Biatec Device Pairing
This app shows how to pair a device with Google Drive authentication for self-custody Algorand account access.
🔐 Self-Custody Algorand Account Management
Important: This service provides true self-custody Algorand account management:
- Your keys, your control: Private keys are encrypted and stored exclusively in your personal Google Drive
- Email-specific encryption: Keys are cryptographically bound to your email address and cannot be used by others
- Non-transferable: Encrypted keys cannot be moved between different Google Drive accounts
- Secure processing: Biatec servers process your encrypted keys only when you authorize transaction signing
- No custodial risk: We never store your unencrypted private keys on our servers
Result: You maintain complete ownership and control of your Algorand assets while benefiting from secure, AI-powered MCP integration.
How it works:
- Enter a unique Session ID for your device
- Optionally provide a device name for identification
- Click "Pair Device" to start the Google OAuth flow
- After successful authentication, your device gains access to your self-custody Algorand account
- Your encrypted private keys remain securely stored in your Google Drive
- Biatec servers can process your keys only for transaction signing when you authorize it
- Use device pairing to access your self-custody account across multiple devices
API Endpoints:
- GET /api/device/pair-device - Start device pairing process
- GET /api/device/paired-device - OAuth callback endpoint
- GET /api/device/portfolio/{sessionId} - Check portfolio value and service tier
- GET /api/device/security-status/{sessionId} - Check Cross-Account Protection status
- GET /api/device/access-token/{sessionId} - Get access token for paired device
- GET /api/device/info/{sessionId} - Get device information
- DELETE /api/device/unpair/{sessionId} - Unpair device
💰 Self-Custody Wealth Management Tiers:
Your service tier is automatically determined based on your total self-custody Algorand portfolio value:
- 💰 Free Tier: Portfolio < €10,000 - Basic self-custody features, 1 device
- ⭐ Professional: €10,000 - €1,000,000 - Enhanced self-custody features, 5 devices
- 🏢 Enterprise: > €1,000,000 - Premium self-custody features, unlimited devices
No monthly fees - tier assignment is automatic based on your self-custody portfolio value calculated daily using real-time market prices.
Cross-Account Protection:
This application can implement Google's Cross-Account Protection to enhance security (configurable feature):
- Monitoring for suspicious account activity
- Requiring reauthentication when security threats are detected
- Reporting security events to Google's protection systems
- Providing real-time security status information
Note about authentication: If you see a message saying "Some requested scopes cannot be shown", this is normal and safe to ignore.
Configuration: Cross-Account Protection is disabled by default and can be enabled through application configuration.
🔧 Troubleshooting Authentication Issues:
- Scope warning message: The message about "Some requested scopes cannot be shown" is safe to ignore and is related to internal Google security features.
- Nonce validation errors: These are automatically handled by the system and should not affect the pairing process.
- Multiple consent screens: You may see separate consent screens for basic authentication and Google Drive access.
- Access denied: Make sure to accept all permission requests during the OAuth flow.
If you continue to experience issues, please contact support@biatec.io