Security Model

How TAGBASE guarantees authenticity, prevents cloning, and ensures trust — without needing an app.

TAGBASE is designed from the ground up with a zero-trust mindset. It assumes all links, devices, and clients may be compromised — and anchors security to the only element that can't be faked: the physical tag’s cryptographic chip.

Core Principles

  • Hardware-based security: Built on NTAG 424 DNA, a secure NFC chip from NXP with AES-128 encryption.

  • Delta-based verification: A two-step process ensures that validation is not just based on the tag content, but on a session-specific change between two interactions.

  • No shared secrets in clients: All sensitive logic is handled server-side — clients are treated as untrusted.

  • Stateless server design: Reduces attack surface and makes the system resilient to request flooding and token replay.

  • Time-bound session linking: Prevents link harvesting, sharing, and replay attacks.

Verification Logic

Each verification flow consists of two taps:

  1. First Tap:

    • Generates a signed CMAC-secured URL.

    • Initiates a short-lived session with metadata: tag UID, counter value, timestamp.

  2. Second Tap:

    • Must occur within a short time window.

    • Backend compares second request’s tag state (counter, UID) with first.

    • If delta is valid → the tag is authenticated.

    • If delta is invalid → the tag or interaction is flagged as suspicious.

Tag-Level Security

Feature
Description

UID Locking

Each chip has a unique, immutable identifier.

CMAC Generation

Server validates the tag-generated cryptographic MAC using AES-128.

Read Counter

Increments with each tap — used in delta comparison.

URL Obfuscation

Signed parameters are encoded — raw URLs are meaningless if copied.

Attack Vectors & Mitigations

Threat
Mitigation

Cloned Tag

Cannot replicate the secure chip’s CMAC logic or counter state.

Link Replay

Links expire and require valid delta transitions.

Reverse Engineering

Core cryptographic logic runs only on the secure tag and the backend.

Optional Enhancements

  • Geo + device fingerprinting (optional): flag unexpected tap locations or device patterns.

  • Blockchain immutability: for products requiring proof of ownership.

  • Audit trail: detailed per-tag verification logs for forensics or compliance.

Summary

TAGBASE security is rooted in the physical world — not in obscurity or client-side logic. By requiring a real chip with secure hardware to complete the validation, and combining this with cryptographically signed, time-bound interactions, TAGBASE delivers an unclonable, app-free product verification system.

Next: Environment & Requirements

PreviousSystem ArchitectureNextWelcome & Overview

Last updated