This product is not recommended for new designs. Instead, we recommend to use our NTAG® 424 DNA / 424 DNA.
NTAG 413 DNA revolutionizes NTAG product portfolio by bringing AES cryptographic authentication and allows to automatically and securely connect to a web service by just tapping the tag without the need of a dedicated app installed on the mobile NFC device.
Besides the NXP® originality signature and a 3-pass mutual authentication, it introduces a novel security feature called “Secure Unique NFC Message (SUN)”, which automatically generates tap-unique tag authentication data upon each read-out what enables dedicated unique communication to each user based on predefined criteria. No app (in NFC device) is required to generate this tap-unique data consisting of CMACed information derived from the chip UID, a tap counter, and contained data. An NFC enabled device can automatically connect to a web-based service and based on the information contained in URL, the device can check the tags authenticity and verify the information validity. NTAG 413 DNA offers flexibility to individualize the structure of this unique data set.
NTAG 413 DNA is an ideal solution to engage with consumers through dynamic content experiences, fully triggered by them and served in real time. By that it enables smarter marketing based on ongoing contextual and unique consumer engagement opportunities in a secure way. Applications include but are not limited to consumer engagement, brand protection, access control, one-time vouchers, and similar use cases where the proof of uniqueness, originality, and physical tag presence are required.
NTAG 413 DNA is a fully NFC Forum tag type 4 compliant IC and is also compliant to ISO/IEC14443-4, ISO/IEC 7816-4 file structure and APDUs format. Thanks to the high input capacitance (70pF), NTAG 413 DNA tag IC is particularly tailored for applications requiring small footprints, without compromise on performance. Small NFC tags can be more easily embedded into, e.g., product labels or electronic devices. The mechanical and electrical specifications of NTAG 413 DNA is tailored to meet the requirements of inlay and tag manufacturer.
NTAG 413 DNA offers the personalization of NFC tag with a different type of NDEF records and a flexible setting of the NDEF file to define the mirrored parameters and CMAC input offset. At personalization of the tag, the individual application keys and different access to NDEF file with those keys can be set independently.
NTAG 413 DNA’s core crypto function is compliant to FIPS PUB 197 (FIPS 197) Advanced Encryption Standard (AES). CMAC is calculated according to NIST Special Publication 800-38B and uses only 8 even bytes from last encrypted block.
A cryptographically method, which is generating unique secure NDEF data in each tap based on Secure Dynamic Messaging, explained in.
Mirroring items (UID, NFC tap counter, CMAC), separators position, and length as well as can be defined for the NDEF data. Upon the first read command within a session, the file content is generated according to the predefined settings and will be available therefrom. A variable offset allows selecting the data to be included for the CMAC calculation.
The NFC tap counter is incremented on each tap and the unique response data will be generated along with a CMAC. For connecting directly to a web-service without any dedicated application on an NFC device, the NDEF data needs to be formatted to a URI record.
7-byte fixed UID is programmed in the chip and can be mirrored within the NDEF message.
A 3-byte up counter is incremented only once per each session when the NDEF file is read. This counter value can be optionally mirrored in plain into the NDEF message. The encrypted counter value can be read out after authentication by using the assigned application key.
The 8-byte CMAC can be optionally mirrored into the NDEF message. CMAC is calculated on the message length defined. It is possible to consider only the UID and/or the NFC Counter for CMAC calculation.
NTAG 413 DNA offers 3-pass mutual authentication based on challenge-response protocol identical with the application key. This mutual authentication enables the authentication of the tag and terminal (only who knows the keys) simultaneously.
NTAG 413 DNA offers a static ECC signature calculated on the UID of the chip. This ECC signature can be used to verify the tag's genuineness using the public key provided by NXP.
NTAG 413 DNA features can be integrated to design robust product authentication. Concatenating of the multiple features, e.g., ECC signature, history-based UID tracking, SUN, and 3-pass mutual authentication to design enhanced reliability in product authentication.
NXP offers commercially the customization of the chip content (securely key injection known as trust provisioning, personalization of NDEF message and file settings).
NTAG 413 DNA offers the personalization of NFC tag with a different type of NDEF records and a flexible setting of the NDEF file to define the mirrored parameters and CMAC input offset. At personalization of the tag, the individual application keys and different access to NDEF file with those keys can be set independently.
NTAG 413 DNA’s core crypto function is compliant to FIPS PUB 197 (FIPS 197) Advanced Encryption Standard (AES). CMAC is calculated according to NIST Special Publication 800-38B and uses only 8 even bytes from last encrypted block.
A cryptographically method, which is generating unique secure NDEF data in each tap based on Secure Dynamic Messaging, explained in.
Mirroring items (UID, NFC tap counter, CMAC), separators position, and length as well as can be defined for the NDEF data. Upon the first read command within a session, the file content is generated according to the predefined settings and will be available therefrom. A variable offset allows selecting the data to be included for the CMAC calculation.
The NFC tap counter is incremented on each tap and the unique response data will be generated along with a CMAC. For connecting directly to a web-service without any dedicated application on an NFC device, the NDEF data needs to be formatted to a URI record.
7-byte fixed UID is programmed in the chip and can be mirrored within the NDEF message.
A 3-byte up counter is incremented only once per each session when the NDEF file is read. This counter value can be optionally mirrored in plain into the NDEF message. The encrypted counter value can be read out after authentication by using the assigned application key.
The 8-byte CMAC can be optionally mirrored into the NDEF message. CMAC is calculated on the message length defined. It is possible to consider only the UID and/or the NFC Counter for CMAC calculation.
NTAG 413 DNA offers 3-pass mutual authentication based on challenge-response protocol identical with the application key. This mutual authentication enables the authentication of the tag and terminal (only who knows the keys) simultaneously.
NTAG 413 DNA offers a static ECC signature calculated on the UID of the chip. This ECC signature can be used to verify the tag's genuineness using the public key provided by NXP.
NTAG 413 DNA features can be integrated to design robust product authentication. Concatenating of the multiple features, e.g., ECC signature, history-based UID tracking, SUN, and 3-pass mutual authentication to design enhanced reliability in product authentication.
NXP offers commercially the customization of the chip content (securely key injection known as trust provisioning, personalization of NDEF message and file settings).
NTAG 413 DNA has been designed to fit in many NFC tagging applications, particularly where security is required. Several applications (but not limited) are mentioned below: