BlackSeal Android App
Writing to NFC tags is the core of the BlackSeal product. The underlying technology we use to write tags has key benefits over a typical NFC writer app.
We digitally sign all NFC messages to prevent tampering. Signing messages allows users to verify that the content has not been changed in any way after it was written. We use the NFC Forum's Signature RTD 2.0, the only open security standard for NFC. Using this standard allows for interoperability with third party applications. This means anyone can verify the signature of a signed message.
However, signature verification alone can only determine the payload was created by the author. This does not protect against copying or cloning of NFC tags. We've added two additional steps to our writing and verification to address tag cloning.
When you write an NFC tag using the BlackSeal app we perform a unique two-step process. First, information about the destination tag hardware is read. That data is then incorporated into the signed payload and written back to the tag.
This provides an additional level of security allowing us to detect when the data from one tag was copied to another, a feature exclusive to BlackSeal. To gain this additional level of security you need to verify your tags using the BlackSeal app or use our Verification SDK in your own app.
When you verify a tag using the BlackSeal app, it first performs the standard verification to make sure the signture is valid. If successful, we then make an additional check to verify the tag hardware data that was written to the tag matches the actual tag hardware the data is on. If the data doesn't match then we can determine that the tag was copied.
These additional steps during writing and verification provide protection against copying or cloning of tags. Check back soon for a blog post about how our analytics provide even more protection. In the meantime, take a closer look at the BlackSeal service. You can try it for free now. And don't forget to get the app!