Sept 13, 2018 New Features in CoreNFC CoreNFC was updated in iOS 12 to include two new highly impactful and desired features. For marketers wanting to leverage NFC to push content, the day has finally come where no app is required to scan an NFC tag on an iPhone. For developers wanting to use NFC to trigger actions in their apps, CoreNFC now includes background tag reading that can notify third party apps that an NFC tag has been scanned which matches a specified domain.

June 30, 2017 Since reading a tag’s unique identifier (UID) or other hardware characteristics of NFC tags cannot be done with the beta release of CoreNFC, all anti-cloning measures at the developer’s disposal are precluded. The concept of tag originality and reading a UID are related since both naive and advanced anti-cloning measures involve using it in some way. The decision to not allow developers to access the UID is discussed in this article.

June 23, 2017 Apple will be playing a far more prominent role in determining how its customers use NFC when compared to Google which takes a far more open approach. There are two areas of NFC integration Apple is choosing, so far, not to leave in the hands of app developers. The first is tag discovery and the second is anti-cloning measures used to validate that a tag is not a clone. This first article will discuss tag discovery, the next will focus on anti-cloning measures Apple may want to implement within iOS.

Apr 24, 2017 So you’ve finally bitten the bullet, you had to get Grandma and Grandpa smartphones, and it’s really not going well. The contacts app is confusing, they don’t like using a touchscreen, and they keep accidentally calling the wrong person or opening Angry Birds when they’re trying to make a phone call. Let’s face it, smartphones are really designed to be “smart” first and phones second, which is troublesome when you grew up with phones that were just phones, and all you want your “phone” to do is make phonecalls!

Apr 2017 Recently, there has been an uptick of interest in the NTAG215 chip due to its use in products such as Nintendo’s Amiibo figurines. The NTAG215 is a fairly uncommon tag from consumer retailers, but here at TapTrack, we’ve worked with it quite a bit in our business-to-business solutions, and have sold it as part of our tag evaluation kits for quite a while. While the rest of this post will simply describe the NTAG215 and why it’s less common than other tags, if you’re on this page simply because you’re interested in purchasing NTAG215s, please click the link below to order some:

Mar 20, 2017 So you’ve decided to add NFC to your next batch of business cards and start designing them. You’ve picked the perfect subtle off-white colouring, the most tasteful thickness, an elegant font, but suddenly you’re faced with a choice of tag technology. NTAG? Ultralight? DESFire? Classic? Topaz? What do you choose? Why? If you’ve read our Tag 101 article, you probably already have some idea what tag you want, but, even if you haven’t, we’ll explain everything here.

Jan 6, 2017 In the NFC space, it is quite common to hear consumers asking if it is possible for them to copy their credit card or bus pass onto another NFC card. Fortunately, for security reasons, you generally cannot do this. Most commonly available NFC tags aren’t very complicated devices. Effectively, they are small chunks of read-write memory with a radio interface tacked on. However, a we mentioned in our post on cloning hotel cards, there are also advanced cards available with the ability to perform cryptographic authentication and enciphered communication.

Dec 12, 2016 It’s 2016, why does still Presto take 24 hours to update my balance? For those not in Ontario, Presto is our province-wide transit farecard system, which supports online topups, but with the caveat of requiring 24 hours for your balance to be updated. For those in Ontario, you’re probably already aware of this limitation there’s a good chance that you’ve heard some variation of the above quote. Indeed, it is 2016, so why does it take 24 hours for an online-topup?

Dec 5, 2016 In any secure application design, there are lots of things that must be considered. For lots of NFC-based application, one of these concerns is vulnerabilities to a type of man-in-the-middle attack called a relay attack. In post, we’ll look at what a relay attack is, why they’re dangerous even with encrypted communication, and how you can reduce the odds of one impacting your system. What is a relay attack In the common man-in-the-middle attack, the attacker inserts themselves in between two communicating parties.

Nov 21, 2016 When planning the security of a system, all of us developers love to get into the nitty gritty details of what NIST standards we’re implementing or the size of our keyspace. Unfortunately, this tendency can often end up resulting in missing the forest for the trees. By the same token, product managers can often make the dangerous mistake of believing that using a high difficulty randomly salted Argon2 password hash and 4096-bit RSA your application is automatically secure.