- From: Kenneth Rohde Christiansen via GitHub <sysbot+gh@w3.org>
- Date: Thu, 07 Apr 2016 09:12:00 +0000
- To: public-web-nfc@w3.org
Hi there @du5hyanth Let me see if I can answer, but I am trying to understand your setup here. - Users tap on a passive tag which opens up a web site which identifies the table. If the tag is passive it is hard to change what the NFC tags has stored, but you could still store a hash of the table number with a special key only you know and then compare on the server side: ie, using something like: https://github.com/blueimp/JavaScript-MD5/blob/master/README.md That would make it hard for people to type in a browser URL by mistake and place orders. People can still read the tag with their phones and save the URL and thus use it later if they wish to do harm. On the other hand, if your menu is on a screen with a programmable nfc device, then you could change the table identifier after each customer has paid and then only the paying customer can make fake orders to his own table. It seems that you mostly use NFC for bootstrapping the initial URL to the site (like Physical Web does it) but with an actual physical connection. You don't really need Web NFC for that, but being able to program the NFC tags (ie change table identified - ie number plus code hashed with key - after each paying customer or at least once every two hours, would be quite useful) A small device with NFC writer (card emulation) attached should be able to do that. -- GitHub Notification of comment by kenchris Please view or discuss this issue at https://github.com/w3c/web-nfc/issues/78#issuecomment-206775904 using your GitHub account
Received on Thursday, 7 April 2016 09:12:02 UTC