FAQ: Access Controls

At Dynotag, we take multiple measures to ensure the security of your records:

  • Dynotag does not engage third party advertisements or any other methods that may compromise integrity.  
  • All communications with Dynotag to manage and view the tags and their linked records take place over secure SSL channels, making “man in the middle” eavesdropping virtually impossible.
  • By default, viewing of a consumer tag will present a “CAPTCHA” challenge, making it very difficult for a robotic program to harvest protected information. This can be enabled/disabled on a tag by tag basis. (learn more)
  • There is some information you may want to display easily without wasting time to aid speedy help, such as personal photo, blood type, etc.  Then, there may be more sensitive information that is password protected so the viewer has to enter a password, such as lab reports and prescriptions. Lastly – you may have “Private” information in your record not open to any viewer but only you, when you are managing your record. We provide facilities for the user to “dial-in” the security scheme 
  • The Information record that will be viewed can be thought of as a “Tree” of information with branches. We have simple but powerful mechanisms for the record owner to decide exactly which components of the record should be displayed and how.

Dynotag Smart ID system offers a simple and flexible security and access control mechanism that uses the “traffic light” metaphor.

Not Password Protected
Password Protected
Private

You will notice the Record Access Control “traffic light” icons throughout the record sections and subsections. Clicking on the “traffic light” icon will pop open the access control menu for that section.

By default, the system uses the randomly generated Key Code on the Smart ID tag as the password. This keeps things simple, as a password is already in place. However, the owner of the record can override the Key Codes and establish a custom password for a record.

Note: It is VERY important that you review/adjust the security settings of your information records for your specific setup and needs.

Note: A Smart ID Information Record can only be viewed via an ID Tag that is “linked” to the Information Record.

An example SuperIDs Smart ID Tag

Using the example tag above, the Information Record linked to this tag would be accessed by scanning the QR code OR via visiting the Web Address https://dynotag.com/1234-5678 in a web browser.

If the tag’s linked Information Record is “password protected”, then a prompt requesting the Key Code “ABCD” to be entered would be displayed in order to display protected information.

In other words, the randomly generated “Key Code” that was used to activate the tag now does a secondary duty as the “Password” needed to view the Smart ID.

This is the default setting for most tags and records. Tag owners can alter the specifics. Some products may have a different initial setting.

Like a set of Russian nesting dolls, the access control mechanism works from outside in, meaning that the viewer first needs to be able to see the top level information before they get to see any lower levels inside that record. Same convention for information contained in other components.

A set of Russian nesting dolls (Matryoshka Dolls).
To see the doll contained inside, one has to open the doll on the outside.

The “Password” asked in order to see a protected component is typically the KeyCode printed on the tag being used to view the record.

When the owner is signed in and managing an Information Record, the “Traffic Light” icon shown on an information section controls the current access control / security setting for that item. These are only visible to the record owner while managing the record. Click a “Traffic Light” icon to see/update the security setting for that item.

These controls are visible on the Record Dashboard top level and for every section of the record.
You open up the Record Dashboard of a given record by clicking its orange colored button on the “My Records” screen.
That will place you in the “Basic Information” section of the record. Click the button to view the Top Level of the Record Dashboard – with all available sections for the record are displayed as icons.

This image has an empty alt attribute; its file name is public.pngGREEN: NOT Password Protected.
This item can be viewed by anyone who accesses the tag’s web address without having to enter a password.
YELLOW: Password Protected.
This item can be viewed only after entering a password as defined by record owner.
undefinedRED: Private
This item can be viewed only by the record owner while editing the record. No one else can view it.

The same password will unlock all the components in a record that require a password. Typically, this is the “Activation Key Code” of the tag used to view the record.

If required by the user, a custom password can be assigned to the record and override any Tag Activation Key codes from being used. This is typically done by experienced users with specific security needs.

See the “Password Usage Mode” in the record “Settings” section for more information. (learn more)

In summary:

  • Access control settings are specific to each record. Any adjustments you make affect only the record you currently are working on.
  • A record contains several components a.k.a. “sections”, each with their own access controls.
  • The access control works from outside in – like the nesting dolls.

Following annotated example shows typical use of access controls for a sample record “A” which contains several components/sections:

Example record with protected components.

Record A “access control” is GREEN , It allows viewers to see its components.
(If it were YELLOW , a password would be required before any contents would be displayed).

Component B “access control” is GREEN . It can be viewed by anyone who can look up the record.

Component C “access control” is RED . No one other than the record owner can see its contents.

Component D “access control” is YELLOW – and requires a password to be entered before any information is shown.

Component E is contained in Component D. Although its “access control” is GREEN – it will be subjected to more strict requirements of Component D it resides in – and will not be shown without a password.

When this record is viewed by a third party, the record security is GREEN : Not password protected, so:

  • Component B will be displayed immediately.
  • Component “D” will require a password in order to display its contents.

When the password is entered by the viewer, components D and E will also be displayed in addition to component B.

Component C will NEVER be shown to a third party, because it is marked RED : Private.

It is VERY important to test and adjust your security setup by testing your Smart ID after every change to make sure it works properly for your application…

Back to top