KISSTag – Cryptographically Verified NFC Tags

What is KISSTag ?

KISSTag is a full-service platform for verified NFC activations. We provision each tag with unique cryptographic credentials, verify the proof when it is tapped, and forward the user to your HTTPS endpoint with a signed JWT.

The result is simple: your application can treat the tap as a signed, verifiable event instead of trusting a copyable identifier. The tag is also designed to resist tampering and to show visible evidence if someone tries to move it to another object. You keep the familiar web redirect flow, while KISSTag handles the cryptography and optional tamper-detection signals behind the scenes.

Three ways to link the physical world to the web

The difference is not whether users can scan or tap. The difference is whether your backend receives a copyable identifier or a verified proof of authenticity.

QR code

Easy to deploy. Easy to copy.

Easy to print, easy to copy, easy to replace.
Anyone who reproduces the code can reproduce the experience.
Good for convenience, weak for authenticity.

Ordinary NFC tag

Convenient tap, but not automatically trustworthy.

Fast and intuitive for users.
The identifier or URL can often be duplicated or rewritten depending on tag type and implementation.
Better interaction model, but still not proof by itself.

KISSTag

Verified before the redirect.

Each tag contains cryptographic material provisioned by KISSTag.
A tap is verified before the user is redirected.
Your backend receives a signed JWT proving tag authenticity, activation context and request details.
The tag can be made tamper-evident, so relocation attempts leave a visible trace.

How it works ?

You keep a simple HTTPS redirect flow. KISSTag adds cryptographic verification and tamper-evident tag behavior so each tap becomes a signed event you can trust.

1. Provision secure tags

Order KISSTags already prepared with unique cryptographic credentials and linked to your project.

2. Configure your redirect

Set the HTTPS endpoint where users should land after a successful tap. No SDK is required; any standard web backend can receive the signed payload.

3. Tap and verify

When the tag is tapped, KISSTag verifies the cryptographic proof, then redirects the user to your application with a signed JWT.

4. Use the event

Your backend can validate the JWT, log the activation, detect anomalies, react to optional tamper status, trigger registration, show provenance, or unlock product-specific content.

JWT Payload Example

{
  "iss": "https://kisstag.com",
  "aud": "https://mycertificate.art",
  "sub": "0466948aff1890",
  "iat": 1756311763,
  "exp": 1756311778,
  "batch": "8d05-0218f5650ffd",
  "counter": 37,
  "request_id": "b35dc664-46ae-47d6-8d01-689a1d8b0c61",
  "tag_is_authentic": true,
  "tag_tamper_detection_capable": false
}

JWT Payload Example (with Tamper Detection)

{
  "iss": "https://kisstag.com",
  "aud": "https://mybottleof.wine",
  "sub": "0466948aff1890",
  "iat": 1756311763,
  "exp": 1756311778,
  "batch": "a93d-6775023f92e5",
  "counter": 5,
  "request_id": "ece60bc5-80c8-4c83-bdf9-5aa4dc98bdd8",
  "tag_is_authentic": true,
  "tag_tamper_detection_capable": true,
  "tag_tamper_current_status": "CLOSED",
  "tag_tamper_permanent_status": "CLOSED"
}

Business Cases

KISSTag is useful anywhere a public identifier is too easy to copy and a verified physical interaction creates more value.

Product Authentication

Move beyond a copyable QR code and give each product a verifiable physical identity with visible evidence if someone tries to tamper with or move the tag.

Limited Editions & Collectibles

Attach a cryptographic proof to each item and show provenance, edition status and ownership history with every verified tap, while making relocation attempts visibly detectable.

Event Tickets & Access

Prevent duplicated tap points and validate entry through signed activations that are not useful to copy on their own.

Warranty & Registration

Enable one-tap registration and warranty activation backed by cryptographic proof of the specific product interaction.

Customer Engagement & Loyalty

Turn products and packaging into verified touchpoints for tailored content, redemptions and campaign analytics.

Supply Chain Traceability

Log verified handoffs from factory to shelf and expose trusted origin and movement data before resale.

Smart Posters & OOH

Reduce QR spoofing and rogue redirect risks by replacing public static codes with verified taps.

Wine, Art & Luxury

Attach a cryptographic proof of authenticity to objects where trust, provenance and scarcity matter, with visible evidence if someone tries to peel and move the tag.

Why developers choose us ?

The security model is stronger than a copyable QR or ordinary NFC redirect, but the integration stays lightweight and web-native.

End-to-End Security

Based on cryptographic credentials and server-side verification. Each tap becomes a signed event before it reaches your backend.

No Complex PKI

No customer-side certificate infrastructure, secure element management or custom trust pipeline to operate.

HTTPS Redirect Flow

No app is required for the basic experience. Standard web backends can receive the redirect and verify the JWT.

No Custom NFC Infrastructure

You do not need special reader hardware or a bespoke NFC stack to launch a verified tap experience.

Signed JWT Payloads

Your backend receives a signed payload with tag identity, activation counter, request id and optional tamper status.

Realtime Analytics

Follow activations around the globe, detect anomalies and export raw data after verification.

Flexible Form-Factors

Stickers, cards, wearables and more. Choose from our catalogue or integrate secure tags into your own format.

Optional Tamper Signals

Support use cases where physical state matters by forwarding optional tamper-detection status in the signed event and making relocation attempts visibly evident.

Visit the Dev Track

Ready to Keep It Simply Secure ?

Tell us about your project and we’ll get back to you with sample tags, documentation and pricing.