Co-authored with Clifford Lezark
This summer hackNY expanded its commitment to the Summer of Good initiative by organizing several social good projects for fellows to contribute to outside of their internships. The goal of this initiative is to support nonprofit companies who have technologically-ambitious missions but lack the capacity to achieve them internally. It’s a perfect match between the Fellows and non-profits, since college interns are some of the only programmers on Earth willing to donate their late nights and weekends for months and these organizations are the only institutions willing to put college student volunteers in charge of entire mission-critical projects. While most of the organizations hackNY paired with were local to NYC, our team worked with Simprints, a startup based in Cambridge, UK. This is largely because Tristram, the CTO of Simprints, graduated from Eckerd College just a few years before me and I met him through a professor.
Simprints is a social enterprise that works with NGOs (non-governmental organizations) to provide identification services for recipients of aid. The problem these NGOs often face is that the communities they work with lack access to formal identification. This is due to a number of reasons including physical seclusion, inadequate government infrastructure, and political disenfranchisement. Over one billion people worldwide are ineligible to receive food, medicine, financial support, and other forms of aid because they can’t provide proof of their identity the way we can. Having grown up without many resources, the recipients often have no formal identification and only a rough idea of when they were born. To overcome this issue, Simprints has engineered a durable and low-cost fingerprint scanner alongside a simple, secure, open-source identification solution that can be integrated into existing digital services. Together, these two innovations offer an alternative to formal identification that can be deployed and managed locally.
Tristram Norman, co-founder and CTO, was our main point of contact with Simprints. Samad Arshad, a firmware developer at Simprint was also a huge help. Our team on the hackNY side consisted of Amber Rawson, Ben Yang, Clifford Lezark, and Raymond Berger.
Problem
At the time of writing, Simprints fingerprint scanners can only pair with Android phones. This has worked well for some organizations but other NGOs don’t have workflows that are compatible with android phones and, for various reasons, need to use a traditional computer instead. Our task was to come up with a solution for Simprints that would allow their scanner to connect to Bluetooth-enabled computers without the use of device-specific drivers.
Our Solution
We built a solution using Web Bluetooth, a wildly-underused API introduced by Google in 2015 that leveraged the modern browser’s flexibility to communicate with bluetooth devices. Using Web Bluetooth would be much easier than writing bluetooth drivers and having to support them across multiple operations systems and hardware configurations.
We quickly realized that this would be possible, but the application would only work on macOS and Chrome OS. Windows and Linux implementations of Web Bluetooth were much less developed and the API hadn’t been adopted by any other browsers. In theory we just needed to figure out the Web Bluetooth API and interface with the hardware, which had already been mailed to us. We knew that Web Bluetooth only supported BLE (Bluetooth Low Energy), and we knew the scanner had the hardware to support BLE but we just couldn’t make them connect. After a couple of hours spinning our wheels and talking with Tristram, we realized there was no BLE firmware developed for the scanner. We had to make our own.
Firmware
The challenge came from the thousand cuts we endured porting firmware written for a fifteen-year old standard to an eight-year old standard. Embedded programming can be complicated in part because it wrestles with hardware constraints. BLE adds more complication because it enforces further constraints in the interest of battery life and security. Vero’s firmware wasn’t built with those constraints in mind, so many aspects of it’s functionality had to be rewritten from the ground up. Rewriting the code for Vero wouldn’t have been too difficult if we had access to the source code for its proprietary Bluetooth stack at the outset of the project. A bluetooth stack, which in this case was graciously implemented for and licensed to Simprints free of charge, defines how firmware is written for a given device using a given protocol. However, no infrastructure for a BLE implementation of Vero’s firmware was provided so we needed to build it ourselves — boilerplate templates and all.
The Simprints scanner — Vero
A month into the project we received an example of a BLE-ready project using the same Bluetooth stack. It allowed us to build a firmware with read/write functionality to ensure that the device could at least connect to our application, and enabled us to prototype the full firmware, but more problems developed. The stack’s compiler wouldn’t compile our code or tell us what problems it was facing, so we rebuilt the compiler. The compiled code needed to be built into firmware using equally confusing tools, so we had to learn how to use those tools. The amount of compatibility testing necessary before we could even load our prototype firmware onto the scanner threatened to take weeks to complete. Though we made a lot of progress, finishing the firmware would still take more time than we had. At the outset, we understood that embedded programming could be complicated and were prepared to work within the bounds of the hardware and software. What we weren’t prepared for was the complications imposed by the nature of the projects origin.
A redeeming takeaway is that all of our struggles were for a good reason — maintaining security for Simprints’ clients and the people they help. A defining feature of the Web Bluetooth API is the amount of attention afforded to security measures. With IoT security being such a pressing issue, the architects of Web Bluetooth chose to take precautions that are inherently difficult to work with but completely worthwhile. With sensitive biometric data passing over the air, ensuring its safe and secure movement across devices is worth the challenges.
Chrome Extension
While work with firmware development was ongoing we also worked on building a Google Chrome extension for Simprints. We decided that a chrome extension would be the best solution for a few reasons.
It would be easy to install and automatically update.
It is always visible in the browser, so it’s easy to access.
We could potentially inject the unique identifier into a clients website if needed.
From a technical standpoint the extension is rather simple. Essentially all we did was copy the Android app workflow and add a pretty coat of paint on top. To do this we used Vue.js and Bootstrap. Why Vue and Bootstrap? For a relatively small application they did the job well and are well documented. At this point, the extension doesn’t actually connect to the scanner due to the lack of firmware. However, it is a great way to show clients a possible new way to interface with the scanner. If they show enough interest, further resources will be put into developing the firmware and extension.
Chrome extension demo
Thoughts on Volunteering
Generally speaking, non-profit organizations don’t come to mind often when most programmers think of innovative, life-changing careers. But as we discovered from working with Simprints, some of the neatest work we had ever heard of is being done in this space. Non-profits are using Bluetooth in the browser to hook up biometric scanners in Bangladesh, creating tools that enable journalists to harness big data for their reporting, retooling government services to improve their workflow, and so much more. The opportunities available today in the non-profit space for tech workers are just as cutting-edge as anything being done in the private sector, and they also offer the chance to reap good karma and a good paycheck.
Cover image: Team presenting at demo night
PS: This blog post was originally published on Medium, back before all the paywalls. It was moved here April 2024.