Each barcode encodes a JSON payload signed with ECDSA-P256. The signed data includes: certificate ID, property SHA-256 hash, compliance status, GPS coords, and expiry timestamp. Only the AFCAS app holds the verification public key.
Standard CR80 credit-card size (85.6mm × 53.98mm) printed on PVC 760 micron stock. Features include holographic overlay, UV-reactive ink for the GNFS crest, and microtext security line around the border.
The companion app scans the barcode, extracts the ECDSA signature, verifies it against the embedded public key, then queries the gateway API to confirm real-time status. Works offline with cached key for field use.
The signed payload makes duplication useless — any modification to the barcode data invalidates the cryptographic signature. Combined with physical security features (hologram, UV ink, microtext), forgery is computationally and physically impractical.
| Specification | Detail |
|---|---|
| Card Dimensions | 85.6mm × 53.98mm (ISO/IEC 7810 CR80) |
| Material | PVC 760 micron, gloss laminate finish |
| Barcode Format | PDF417 / Data Matrix with ECDSA-P256 signed payload |
| Hash Algorithm | SHA-256 (certificate hash chain) |
| Signature Algorithm | ECDSA with P-256 curve (NIST) |
| Payload Contents | cert_id, property_hash, status, gps, expiry, block_ref |
| Security Features | Holographic overlay, UV-reactive ink, microtext border |
| Verification Method | AFCAS Mobile App (Android/iOS) — offline capable |
| Print System | Batch queue via gateway API, card tracking & dispatch log |