefits of the Qwantum Platform?

A:

• Enhanced Security: It removes static credentials, which are vulnerable to being stolen or guessed.
• Zero PII: No personally identifiable information is shared at the point of validation.
• Easy Integration: It includes APIs and SDKs for simple integration into existing systems.
• Cost-Effective: You can use your existing hardware and do not need to purchase new PIN pads.
• Convenience: The platform is designed for a mobile-first experience, offering fast, seamless access.

Q: What are Qwantum Tokens?

A: Qwantum Tokens are dynamic, digital credentials. They are generated by the Qwantum Platform for a specific purpose, such as granting access to a facility, a website, loyalty points, even stored value. You can store these tokens in the QMFA Wallet app.

Q: What kinds of tokens can you store?

A: The Qwantum Platform can generate a variety of Qwantum Tokens and format them in the following ways:

• QR Codes: Scannable QR Codes used for physical and digital access.
• Hyperlinks: Hyperlinked URLs/URIs that can instantly open web pages.
• VAS Passes: VAS Passes for Apple and Google Wallet that use Near Field Communication (NFC) or QR codes.
• NTAGS/MIFARE Tags: Other NFC-based credentials such as Ntags and Mifare tags.

Q: What authentication factors are available as options?

A: The Qwantum Platform supports a variety of authentication factors designed for different security needs:

• One-Time Codes (OTCs): Single-use codes for high-security, short-lived events like transaction approvals. They expire after one use.
• Timed Access Codes (TACs): Tokens for longer-term access, like a facility entry. They can be set to last for a specific period or number of uses.
• Time-Based One-Time Passwords (TOTPs): Automatically regenerating codes that change every 30 to 60 seconds. You generate them on your device, making them resistant to interception.

Q: How are Qwantum Tokens used in the real world?

A: You can use Qwantum Tokens to solve many authentication problems. For example, they can:

• Control access to facilities, server rooms, or private clubs.
• Streamline member and identity credentialing in a secure way.
• Protect high-risk transactions in retail, banking, casinos, healthcare, and other industries.
• Provide an eco-friendly alternative to physical cards and IDs.

Q: What are Claims?

A: Qwantum Tokens can have customized Claims.  A Claim is a piece of information asserted about the user or the access event. It is a key/value pair that contains verifiable data.

Q: Can I integrate the Qwantum Platform with my company’s existing systems?

A: Yes. The Qwantum Platform has a published API and extensive online documentation. It is designed for easy integration with your existing apps or access control systems. You can even access a sandbox environment to begin testing. Solutions architects are also available to help your team implement the platform.

Q: What is the QMFA Wallet app?

A: The QMFA Wallet app is a secure, convenient digital token wallet that transforms how you manage digital credentials.

Q: What kind of digital tokens can I store in the QMFA Wallet app?

A: You can store various types of digital tokens, including:

• Simple text strings
• URLs/URIs
• URLs/URIs with integrated data, allowing for automatic input of token data or TOTP codes into web page fields

Q: How does the QMFA Wallet app work?

A: The app displays your saved tokens as scannable QR codes. When you scan a QR code, URLs open instantly, and for URLs with tokens or TOTPs, the app automatically pastes the required information into designated fields on the webpage.

Q: What are the main benefits of using the QMFA Wallet app?

A: QMFA streamlines your digital interactions, making it faster and more secure to access online services and information.

Q: What is new about the app's navigation and look?

A: The app features a redesigned user interface (UI) with a foundational bottom menu bar for key functions (view toggle, management, add token) and a top-right Management Menu for global security and support. You can also now toggle instantly between Dark Mode and Light Mode using the Appearance Toggle icon.

Q: How do I change the view or see all my tokens at once?

A: Use the View Toggle on the bottom menu bar to switch between the QR Code View (for quick scanning) and the List View (for a comprehensive, scrollable overview of all your tokens).

Q: How do I add a new token to the iPhone app?

