There is a fabric NFC tag ironed onto the inside of the t-shirt. - kzbin.info/www/bejne/enaTiGZ-apyqh7s

Yes we'd be happy to connect and see if we can help. We currently work with some companies and individual creators in South America. You can visit our website and book an online meeting.

Yes using our platform & 424DNA tags, the end user doesn't need to download any app for Android or for iPhone. Any NFC compatible phone Android or iPhone, when you tap, it will instantly bring up the experience within your default phone browser so there is no need for any apps.

Yes, ordinarily, the tags are encoded with the URLs and the the tag IDs are then registered in the software against each item to activate them after they are purchased. Then usually, they are sent to the stores so anyone can pick up the product and authenticate them to see if they are genuine or not. It is possible to make it so that the tags are activated only after the item is purchased however, that involves some custom work and having the POS systems in the store scan and activate the item post purchase which is usually complicated because more people need to be trained and involved. We do have gating of content and experiences by ownership authentication though as a feature. That way, when an item is purchased a paired NFT can be transferred to their wallet first as a token of ownership (or claimed after purchase) and when they tap the NFC tag, it will verify they have the ownership token and only unlock gated content and experiences to the owner of the item. You will find other videos on our channel with that feature.

@@qliktagthanks for the detailed answer.

Hi @lereen_ So there is one key which is actually generated by the chip within the NFC Tag. That one is uniquely & randomly generated by the tag itself each time that it is tapped. That key along with other details like item identifier, NFC tap count is combined, encrypted and then passed as a URL parameter to the Qliktag Platform API where it is decrypted and then authenticated. That key is symmetric and we maintain that as the platform service provider. We also maintain our own encryption key in our hardware encoders used to write the tags. Hope this helps.

Hi @PhotoSlash, yes since then we have rolled out NFT authentication and been supporting a number of NFC + NFT use cases. The NFC authentication is used to authenticate the physical item and it's authenticity while the NFT authentication essentially connects to the users wallet and verifies if they have the token paired with physical item to prove ownership & custody. Based on these checks you can lock / unlock certain experiences and functionality. Definitely check out our video on this channel titled "Tokenization of Physical Products & Creating Physical NFTs with Unclonable NFC Tags Using Qliktag" for more on this. As of today, yes the NFT would have to be pre-minted outside the platform before the contract address & token ID are paired with the physical item within the platform. However, we're working with popular blockchain companies to enable automatically mint NFTs for each item within the platform and gas-less minting so the gas fees would only be chargeable during sale / minting much like it works on OpenSea.

​@@qliktag that would be perfect for my team, do you guys have an estimate for when this feature will be available? like can someone purchase your chips in the meanwhile and be able to set them up in the future for the nft minting?

@@qliktag as a temporary workaround couldn't be possible for the seller to set a button for each product that redirects to the website minting page of the correlated NFT? so that the customer can proceed with the minting via metamask and own the NFT

@@PhotoSlash This is already available on the platform and in use now. We have NFC Tag Starter Kits available for order through our website which you can order and test out with a free account we can help you setup and pilot your use case. If everything works and you're happy to scale, you can then order a batch of custom tags with your logo & specs to scale.

Every NXP 424 DNA tag has a hardware tag UID. When the tags are encoded for your products, the UIDs of each of your tags are read and then recorded in the Qliktag Platform against the serial number of the item that it was applied to. This recorded tag UID is part of the authenticated data. This means, if someone outside your organization goes and purchases a set of NXP 424 DNA tags, copies your URL and encodes them to clone your exact settings, it will still fail authentication - because the tag ID of the tags they purchased have not been registered in the platform / don't match the tag ID of the one that was registered in the platform for that serial item.

@@qliktag in your other video about ntag dna it shows that there is a unique signature generated in every scan, does the 424 do the same thing? If so, I'm not sure how knowing or duplicating the UID of the tag event matters?

@@AnthonyWebb7 Hi Anthony. Yes both the videos use tags with the NXP NTAG 424 DNA chip inside and are identical in that they generate a new unique signature on every scan. However, lets say a counterfeiter goes out and sources their own tags with genuine NXP NTAG 424 DNA chips, copies the URL, encoding parameters, somehow gets our specific decryption key, having the tag UID registered against each individual item adds yet another layer of security against that happening as it won't pass authentication because the tag used did not belong to the brand/manufacturer and was sourced by a third party.

@@qliktag Got it. So the real trick is to keep the encryption key secure. I am assuming that only known/stored by you? Is it used to write the data to the label when it is created and the URL is written? I do love the extra layer of security you provide though.

Hi Aidan thanks for reaching out. We'll send you detailed documentation on encoding the tags right away.

@@qliktag kindly i need the same file

@@ehabfaidallah-fg1zf If you can reach out to us at info [at] qliktag.com with information on what you're looking to do, perhaps we can help. We now have our own type-4 NFC encoding device and software for NTAG 424 DNA tags available as part of the Qliktag Test Kit through our website. However, it's specifically for users of our platform. If you're encoding tags with your own authentication servers / backend, then we would suggest having a look at NXP TagWriter or NXP TagXplorer software.

@sukesh Yes it works very much like OTP. Every time the tag is tapped a new one is generated by the tag itself and sent to the system within the URL encrypted to check. If the same picc_data string is used a second time it doesn't work because it has already expired so the only way it will work is to tap again and get a new picc_data key. A lot like OTP.

