📝Technical Specs

NFC Tags

Legitimate Tags are powered by NFC and secured by an industry standard encryption algorithm called AES-CMAC. NFC stands for near field communication, a technology that enables devices to read data from NFC tags, tiny computers with antennae embedded inside stickers, tags, or other materials. Similar technology powers hotel room keys, contactless credit cards, transit passes, and keyless entry car fobs. These tags do not contain batteries.

We chose NFC technology because most modern smartphones released in the last few years already have NFC readers built in. They are located at the top of the Apple iPhone and middle of most Android phones.


Our LGT Tags feature a secure industry standard encryption called AES-CMAC which prevents our tags from being copied or duplicated. The tags contain a secure enclave that stores a 128-bit private key which cannot be read and requires the same private key to reprogram the tag. A counter on the tag stores the number of times the tag has been tapped and read. The AES-CMAC algorithm then computes a checksum based on the number of reads, the tag's unique identifier, and the private key programmed into the tag. Our servers will then validate the checksum and make sure it matches the read count and tag identifier. Checksums submitted to our servers are tracked and cannot be used again.

URL Format

Legitimate's encoding process programs the LGT Tags to use the AES-CMAC algorithm to compute the URLs in the following format in order to submit to our servers for verification.


uid - unique identification code of the LGT Tag (14 hex characters)

ctr - counter for the number of reads of the LGT Tag (6 hex characters)

cmac - AES-CMAC checksum signature (16 hex characters)


The tags can be tapped and read more than 200,000 times and will retain data for more than 30 years. They can be operated in -30℃ to 70℃ temperature and a protective casing can be added for heat and water resistance as well.

Please see our Tag Types for more details.

Last updated