Reputation: 1539
How to verify a NFC tag was configured by me (DRM?)
I'm looking for a way to verify that an NFC tag was set up by me. so I will be selling products with an NFC NDEF216 tag inside. I will be preprogramming the chip with an NDEF message and write protection using a private password I will keep private. Now I'm looking for a way to verify the chip actually came from me so the app I'm building will only work with my stickers.
Where can I write some sort of identifier on the NFC sticker? I tried overwriting the serial number but that seemed to fail. I cannot use the PACK verification because in some cases the protection will be disabled. I read the NDEF216 manual but did not really find a good way to do this
Upvotes: 0
Views: 109
Answers (2)
Reputation: 11
I don't think the other answer is correct. If user uses mobile app for checking for specific bytecode then reverse engineering process will reveal the secret code and that will lead to attacker creating fake NFCs. A better solution is to move away from ntag216 to ntag 424 or Mifare DESFire which use unique messages for authentication without revealing secrets. This approach requires use of external server that will confirm the validity of the NFC. More details here https://seritag.com/learn/using-nfc/nfc-tag-authentication-explained
Upvotes: 0
Reputation: 1539
Update: I ended up writing a predifined bytecode in the last bytes of the writable storage and securing it with a private code. this way i can check for the bytecode in the storage, if the bytecode is present, the product is valid.
Upvotes: 0
Related Questions
- Getting the NFC Tag Serial Number
- How to Read NFC Tag?
- Getting the NFC Hardware ID In Android
- Check programmatically if device has NFC reader
- How to check my NFC TAG ID (UID)?
- Check if the app has been started by a NFC tag
- Check if NFC tag is near
- How to detect if device can read and write Mifare classic NFC tag?
- Read NFC tag without specific application?
- Android check if nfc tag is near