A: To add a token:

• Tap the Plus Sign icon on the bottom menu bar to launch the Add New Token flow.
• You can either scan a properly formatted QPass QR Code for instant provisioning or manually fill out the fields.
• When manually entering data, you can optionally include a Token Secret (for TOTP) and an Image URL for custom token branding.
• Press "Add Token" to save.

Q: Can I easily change the order of my tokens?

A: Yes. In List View or the Managed Tokens Page, you can use Force Touch (press firmly) on a token and then drag and drop it to its desired position. This custom sort order is instantly synchronized with your Apple Watch app.

Q: How do I access quick-sharing or link-opening actions?

A: Use Force Touch (long-press) on a token's QR code in QR View to open a dynamic menu with quick-access options like Open in Browser, External Link Sharing, and Quick Data Copy (to clipboard).

Q: Can I share my tokens with another user?

A: Yes. Using the Quick-Access menu, you can select Secure QPass Transfer to safely transfer eligible tokens to another QMFA Wallet user. Note that tokens designed for single-user security, such as those with a Token Secret/TOTP, cannot be shared.

Q: How do I delete a token from the iPhone app now?

A: To delete a token, navigate to the Managed Tokens Page (using the cogwheel icon). On this page, simply swipe from right to left on any token listing to initiate the deletion process.

Q: Is there a limit to how many tokens I can add to the iPhone app?

A: No, the app allows you to add an unlimited number of tokens.

Q: How do I use a token for scanning with my iPhone?

A: To use a token:

• Tap the app icon on your iPhone's home screen to launch it.
• Navigate to the desired token using either the QR View or List View.
• A QR code for your selected token will appear on your iPhone screen, ready for scanning by an MMS Dyna Family device with BCR.
• Hold your iPhone in front of a QR code reader on an MMS Dyna Family device with BCR. The device automatically reads the necessary information.

Q: How do I see the Time-Based One-Time Password (TOTP) on the iPhone app?

A: If you need to see the TOTP manually for entry, locate it on the screen. It will appear on the phone app in red text beneath the QR Code and it will show a countdown timer changing every 30 seconds from 0 seconds and 30 seconds past the minute. If a Token has no Token Secret, then that Token will not have a generated TOTP.

Q: What are the key advantages of using the Apple Watch app?

A: The Apple Watch app offers:

• Convenience on Your Wrist: Carry and use digital tokens directly on your Apple Watch, eliminating the need for physical cards or fumbling with a phone.
• Streamlined Access: Provides quick access for uses like opening doors or accessing websites such as the Magensa Merchant Portal.
• Security and Modernity: Incorporates QR codes and TOTP for secure, up-to-date identity verification, optimized for MMS Dyna Family devices.
• Synchronized Sort Order: The order of tokens on your Watch automatically matches the custom order you set on your iPhone.
• Effortless QR Code Retrieval: Easily bring up a QR code by scrolling on your watch.
• Hidden Complexity: The app handles technical details like TOTP detection automatically when scanned by an MMS Dyna Family device with BCR.

Q: How do I use a token with the Apple Watch app?

A: To use a token:

• Access the app on your Apple Watch.
• Choose the specific token you want to use from the displayed list.
• A QR code for that token appears, ready for scanning by an MMS Dyna Family device with BCR.
• Hold your Apple Watch in front of a QR code reader on an MMS Dyna Family device with BCR. The reader automatically detects the necessary information, including any hidden TOTP.

Q: Can I view the TOTP manually on the Apple Watch?

A: Yes, if you need to see the TOTP manually, you can scroll further down the screen.

Q: What systems do QMFA Tokens currently work with?

A: QMFA Tokens currently work with MagTek's Corporate Access Control systems, the Magensa Merchant Portal, the Magensa Reseller Portal, and more systems will be added in the future.

Q: Can I integrate QMFA with my existing apps or access control systems? If so, how?

A: Yes, QMFA offers a published API for integration. There is a sandbox environment using Postman, and online documentation is available to assist you. Solutions architects are also available to help you integrate QMFA into your environment.