Security Model
How TAGBASE guarantees authenticity, prevents cloning, and ensures trust — without needing an app.
TAGBASE is designed from the ground up with a zero-trust mindset. It assumes all links, devices, and clients may be compromised — and anchors security to the only element that can't be faked: the physical tag’s cryptographic chip.
Core Principles
Hardware-based security: Built on NTAG 424 DNA, a secure NFC chip from NXP with AES-128 encryption.
Delta-based verification: A two-step process ensures that validation is not just based on the tag content, but on a session-specific change between two interactions.
No shared secrets in clients: All sensitive logic is handled server-side — clients are treated as untrusted.
Stateless server design: Reduces attack surface and makes the system resilient to request flooding and token replay.
Time-bound session linking: Prevents link harvesting, sharing, and replay attacks.
Verification Logic
Each verification flow consists of two taps:
First Tap:
Generates a signed CMAC-secured URL.
Initiates a short-lived session with metadata: tag UID, counter value, timestamp.
Second Tap:
Must occur within a short time window.
Backend compares second request’s tag state (counter, UID) with first.
If delta is valid → the tag is authenticated.
If delta is invalid → the tag or interaction is flagged as suspicious.
Tag-Level Security
UID Locking
Each chip has a unique, immutable identifier.
CMAC Generation
Server validates the tag-generated cryptographic MAC using AES-128.
Read Counter
Increments with each tap — used in delta comparison.
URL Obfuscation
Signed parameters are encoded — raw URLs are meaningless if copied.
Attack Vectors & Mitigations
Cloned Tag
Cannot replicate the secure chip’s CMAC logic or counter state.
Link Replay
Links expire and require valid delta transitions.
Reverse Engineering
Core cryptographic logic runs only on the secure tag and the backend.
Optional Enhancements
Geo + device fingerprinting (optional): flag unexpected tap locations or device patterns.
Blockchain immutability: for products requiring proof of ownership.
Audit trail: detailed per-tag verification logs for forensics or compliance.
Summary
TAGBASE security is rooted in the physical world — not in obscurity or client-side logic. By requiring a real chip with secure hardware to complete the validation, and combining this with cryptographically signed, time-bound interactions, TAGBASE delivers an unclonable, app-free product verification system.
Next: Environment & Requirements
Last updated