|Home||Internet of Things||Aerospace||Apparel||Energy||Defense||Health Care||Logistics||Manufacturing||Retail|
HID Trusted Tag Offers Secure NFC Connection Without App
Marketing and health-care companies are testing the new tag to determine how well individuals with smartphones can use the tag to link automatically to a URL via a one-time password with each read.
Apr 01, 2014—
Near Field Communication (NFC) technology, which enables people with NFC-based smartphones to access data via the touch of their phone against a tag, comes with a few drawbacks. For instance, it often requires that an individual download an application, which some consumers may be reluctant to do. In other situations, the tag data can prompt the phone to go directly to a URL, without requiring the user to download an app. However, this process can lack security. What's more, if someone (such as a consumer) shares that URL with others, for example, the entire purpose of the NFC-enabled campaign—targeting specific shoppers—can be undermined.
To enable secure access only to data, via an NFC read, and without requiring the downloading of an app, HID Global released an NFC high-frequency (HF) passive RFID tag, known as the HID Trusted Tag, that operates with the company's Trusted Tag Services—the back-end software and server that authenticates each tag read before sharing data with an individual's phone or other NFC reading device. The tag's internal software, designed by HID, prompts it to generate a unique URL, as well as a series of trusted additional digits, thereby making every URL unique. The tag then changes that URL the next time it is read, thus serving as a one-time password (OTP). The URL can never be used more than once, making it impossible for someone to share a URL with others who may be located elsewhere.
Only HID Global's Trusted Tag, with its own chip and firmware, can operate with the Trusted Tag Services. Therefore, other off-the-shelf HF RFID tags would not work with this system. The tag's internal software employs HID's Seos technology, which has the ability to generate a one-time password that amounts to a specific version of a URL that will not be used more than once for that tag. That URL must then be verified during each read, by the Trusted Tag Services software running on HID Global's cloud-based server, before it transmits data to an NFC reading device.
The tag can be used in multiple ways, Robinton says. In the case of the retail market, it can be embedded in a smart poster to link consumers to specific data, such as free gifts. For example, he explains, the tag could send an NFC phone directly to a website where the user could receive a coupon for a free candy bar. That promotion could be specific to a store in which that poster is located. The store would not want to require consumers to download an app to access that promotion, since most consumers would choose not to bother.
On the other hand, if the system simply directed the phone to a URL, the individual could share that URL with friends not in the store, who could then access the candy bar coupon, without entering the store for which the promotion is intended. In the case of the Trusted Tag and Trusted Tag Services, a user taps his or her phone against the tag, which generates a base URL, as well as a short series of trusted additional digits, making that URL unique. The phone then opens that URL and receives the promotion data automatically.
Login and post your comment!
Not a member?
Signup for an account now to access all of the features of RFIDJournal.com!
SEND IT YOUR WAY
RFID JOURNAL EVENTS
ASK THE EXPERTS
Simply enter a question for our experts.