Originality Signature
An ECC (Elliptic Curve Cryptography) digital signature embedded in NFC chips by the manufacturer to prove the chip is genuine. Verifiable against NXP's public key without any shared secret.
What Is an Originality Signature?
An originality signatureoriginality signatureECC digital signature proving chip authenticity (NXP)View full → is a factory-programmed Elliptic Curve Cryptography (ECC) digital signature embedded in NFC chips by the manufacturer — most commonly NXP Semiconductors. The signature mathematically proves that a specific chip was produced on a genuine NXP production line. Because the private signing key never leaves NXP's secure manufacturing facility, the signature cannot be forged even by an attacker with full physical access to the chip.
How It Works
During manufacturing, NXP computes an ECDSA signature over the chip's UID using a private key held within their Hardware Security Module (HSM) infrastructure. The resulting signature (typically 32 or 64 bytes) is stored in a read-only area of the chip's memory.
To verify authenticity:
- Read the chip's UID and originality signature via a standard NFC command.
- Retrieve NXP's corresponding public key (published in documentation).
- Perform ECDSA verification using the public key, UID, and signature.
If verification succeeds, the chip is confirmed genuine. If it fails, the chip is counterfeit or tampered.
Supported Chips
Originality signatures are available on most modern NXP chip families: NTAG 21x (213, 215, 216), NTAG 424 DNA / DNA TagTamper, NTAG I2C Plus, MIFARE Ultralight EV1, and ICODE SLIX2 / DNA.
Limitations
While originality signatures confirm the chip is genuine, they do not prevent all attack vectors:
- Data cloning to a genuine chip: An attacker could buy genuine NXP chips and copy NDEF data from a legitimate tag. The clone passes the originality check because the chip itself is genuine. Mitigation requires combining originality with SUN/SDM dynamic authenticationauthenticationIdentity verification of NFC tags/readers via passwords or cryptographyView full →.
- No data protection: Originality signatures do not encrypt or restrict access to the tag's user memory. Use password protection or AES encryption for data confidentiality.
Best Practice
For robust anti-cloning in brand protection and product authentication, combine the originality signature with SDM. The originality signature confirms the hardware is genuine NXP silicon, while SDM ensures the specific tag instance has not been duplicated or replayed. This layered approach provides the strongest commercially available defense against NFC counterfeiting.
Related Terms
Related Guides
Preguntas frecuentes
The NFC glossary is a comprehensive reference of technical terms, acronyms, and concepts used in Near Field Communication technology. It is designed for developers, product managers, and engineers who work with NFC and need clear definitions of terms like NDEF, APDU, anti-collision, and ISO 14443.
Each glossary term is cross-referenced with related NFC chips, standards, and other terms. For example, the term 'AES-128' links to chips that support AES encryption (NTAG 424 DNA, DESFire EV2/EV3), and the term 'ISO 14443' links to all chips compliant with that standard.
Yes. NFCFYI provides glossary definitions in 15 languages including English, Korean, Japanese, Chinese, Spanish, Portuguese, Hindi, Arabic, French, Russian, German, Turkish, Vietnamese, Indonesian, and Thai. Use the language selector in the header to switch languages.