Get to know the T2Core technology

At T2Mad, we work with the most advanced and innovative technologies in order to create the unique technology solution for document security, which unites the physical and digital world:

invisible digital watermark, blockchain, digital signature and official time stamp

Invisible digital watermark technology: MAD

The MAD is an imperceptible mark embedded in an image, where a 256 bits encrypted key is stored.

It can be used on any image, simply complying with some basic typology and resolution parameters.

Furthermore, it is preserved in the copies, as much in digital as in printed.

T2Mad technology allows document mark inclusion. This action is performed by the T2Mad platform itself, embedding images on them based on predefined parameters.

Our solution: T2Core

Advantages

Advantages

Slide the table to see all content

TECHNOLOGYNFC / RFIDQRsImage RecognitionT2MAD
T2Core
INTERACTIVITY / INDUSTRIALNo / YesYes / YesYes / NoYes / Yes
COST PER UNITHighLowLowLow
CAN BE INTEGRABLE IN PRINTINGDoes not require manipulation or special implementation processesYesYesYes
REQUIRES ADDITIONAL SPACEPossibly.
Although it can be printed on the chip
YesNoNo
IDENTIFICATION PRECISIONHigh.
Although with risk of manipulation and fraud
High
Although with risk of manipulation and fraud
Medium / LowVery high
LETTER ON POSLow adoptionYesNoYes
EASE OF USEMedium.
Difficult to localize the ID
HighMedium.
Critical environment conditions for positive identification
High
TERMINAL COMPATIBILITYLowHighHighHigh
REQUIRED MOBILE APPLICATIONYesYesYesYes
SERIALIZATION OF UNIQUE IDs PER UNITYesYesNoYes
IRREGULAR SURFACE SUPPORTLimitedLimitedLimitedYes
TRACEABILITYNoNoNoYes
BLOCKCHAINNoNoNoYes
SECURITYMedia/BajaMuy BajaNulaAlta

Technical specifications

WRITING SDK

  • Marked images and documents´ API
  • Integration KIT with postman examples
  • SandBoxing environment

MOBILE APP

Generic and custom-made, allows watermarks to be read and their associated metadata to be obtained.

READING SDK

Allows completed readings to be interpreted and act as a base for predefined patterns depending on the typology of the mark.

Writing SDK

Component that allows the marking via API of an image or document.

Software architecture based on market security standard technologies:

  • Protocol security: HTTPS/SSL
  • Authorization protocol: OAuth 2.0 https://oauth.net/2/
  • Access token and Claims: JSON Web Tokens (JWT)

https://tools.ietf.org/html/rfc7519

  • User/roles management: Internal
  • API Rest
  • Multi-customer / Multi-project
  • IP Filtering / whitelist
  • Security policies and user revocation
  • Accessible from customer premises

OAuth2

The system uses the standard authentication flow through standard protocol OAuth2, which is a widely used business protocol in authentication web processes:

https://oauth.net/2/

JWT

The system uses the standard access Token representation flow for the propagation of identity and privileges or claims in English between two parties, proposed by the RFC 7519 standard.

https://jwt.io

The tokens are signed by the private server key, in such a way that both the customer and the server are capable of verifying that the token is legitimate.

Integration KIT

Together with the writing SDK, an integration KIT is delivered to the customer. This kit will allow the customer to test their integrations against a complete sandboxing environment at an early stage.

  • Technical documentation regarding the use of API (Scheme, methods, etc.)
  • Postman and CURL documentation marking examples
  • Sandbox created and parametrized project
  • Sandboxing access credentials
  • Set of watermarks assigned for TEST

Marking strategy: Scenario 1

  • Information safeguarding by the customers.
  • T2MAD only stores the ID of the business associated with the document.
  • Hash algorithms and timestamping procedures are applied (upon request)
  • In the case of non-generic applications (done ad-hoc), it is possible to carry out actions with the metadata obtained such as, for example, using it as a log-in system.

Marking strategy: Scenario 2

  • Information safeguarding by T2Mad (recommended for public data)
  • T2Mad stores the metadata associated with the document and if it is required, the document itself.
  • Hash algorithms and timestamping procedures are applied (upon request) to received data. When the reading is carried out, it is the T2Mad servers that return the information. It can be metadata, the original document or both things.

Additional timestamp services through BlockChain

By applying a mathematic algorithm, a document acts as a 64-character chain (hash) in a way that, if someone changes the content of this document and applies a new algorithm, the number will change.

MAD makes use of BlockChain, storing in its network the hash of the original document at the moment it was marked and recovering the transaction ID on BlockChain (another hash).

The authenticity and unchangeability of a document could be tested simply by consulting the transaction reference on BlockChain, which will give us the hash that should match with that of the document safeguarded by the customer.

In turn, it would allow us to consult the exact date when the document was uploaded to the network, which would act as a transaction time stamp.

Mobile App

At T2Mad, we work with the most advanced and innovative technologies in order to create the unique technology solution for document security, which unites the physical and digital world:

  • invisible digital watermark,
  • blockchain,
  • digital signature and
  • official time stamp.

T2MAD APPLICATION

T2Mad SecureDoc application: it is capable of adapting to different customer needs and reading any MAD.

AD-HOC APPLICATION

Application carried out for the customer, which acts on the basis of their specific security requirements and specifications.

SECURITY

Given that it implements the T2Mad reading SDK, it has the same security and access controls available.

Reading SDK

Each project is parametrized depending on the customer needs. Acting on the basis of the configuration and adapting to different scenarios, the reading SDK access has various security stages (free, token, certified) depending on the needs and confidentiality of the information. Therefore, a security log is kept with geolocation of the accesses (depending on the scenario).

1 Customer URL

In customer information safeguarding environments, the system returns a URL which prompts the customer systems based on a URL pattern and agreed encryption.

The system implements an impersonation control, filtering access only to the predefined server depending on the watermark read.

2 Metadata return

It returns the metadata associated with a watermark and, therefore, it limits access to ad-hoc applications.

3 Generic display

The T2Mad server platform implements a generic metadata presentation service, integrated with the hashing and timestamping mechanisms, perfect for public testing environments.