W
Show HN
Show HN: WalletWallet – create Apple passes from anything
I got my Apple developer certificate and built a simple app to solve a problem I had. One shop I buy from doesn't have Apple Wallet passes. Since you need signed certificates to build these very simple things, I created a minimal app that signs them. It's available if you need it too. It won't scan cards with AI - you manually enter the barcode, which I think makes it less prone to error.
> It won't scan cards with AI - you manually enter the barcode, which I think makes it less prone to error.

This is a very interesting sentence.

I interpret this sentence as saying that manually entering a barcode is less error prone than letting AI do it, that AI would have an unacceptable margin of error (and this is probably an accurate assessment).

But you don't need AI to find or read barcodes. Finding and reading barcodes is a reasonably mature technology that has existed long before AI.

Barcodes exist as a fast, machine readable data transfer format meant to avoid data entry errors by avoiding manual data entry, and yet you've implemented manual entry in order to avoid errors?

Now, if one of the constraints you've put on your implementation is that it work only in the browser and you don't want to have to download a large barcode scanning library to the browser, then it makes sense to implement manual entry. But that has nothing to do with AI.

That being said, there are some barcode reading apps that can be used to prompt for a scan from a web page, and you get the barcode payload back. I've used an app called "bineye" on Android (source on GitHub) that works like this. This helps avoid error prone manual entry and gets the full barcode payload (many barcodes store/encode more information than the human readable text printed next to them).

i should've been clearer: while browsing i found multiple apps that do this. most use AI to extract data from images and are much more feature-rich - you can photo your boarding pass and it goes straight to wallet. however, i noticed that AI sometimes gets details wrong. for example, when i uploaded just a barcode image, it couldn't create the pass because the model also wanted a "name" field.
When I’ve done similar things in the past I found there was always a library for barcode/QR use cases before such things ended up being built into the OS/Framework I’m in.

https://serratus.github.io/quaggaJS/ seems browser friendly?

Generally I agree with your point on AI fuzziness here not being useful.

https://developer.mozilla.org/en-US/docs/Web/API/Barcode_Det... Chromium browsers have native support for reading many barcode types!
  • dmd
  • ·
  • 1 day ago
  • ·
  • [ - ]
Could you add Codabar?

edit: oh, I guess you can't, because Apple Wallet doesn't support it.

i think there's a way but it's hacky. instead of using the barcode property it would add an image based on your inputted codabar.
  • dmd
  • ·
  • 1 day ago
  • ·
  • [ - ]
That would be pretty great. I have half a dozen codabar-based cards.
Try Pass4Wallet from the app store. It's free and supports a huge array of barcode types, including codabar. It's been my go-to custom card app for a number of years.
[dead]
Millions of barcodes are scanned every second, and has been for the past few decades. So it seems very strange that there aren't any solution readily able for your app, which isn't AI.

I have to scan bar codes every once in a while with an app on my iPhone, which definitely doesn't use AI. It will instantly recognize a bar code before I've had a chance to line up the camera properly, and the error rate is zero.

Ironically if I needed to manually copy the text from a barcode on my phone, I'd take a photo and use Apple's AI to select and copy the text from it.
I guess we found the inverse of the trend to shove “AI” in everything, deliberately leaving AI out of something that wouldn’t have even thought to involve it in the first place
It'd be awesome if you could add a location to the pass. Apple allows a pass to automatically pop up on the screen based on the device location[1]. If you make it so the user could pick the point on a map for the pass to pop up at it'd be great. That way for example, if you're at the grocery store, your custom pass could be on your lock screen ready for you.

[1] https://developer.apple.com/documentation/walletpasses/pass/...

Very interesting, and you can define multiple already,

https://developer.apple.com/documentation/walletpasses/showi...,

    {
    ...

    
    "locations" : [
        {"latitude" : 37.3229, "longitude" : -122.0323},
        {"latitude" : 37.3286, "longitude" : -122.0143},
        {
            "altitude" : 10.0,
            "latitude" : 37.331,
            "longitude" : -122.029,
            "relevantText" : "Store nearby on 3rd and Main."
        }
    ],
    "relevantDate" : "2014-12-05T09:00-08:00"
    }
ooh so nice
This is genuinely useful. I have so many loyalty cards that exist only as physical barcodes that stores refuse to look up by phone number.

