While a transition is under way from paper to digitally stored information, it is still necessary, with some paper documents, to provide physical proof of ownership or other certification, such as a person’s birth certificate. Paper documents, however, can be vulnerable to fraud. Smartrac has released a Near Field Communication (NFC) radio frequency identification solution to ensure that documents and their related data cannot be altered or forged. Smartrac’s dLoc solution stores encrypted data about a document that can only be unlocked and read by authorized parties using hash-value technology. The system is expected to be made commercially available next month.
The dLoc solution, intended for document verification and authentication, employs Smartrac’s own NFC transponders and Smart Cosmos cloud-based software platform. The blockchain technology (software dedicated to secure the storage of sequential blocks of data) used in the system was provided by data security technology firm Factom. Banks, property rights companies, hospitals and other businesses are currently in conversations with Factom and Smartrac about using this technology to store the unique ID number associated with a document, along with the data printed on that document or its history, such as the previous owners of a vehicle or other property.
The system is geared toward banks and mortgage companies that may store loan origination or mortgage paperwork, as well as for the medical sector regarding vaccination certificates, x-rays or other personal medical data. In addition, agencies that store land titles, vehicle registration and other property rights documents might benefit from the technology, says Mitch Deyoung, the product manager and VP of Smartrac’s secure ID and transactions business division.
The solution consists of an adhesive dLoc NFC tag with a built-in Smartrac Bullseye NFC inlay, which comes with one of a variety of chips, depending on a user’s particular needs, with storage capacity ranging from 1 to 64 kilobytes. A user can apply the sticker to a document, and then utilize an NFC reader built into a smartphone or reading device to capture the tag’s unique ID number, write information to the tag and link data about the document to that tag ID.
Factom’s blockchain software then creates a 32-bit hash value—a fixed, 32-digit string representing the chip’s unique ID (UID), the form control number and the document data—which is stored in the Smart Cosmos software, as well as in a public blockchain. That value can only be accessed by other authorized parties equipped with an NFC reader using a private key.
The hash value provides greater security than simple encryption, Deyoung says. “Security is everything,” he explains, when it comes to document authentication. Although NFC or RFID tags can be encrypted, that does not guarantee that a tag has not been changed. “It is very difficult, if not practically impossible, to infer the original input, given only the output from the tag. The degree of difficulty depends on the strength of the encryption used.”
While encrypted strings can be reversed back to their original decrypted form if an interrogator has the correct key, Deyoung says, that is not possible with a hash value. Hashing works in one direction only, and cannot be altered by another reader. The dLoc solution, he notes, uses both a hashing function (for the document data) and encryption (for sending the hash to the cloud).
Users can verify the authenticity and integrity of the chips and their data with a quick offline check (with the reader not linked to the Smart Cosmos software or public blockchain database), or more thoroughly access detailed information online. “Also,” Deyoung states, “we’re able to secure all of the components—from the tag to the readers to the documents—onto the cloud, which prevents bad actors from introducing cloned components into the issuing system.”
By using the hash value and Factor’s blockchain software, Deyoung explains, the system creates a permanent, immutable record that can never be altered, copied or destroyed.
“We’ve partnered with Factom in the U.S. to assist with bringing the technology to market,” Deyoung says, “and to gain access into areas that we [Smartrac] have historically not been involved [with].” This includes the banking and health-care sectors.
One typical use case is in the financial sector. If a bank were to issue a loan document and then wanted access for in-house personnel to easily track that document’s contents, a dLoc tag would be attached to it and authorized users could read the tag via an NFC reader, enabling them to access the related data, provided that they had the proper key. In the case of vehicle registration, on the other hand, a car may change ownership multiple times and a potential buyer may want to view the ownership chain. With the dLoc tag attached to the document, an individual could use the blockchain with a password to identify who owned a particular vehicle and when. “Furthermore,” Deyoung says, “the user can separate public data from private data so that only other users can see what they need to see for authentication.”
Smartrac unveiled the solution last month at the TRUSTECH show in Cannes, and this month at Singapore’s High Security Printers Conference. “The feedback has been tremendous,” Deyoung reports. “It’s a pivot from our standard product line,” he says, adding that Smartrac plans to take the next month or so to educate its sales and support staff before rolling out the dLoc solution in January.