NFC Tags : Locked or Unlocked ?

The simple version

The data encoded on programmed on NFC Tags can be locked or left unlocked :

Locked: Nobody can ever change the data on your NFC tags

Unlocked: Anyone can change the data on your NFC tags

The slightly longer version

User data is stored in NFC tags in what is called EEPROM memory. This is a type of non-volatile memory which means that the data is not forgotten when power is removed. EEPROM memory can be erased and re-encoded. In the case of the NTAG213 chips we sell, NXP (the manufacturer of the chip) state that the tags can be re-programmed 100,000 times and will store the data, without power, for up to 10 years. In reality, this isn't likely to be the case of course but the ability to erase and re-program is the important part here.

Within the NFC Chip, there's also a small section of memory which is one-time programmable. This means that unlike the main user memory, you only get one chance to encode the data and that's it. You can't change it. Within this section of memory, there's a switch (not a technical term, but you get the idea) which locks the user memory from being changed. As it's one-time programmable, once the switch has been switched, it can't be moved back again.

To lock the tags, we switch this part of memory effectively blocking the ability to make changes to the user memory. It's a simple switch and the result is that nobody - not even us - can now modify the user content. It can't be hacked. It's done.

So, until the switch is switched, the data can be changed in theory up to 100,000 times by anyone. After the switch, it can never be changed.

When should you lock your NFC tags

Simply, any time that your NFC tags are in public locations, you should lock your NFC tags. If your tags are unlocked, anyone with a mobile phone can not only change the data/URL on your tags but then lock them to prevent you changing the data back again. 

How to lock NFC tags

If you are ordering tags from Seritag with encoding, you can specify locked or unlocked with the order. With single encoding (where the data on every tag is the same), you can do this on the product page from the encoding dropdown. With variable encoding (where the data on each tag changes), you can specify on the excel encoding document or let us know on email. 

If you encoding the tags yourself, you can usually do this via your encoding App (NFC Tools for example). It's usually separate to encoding so you will probably need to scan the tags twice - once to encode and second to lock. 

If you are using the ixkio tag management system and mobile apps, then locked or unlocked is specified in the console when you choose which Tag Code or Batch of tags you want to encode.  

Password locking

The NTAG213 chips have the ability to control access to encoding using a password that can be set during the encoding process. Some mobile phone Apps have this feature built in and it can be a useful feature in some cases. We strongly advise doing a few test runs first to make sure you know the process. 

In general, most customers use tag management to remotely change tag destinations and then completely lock the tags for security. However, in some cases, password protection can be a useful feature.