Rakesh this is a good question. There is mechanism in place to counter this possibility. The tag itself maintains a counter and the count of how many times it has been tapped is also encrypted within the data sent to the system to validate. Let's say the tag is tapped for the first time and it generates a legitimate url with picc data and cmac which opens in the browser. Even if you refresh that URL in the browser without tapping the tag, it will fail authentication because it was previously generated and authenticated. So if the same URL and combination of picc data / cmac is copied into other NFC tags, it would fail. Now lets the scenario you mentioned where the counterfeiter gets the URL with picc data / cmac with no internet connection and the URL is copied to another tag. Part of this encrypted other than picc data and cmac sent to the server is the UID of that specific tag which is also registered within the Qliktag Platform. If another tag is purchased, the UID would be different (also not registered in the platform) so while the picc data and cmac may match, this UID won't and it would still fail authentication. This way, even if a counterfeiter purchases the exact NTAG 424 DNA Tags and copies everything exactly from the original tag, it won't work because the permanent UID of the counterfeiters tags are not registered within the system against the serial number of that specific item within the platform.

@@qliktag Thanks for the response. Could you please clarify how qliktag platform receives or confirms the tag UID(NFC) to unique wine bottle serial number mapping when consumer taps the nfc? I understand this mapping data is available in Qliktag platform to validate

@@srmrakes Thank you. Yes, a data record and URL is created for every bottle with the serial number being assigned to each. These URLs are then encoded into the NFC tags and applied to the bottles. In a production scenario, once the bottles have the tags applied, they could move on a conveyor belt and have an NFC reader / writer device placed on the line which will read the tag, identify the serial number, parse the UID of the tag and then write it to the Qliktag Platform using the APIs. A second NFC reader can be added later in the line to read the tag a second time to test the tag once the UID is registered. Until the UID is read and registered, the authentication will still fail. Once the UID has been added to the record, the bottle is good to go and will validate.

@@qliktag Thanks for the clarification on the production process in capturing the mapping. When the consumer taps the NFC, URI is read by the smartphone/reader and is merely a text. As long as this URI doesn't reach the qliktag platform, it is a valid one. However, if this text is combined with tag UID - counterfeit is not possible. How is Tag UID validated when consumer scans the nfc? Please clarify.

@@srmrakes The NTAG 424 series of tags is a Type4 NFC tag different from other ordinary tags in the sense it doesn't simply encode a URL as text. Part of the URL which is encoded is text and then there are additional parameters at the end like picc_data = followed by a series of placeholders and dynamically filled in on the tap. When the tag is tapped, the placeholders inside that URL are replaced by the picc data, cmac and UID which are all encrypted and then added to the URL. When tapped with any phone, this will always open within a browser on the phone and the URL will send the request back to the platform to validate because it is a platform URL. Only when the system receives the request, it will decrypt and compare the UID sent in the request against what is in the system and validate it. The page that comes up on the phone will wait to receive a validation from the system. If there is no internet and the tag is tapped, that page will not display the authenticated message because it hasn't received a result back from the system.

@Rakesh yes, that is absolutely right QR codes are simple to copy and we would recommend NTAG 424 DNA NFC tags as the most robust and unclonable method for anti-counterfeit measures. The only consideration is cost of the tags versus the margin on the product being considered. It is ideal for high cost or products with a higher profit margin where the tag cost is negligible. Serialized QR codes are much cheaper but easier to clone. QR codes however can still be used to offer some level protection against purchasing counterfeits. One way is to put them inside the packaging and make them one time authentication QR codes by adding a maximum scan limit to the rules. In this case, if the same QR code (effectively URL encoded within the QR code) is scanned more than once or X number of times, then it can throw the user a message saying there is something suspect with this specific serial item. The other option is using the maximum scan limit with the scan location. If the same item is scanned with different IP addresses from different scan locations far apart, then it can be flagged as counterfeit. In case of providing the user location of the final retail, only the manufacturer would know which batch or serial items (grouped) would be headed to which authorised retailer and digitally update that information so the consumer can compare. If the counterfeiter were to copy a single QR code and create say 100 copied items, those would most likely end up in different locations outside the brand authorised retailer. Each of these conditions offers some level of protection however, in comparison the NTAG 424 DNA NFC tags offer completely foolproof and unclonable authentication technology.

Yes Benjamin, absolutely! Instead of using an item serial number to identify each individual object, you can edit the data model to include an NFT Token ID attribute and ownership information so post authentication with the tags dynamically generated parameters, it also displays the NFT ownership information. We also have tools in the platform to build custom APIs with Node Red or logic which can be used to run a check on the NFT ownership before sending back the authenticated or failed message back to the web page that comes up. We have some users today using the platform to setup NFT digital to physical use cases and are working on releasing a pre-configured setup package for specifically this use case with NFTs in the coming weeks.

Thanks Bryan. The service that receives information from the NTAG 424 DNA tags and then authenticates it is built into the Qliktag Platform so if you subscribe for an account on the platform it can be used with a subdomain. The "Enterprise Plan" subscription level allows for custom domains so your pages will display your website domain. The platform APIs are very extensive and will allow you to integrate with apps and send or receive information on the platform via an app.