The privacy concern about sending pass data to the server is valid though. Since .pkpass files need to be cryptographically signed with Apple's certificate, there's no way to generate them purely client-side.

Potential solution: open source the signing code and let users run it locally with their own Apple Developer account ($99/year). Power users would do this, casual users can use your hosted version.

Also works with Google Wallet apparently, which is great for Android users.

For loyaltycards there was Stocard, but it got acquired by the toxic company Klarna.

SuperCards is very very similar, and in my opinion more useful than putting everything in Apple Wallet. You get to store a pictures, and everything is in one place. Apple Wallet is already cluttered with tons of creditcards, tickets, etc

I’m so pissed off with Klarna obsoleting Stocard as the Klarna app is missing one of the best features of Stocard, that you could add loyalty cards to Apple Wallet.

To be honest though, a micro loans company engaging in this behaviour doesn’t surprise me at all.

Use super cards, add them to the widgets on leftmost screen where weather is. Remove your Klara account
Weird thing from the pretty ho-hum super cards privacy policy:

> The Service Provider will retain User Provided data for as long as you use the Application and for a reasonable time thereafter. If you'd like them to delete User Provided Data that you have provided via the Application, please contact them at blub@blob.com and they will respond in a reasonable time.

That looks like a placeholder address to me? Not exactly confidence inspiring if so…

Looks like they were notified of this miss

> please contact them at support@supercardsapp.com and they will respond in a reasonable time.

https://supercardsapp.com/privacy-policy/privacy

Well that turnaround is pretty confidence-inspiring.
>Since .pkpass files need to be cryptographically signed with Apple's certificate, there's no way to generate them purely client-side.

Technically you could use blind signing, no?

Brilliant! Suggestion: most store cards get scanned as a bar code 99% of the time but when calling them they will want you to quote your membership number over the phone. It would be useful to have it printed below the barcode so I can quote it directly from my Apple wallet.
I solved this same problem adding a label with the number corresponding to the barcode number alongside
  • hn111
  • ·
  • 1 day ago
  • ·
  • [ - ]
One CSS tip: make sure the input fields have a minimum font-size of 16px. That way iOS won’t zoom-in the page when focussing one.
I solved this issue with Wallet Creator: https://apps.apple.com/app/id1486573384

Didn't know it was this simple to just provide a download for prepared file. Is it open source?

  • kimos
  • ·
  • 1 day ago
  • ·
  • [ - ]
I tried using this. The camera didn’t work in several ways, it didn’t understand barcodes, and crashed a half dozen times before I just deleted it.
I don’t see it that way. I would rather have a browser based, one-off tool that can generate a .pkpass served up for local “installation”, not installing an app that is necessary to separately manage the passes separately and very well could be tracking its users.
MakePass is an app that creates independent/proper Wallet *.pkpass files. You can completely customise the pass appearance according to Apple’s specs.

(Not sure whether the current licensing offerings are worth it, though. I’ve got grandfathered in from before it had AI support.)

https://pvieito.com

  • kimos
  • ·
  • 1 day ago
  • ·
  • [ - ]
This looks like it would work well, but it’s a subscription. It makes no sense to charge me a yearly fee to make one pass file for my library card.
Look at Pass4Wallet - free from the start.
  • kimos
  • ·
  • 1 day ago
  • ·
  • [ - ]
Commented in another reply, this is the answer. Works great and supports a dozen barcode types.
absolutely ridiculous. $10 for a single pass. I'd pay 99c for this app, and no more. Oh well, $0 it is.
What happens when they website goes away? The app I can save and use locally after the website is defunct.
  • CamJN
  • ·
  • 1 day ago
  • ·
  • [ - ]
Well for this particular functionality whatever you use (website, app, etc) must have a valid apple developer certificate, so either the website must be up, the app's backend server must be up, or an offline app's bundled certificate must still be valid. All of these things will eventually stop being true regardless of the form the app/website takes.
I don’t believe the apps do it local either. They need to send to server to properly sign the pkpass. A server is being used regardless.
Love the idea, thanks for sharing!

