How the move from barcodes to NFC tags made the security services industry more trustworthy


Not every project needs the highest quality data, but in the world of security services, data fidelity is the difference between success and failure. Barcodes solved many problems for security services industries, but they didn’t go far enough for high traffic areas and high value assets. Fixing this shortcoming didn’t require the implementation of entirely new technology, just a change in one aspect of the Connected Things system – the beacon type. Enter NFC tags.

NFC tags have fundamental differences from barcodes that give them the ability to be more secure and provide a more complete picture of data than a barcode ever could. While barcodes use visible light, NFC uses an RF field. NFC tags use an RF signal generated by a reader to power a tiny integrated circuit that stores data, requiring no separate power source. The information encoded on the tag is stored in the chip against the visible matrix of marks printed on the surface of the tag, making NFC tags immune to squiggles that would disable a barcode. An NFC tag requires destruction of the chip or antenna assembly to disable functionality.

Different labels are designed to withstand varying degrees of wear. The range of NFC tags available includes options that can withstand humid conditions, temperature fluctuations, some degree of physical impact and even washing. Some NFC tags can even be hidden in products and structures to prevent bad actors from knowing the tag is present. They can be harmlessly embedded in a place only guards are aware of, such as behind switch covers or even embedded in plaster walls. A QR code is quickly identifiable as something with information and purpose, making it a tempting target for opportunists. The ability of an NFC tag to be invisible greatly reduces the cost of operating loss and damage for the simple fact that only a select few know it exists.

The ability to use NFC tags in a more tamper-proof manner already elevates them above barcodes in a security framework, but the benefits go even further. Each NFC tag has a chip, each with its own unique identifier (UID), which is a read-only identifier encoded by the manufacturer on the chip. When used correctly, NFC tags are much harder to clone than barcodes. Although the data encoded on an NFC tag can be cloned, this presents a much greater technical challenge than cloning a barcode.

The safest way to use NFC tags in a security application is to embed the unique read-only UID provided by the manufacturer. This UID is immutable – if the tag works, it will still be able to uniquely identify itself among all NFC tags. Relying solely on user-encoded NDEF memory leaves NFC tags almost as vulnerable to cloning as barcodes. Mobile app developers should also ensure that their software validates the unique signature of the NFC chip in each tag. This signature offers proof that the label is from a trusted manufacturer.

More readers are now able to read the UID directly from the chip, eliminating the need for earlier workarounds such as UID encoding. In addition to standalone NFC readers, Android and iPhone can now verify UID. Android has had this capability since Android 4.4. While iPhones have had some level of NFC capability since the iPhone 6, the iPhone 13 and the upcoming iPhone 14 are both able to read the UID on an NFC tag through native SDKs.


About Author

Comments are closed.