The chip provides a universal identity card and an encrypted tamperproof digital certificate to convey the guarantee of good quality anywhere in the world, to be read by any NFC-enabled smartphone.
The device’s security measures are based on public stream cipher technology used to safeguard the memory data integrity and to ensure communication confidentiality between the IC and the reader. The 2k-bit of data memory can be protected by setting the appropriate access conditions and access rights.
After a successful mutual authentication process, data communication can optionally be encrypted (secure messaging) and the data integrity can optionally be protected by a 4-byte MAC (Message Authentication Code).
Each EM4237 device contains a unique 64-bit identifier and an optional 32-byte ECC based digital certificate. A secure application running on an NFC-enabled smartphone can read out these two unique and personalized pieces of information, connect to a server through the cloud, manage the collected data and confirm the authenticity of a good. The 32-bytes digital signature is calculated using the device’s unique 64-bit ID number, a public and a secret key.
The EM4237 further offers a privacy mode. In this particular mode, the IC remains silent to any received commands from the RFID reader or can return a random UID number that will be used during the next transaction. The on-chip resonant capacitor is of 23.5pF, the same value present on other ISO/IEC15693 devices. The EM4237 does not require any update of existing antenna designs.