One obvious concern here is data privacy, since the pass details are sent to the server. Any chance it would be possible to run everything in the browser, without sending data back to the server?

not really. the .pkpass needs to be signed. you can build the file locally but you won't be able to load it in apple wallet.
Please be clearer about this on the site!
The site is pretty clear: "Free and works in browser", "Processed locally", "Private". But apparently the site (sorry for the harsh word, but I can't interpret it any other way) lies.
"is incorrect" is slightly less harsh, but in this case, I'd call it a lie. It's a rather subtle but important implementation detail. I don't think the author (who is here in this thread) is necessarily malicious because of this, but, well, it's a lie.
  • gruez
  • ·
  • 1 day ago
  • ·
  • [ - ]
I'm not exactly sure how passes are signed, but in most digital signature schemes, you only sign the hash of the message, not the actual contents. Therefore you could conceivably do this in a privacy preserving way by only passing in the hash to be signed, which would allow the server to generate a valid signature without knowing the contents.
Apple Wallet passes use CMS signatures. you're right that only hashes are signed. but Apple requires an official Developer certificate ($99/year) with a private key that can't be exposed to browsers. for true privacy, each user would need their own cert. and defeats the "free" goal. and if you have a dev certificate it's trivial to generate one on your own machine.
  • gruez
  • ·
  • 1 day ago
  • ·
  • [ - ]
>Apple Wallet passes use CMS signatures. you're right that only hashes are signed. but Apple requires an official Developer certificate ($99/year) with a private key that can't be exposed to browsers.

Why can't the browser send the hash to the server for signing?

let me look into it.
[dead]
Any chance of allowing me to upload my own keys and doing the signing in the browser? I am sure this is a niche use case but I know how to generate the certificate for this but have been too lazy to make a thing like this for (checks to-do list) something like six years and I'd much rather just use your thing lol
that's a good idea. i'll release a BYOK version but don't plan to host it myself. will include a quick run script to run it locally.
Haha, I just made a comment above that I've been sitting on a half done project to do this for around 8 years now.
yeah was expecting that, thanks! do not use my gym pass pls
I'm so confused, is HN now littered with nothing but Supported Bots and Crappy AI Generating supposedly a small developer Bots?

Nothing about this app is unique or cool, just one peek at the source code reveals OP or the Bot literally wrote Jack Shit. Everything on the App is powered by Cloudflare's AI tools. In fact, every other App listed on the page is exactly the same.

So with all those thoughts out there, if OP is a real human, then the best we could do is shame them for not having a single drop of creativity and for relying on AI to do all the work. Or are we still pretending this AI is actually useful? Because from the point of an actual engineer with decades of experience and several successful startups that went public, this is seriously concerning, and tells me that the next generation is going to be F'd when they wake up one morning and everything is falling to pieces and they realize that they have no real skills beyond asking a computer to do their work for them.

I've tried it with two cards that just have barcodes (i have no idea which bar code format they are). Your barcode (code 128) doesn't look like the original barcodes on the cards, so unfortunately i can't use the generated wallet cards.

Would be nice to have a preview of the generated card before downloading the correctly generated file.

This also works for Google Wallet, you could change the messaging around it to indicate that.
OK, stupid question, what is the thing this utility does that can't be achieved with scanning a physical pass with barcode or entering the details manually into a Google Wallet?

Because I don't see the.... utility if it?

Unless this achieves something specific I don't know.

I don’t know about Google Wallet, but for iOS Wallet, it is not possible to create a new entry there yourself as a normal user. It has to be signed with a $99/yr certificate, so this thing does the signing for you. The utility is that whatever you created now lives with the rest of the passes in one place.
and they are accessible without unlocking your device.
nice! don't have an android device to test - did u download it and it worked?
I wouldn't worry too much about android - you can very easily add cards manually.
I did! It worked just fine for my gym pass
  • kimos
  • ·
  • 1 day ago
  • ·
  • [ - ]
This is great. And it send me down the path of trying to get my library card to work.

