A guest blog by Gavin Shenker, Tapcentive
The majority of NFC tags used today are very, low cost NFC Type 1, 2 or 3 tags that are configured with static NDEF data. Often times, NFC application design involving tags is similar to design involving the reading of QR codes, but instead of taking a picture of the QR code and translating it to a URL or other data, a tap of a phone results in reading the NDEF data, which may contain a static URL or other data. In these application designs, all of the security, and dynamic elements of the application reside in the cloud. For example, a tag has a static URL that points to a page in a web server whose content can be changed at any time.
While these tags definitely have a place in many simple applications, more sophisticated applications where data integrity is important are not easily possible. Applications that use tags with static data must rely on the security of phone and server-based systems to determine which tag was tapped, when such a tap occurred or who tapped.
More recently, a number of tag suppliers have introduced the ability to uniquely identify each tag and tap, and to even sign the identification information for authenticity. This additional functionality, if used correctly in conjunction with managing placement of tags, can be used by a management system to track unique taps and prevent replays.
Thinking beyond simple static NDEF data, or even the ability to retrieve NDEF data that is unique per tap, use of a multi-application microprocessor chip as a Type 4 NFC tag opens up some really powerful and interesting capabilities. The microprocessors referred to are traditionally used in smart cards and include a Java Card runtime environment. The advantages to using these microprocessors as a Type 4 tag are: (1) that the tag can behave as a secure Type 4 Tag with the microprocessor security– ensuring that all NDEF data returned from the tag is unique and authentic per tag and per tap, and (2) that the microprocessor can also support additional NFC application interactions that provide complete data integrity and security. They assure that, the data returned by the tag is not only authentic per tag and tap, but also per device tapping the tag.
For example, think of a check-in scenario where an NFC-enabled app is present on the user’s device and NFC tags are used to initiate check-in. The launching of the app on the user’s device is an immediate benefit of NFC. It is also possible to include information in the NDEF, which allows a management system to uniquely identify the tag, and as such, its location. However, if the tag contained static NDEF it would be a simple exercise to copy that information, allowing multiple check-ins from anywhere and at any time. There is also no link at all between the user and the tag – even the more sophisticated tags described above could not prevent the tag data from being read from a tag and then used at any time in the future and away from the tag to assert a check-in activity. There are of course many different ways to implement security to manage the potential for a fraudulent check-in as described here; however, with the use of a multi-application microprocessor chip, preventing this type of fraud results in an extremely simple, inexpensive solution.
At Tapcentive we use multi-application microprocessor chips to implement NDEF data security and to also increase the security of our NFC application taps by including a challenge / response application on the Type 4 Tag. For the user, the tap behavior is identical to a regular tag. If there is no Tapcentive aware application present, the browser launches with our secured NDEF data. If a Tapcentive-enabled application is present when tapping, that application is launched but then we immediately send a signed challenge containing information unique to the user to the challenge / response application on the Tag. The Tag signs the response and returns it to the device application, which sends it on to the management system to provide confirmation that a specific user tapped a tag, at a specific location. We have additional functionality in our Tag application to manage time, based on the signed challenge, so we have a good idea as to what time the tap occurred even though our microprocessor chips do not have a real time clock. From the user’s point of view the difference in speed needed to perform this additional interaction is negligible.
Tapcentive also has another product that uses a multi-application microprocessor chip, including various game-of-chance applications. Again, it is the initial tap that launches the relevant Tapcentive-aware application that immediately requests a signed game outcome from the game-of-chance application (depending on the game being played, this could involve one or more interactions between the device application and the microprocessor chip application). The signed game outcome ensures that any winning claim presented is authentic.
These are just two examples of NFC application design that demonstrate the power of multi-application microprocessors used as Type 4 NFC tags. Hopefully this article has sparked your imagination to come up with other ideas for your applications. You can reach me at: firstname.lastname@example.org.
About our guest blogger:
Gavin Shenker is currently Chief Architect at Tapcentive Inc. Previously Gavin worked at Visa and was involved in chip card and mobile payment. He has also represented Visa at GlobalPlatform, EMVCo and the NFC Forum.