Turns out it uses a format called Codebar which is from 1972 and not supported by Apple wallet passes. This tool and most of the other linked ones in this thread did not work. (And also tried to charge me a recurring subscription to use once, but that’s another issue)

I found this one which generates many other barcode formats and generates them as images as a workaround. That seems to work.

https://apps.apple.com/app/id1423106610

I've been using Pass4Wallet (the app you linked) for a number of years and it's been fantastic. I'd recommend it.
As an aside, I find it really sad that, having a de-Googled Anroid phone, it's actually easier for me to download the Apple Wallet .pkpass files

Anything to do with Google Wallet passes just forwards me to a Google login page.

  • ·
  • 17 hours ago
  • ·
  • [ - ]
The Google Wallet app will let you import any pkpass file. The trouble is that most websites that support the format will only offer them for download of you're coming from an iPhone.

Google's format also has a download option but that format doesn't work well for desktop users, so Google prefers to import via the web.

One annoyance I've faced is that Apple Wallet will not accept a downloaded file, or a file transferred from another app. You must click a link in Safari or it will refuse to load the damn pass.

I'm surprised how terrible all of these major wallet apps are at handling the slightest of edge cases.

Condor airlines has an "open with Google wallet" link, that doesn't work because I don't have that app. .pkpass files just work with my foss wallet
A curious example of a compatibility feature ending up having a much better experience than the thing that they clearly want you to do. Hopefully some Google PM doesn't see this comment and ruin things…
This is great! Are you sure you are not violating any ToS for that? I’d hate to see it go
  • ·
  • 1 day ago
  • ·
  • [ - ]
  • ·
  • 1 day ago
  • ·
  • [ - ]
It probably is violating the ToS. But would like to know more.
Unlikely, I've used apps similar to this such as passbook [0] for a while now and they're still up.

[0] https://apps.apple.com/us/app/passbook-wallet-pass-creator/i...

Nothing wrong with signing a pass
I wish there were a way to “archive” cards and passes in the Wallet app. I’d be much more likely to pass-ify my life if that were the case.

The Wallet app is just too important and used frequently in time sensitive actions to clutter with cards/passes that I use once every few months. That is, when I’m about to tap to pay, I don’t want to infrequently used cards to clutter my payment experience. Likewise, when I’m about to board a flight, I don’t want random loyalty cards to clutter the interface.

At the same time, I would really like to keep these occasional cards and passes in Wallet, just not on the main screen. It definitely beats hanging onto these physically, especially because they are in fact infrequently used so I would never carry them around.

It should be a similar distinction to Apple’s Home Screen vs App Library for long-term archival.

I use my password manager for those. The only card I have in my Apple wallet is my grocery card. Otherwise, I go to my password manager and pull up the entry and the attached images. Some, I have just a barcode png. Others I have screenshots of the card from an app/website. This has been a really good balance for me.

As an aside, I tried to use base64 for the images so everything was in text, but decoding with a shortcut was annoying enough I went with the image attachment.

It’s possible to make a pass with location info so that it pops up on your Home Screen when you’re nearby a relevant location (e.g. a store, library, train station, etc). Doesn’t seem to be supported by this tool, though.
Code39 would be really useful ;-)
Yeah, Code39 would be really festive.
  • x3n0n
  • ·
  • 1 day ago
  • ·
  • [ - ]
Yeah, Code39 would be really festive.
noted
This might be naive, but why not just scan both sides of the card using Apple Notes or a similar app, then present the scan at the store?
Apple wallet is smoother to swipe through
This is very cool thanks. It would be awesome as a PWA so I can have it installed on my home screen/use it offline (edit: it looks like I misunderstood what the website meant by "runs on the browser" - I didn't it has a server dependency. Even so, it's easy to get Claude to generate a manifest and service worker to make it a PWA).

Also, minor UX feedback. Make the barcode type the first form field.

This is such a quick and neat way to get a pass for all the random codes in your wallet.

I've had a long shelved project (>8 years now?) where I was working on a solution to doing this from a mobile device but with loads more customization (including image options for different slots), but the cost effectiveness thanks to the PKPass signing as you noticed, put me off to provide it as a public utility as I was a student then. This gives me motivation to revisit it.

Have a look at MakePass[0] - which sounds exactly like you describe. It allows you to design a pass as per spec.

[0] https://pvieito.com

  • ·
  • 1 day ago
  • ·
  • [ - ]
  • cicko
  • ·
  • 19 hours ago
  • ·
  • [ - ]
It does not seem to generate barcode passes, although the option is there. My PassWallet only shows the QR code from a generated .pkpass.
Just a question about privacy. It says works entirely in browser, but if you load the page, and then switch off mobile data and put the details in, it seems impossible to create the pass without a data
  • cdong
  • ·
  • 13 hours ago
  • ·
  • [ - ]
Thanks for making this, I just used it for gym stuff
This is a good idea, and one I've wanted to build out myself. I think I need source to review before I'm willing to use this one, though.
open-source BYOK coming right up. with your permission i'll ping you on you profile
Yeah, please do!
I am curios why Apple requires such rigamorale to add such items to Apple Wallet. Google Wallet has this feature builtin.
  • nc
  • ·
  • 1 day ago
  • ·
  • [ - ]
Pretty useful, just used it to make a "Business Card" that links to my LinkedIn profile.
This is excellent! Wish the Wallet had this ability built in.
I have been looking for something like this for so long! All I wanna do is stop carrying this rec center card around. Perfect.
I immediately tried this with my Seattle Orca card, but the barcode is different
Try Pass4Wallet. It has a long list of supported barcode types and it's free, so win-win.

I'm not affiliated, I've just found it to be very flexible over a few years of using it.

I don’t think I fully understand the use case for this. What would you use the card for?
  • ms7m
  • ·
  • 1 day ago
  • ·
  • [ - ]
A personal use case: my local gym that issues only physical barcode cards -- I used a different app (similar in this style) that allowed me keep it on my apple watch / iPhone instead
I see, so this is specifically you have a physical, eg, loyalty card that has a barcode, and you want to use the Apple Wallet?
my use case is a loyalty barcode for a major retailer here. they provided a digital version but you had to download their app or take a picture. apple wallet is convenient, u just double tap and the Wallet loads on screen with full brightness to make it easy to scan. i dont have to keep anymore.

but on apple wallet u can't create your own a pass from a simple scan. creatign the ".pkpass" need a signature from a apple developer account.

I have my library card in Apple Wallet so I don't need to bother with the actual card.
That's very useful, thanks!

One small-ish feature request: could you please add support for EAN-8?

  • noja
  • ·
  • 1 day ago
  • ·
  • [ - ]
How are you signing the pass in my browser?
Maybe a dumb question: if I'm entering a QR code, which info do i put in?
That will vary. It can technically include any text up to a limit, but most likely it will be a URI, but it could be as simple as and account number. You would want to decode the QR (you can likely do that using your phone camera) and that would be the data to enter.

Ideally this tool would simply use the camera to capture the visual code (bar, QR, etc.) and enter it/replicate it.

agree. implemented QR code scanning using the great html5-qrdecode package so scanning happens locally.
This is amazing, thank you! Works with Google Wallet too!
Great job! What are you using on the backend?
This is great am I weird for wanting an app?
Source? Can we get a repo please?
so not only me! 8K passes generated since the show hn post.
Cool, so 8k stolen passes!

People have zero f'ing reasoning skills, I swear.

scanning for barcodes is an easy enough pre-AI computer vision algorithm with OpenCV. AI could "write" that for you!
We’ve been using Apple Wallet (and Google Pay) with bar code scanners with some success, but the bar codes sometimes do not scan correctly and we get garbled or completely wrong data maybe 1 in 20-30 scans. Tried various scanner settings/speeds, etc, no dice so far, and the scanner/pos combo was the one recommended by our processing vendor. Both were among the highest dollar models. This looks like a very cool project!