Stormpath Plus Smartrac

SMARTRAC is the world’s leading manufacturer of RFID transponders. Used in a variety of applications from U.S. passports, to pet microchips, to electronic toll payment transponders, SMARTRAC produces a staggering 1.7 billion RFID responder tags annually. The possibilities of the technology are virtually limitless.


The breadth of applications for RFID technology gives SMARTRAC a presence in nearly every market sector. Increasingly, those applications connect through cloud services. “Take a pair of jeans,” explained Jason Weiss, Vice President of Cloud Platform and Applications at SMARTRAC.

“A pair of jeans typically is not connected to the cloud, but the moment you affix an RFID tag to them, those jeans suddenly can have dynamic content associated with them. You can create a relationship between their brand owner and the consumer that previously wasn’t possible.”

To that end, SMARTRAC created SMART COSMOS, a new cloud services platform built around RFID data. SMART COSMOS enables comprehensive Machine-to- Machine and Machine-to-Product communication, and a wealth of pre-built services and extension points. Using the platform, system integrators and software developers can easily create new applications for authentication, identification and tracking of goods.

The use cases are compelling: brands can track product authenticity to reduce counterfeiting and piracy; supply chain workflows efficiency can be managed at the item level, in real-time to reduce loss and waste; RFID data can enable extended consumer experiences with a beloved brand item long after the sale.

The Cloud-Enabled Football Jersey

The lifecycle of a football jersey demonstrates the power of the SMART COSMOS platform at each step of the supply chain.

SMARTRAC helps customers in vertical markets prove the correct royalties were paid for an item. That licensing enforcement information is tracked with RFID and in the SMART COSMOS “Profiles” service. 1000 football jerseys under that license are manufactured in Vietnam and assigned serial numbers and date of manufacture. Details about the jerseys, such as team, player, and season, is linked to the SMART COSMOS “Objects” service through the RFID tag for rich product data.

After leaving the manufacturing plant, only 994 jerseys are actually delivered to the port, and by
the time the ship arrives in the port of Los Angeles, a whole box is missing. Somewhere in the port another box falls off a forklift, and now only 894 jerseys reach the distribution center.

“SMART COSMOS provides the infrastructure for brands to delay the authenticity licensing until they have reclaimed possession and are in control of the item in their distribution center.” Weiss explained. “The 106 jerseys lost along the way have labels, but never went through the RFID reader at the distribution center. Therefore, authenticity was never turned on in the cloud.”

Once the authentic jerseys are in the retail market, their RFID transponder can enhance the fan experience in their home team’s stadium and solve a critical problem for the stadium operator – how do you motivate a fan to buy a jersey and spend money at the concession stands?

One way is to incentivize them with offers, which can be powered by the SMART COSMOS “Flows” platform service, an RFID-centric, BPMN 2.0 compliant workflow management solution. It allows a very junior software developer or even a business analyst to design a workflow around RFID.

An example offer might instruct stadium visitors to bring a current-season jersey to the concession stand to get $5 off their first beer at every home game. An RFID reader in the concession point-
of-sale reads the jersey’s RFID tag, and triggers a workflow that retrieves the jersey’s “Profile” and “Object” from SMART COSMOS. It verifies this is an authentic jersey from the current season. Then the workflow checks SMART COSMOS again, to see if the visitor already redeemed their beer coupon for today’s game. They have not, so the light at the register turns green, and the information for that sale is connected back to the RFID data in SMART COSMOS: location, timestamp, value of sale, etc.

“This ecosystem would allow a stadium operator to deploy a system like that in a matter of a few weeks instead of months of engineering time,” says Weiss.

Stormpath: Secure Multi-Tenant User Data With Flexible Deployment

Stormpath helps SMARTRAC by powering identity infrastructure across SMART COSMOS, using a multi-tenant data-partitioning model. Every developer on SMART COSMOS Profiles, for example, gets a unique, secure directory partitioned from other company’s data. “Users get access with
that one username and password to the software as a service hosted in our cloud,” Weiss explained. “We don’t have to worry about managing our customer’s users. We let them manage their own users within their own directory.” 

This user data model also protects customer data in a way that is easy for SMARTRAC to maintain. Stormpath encrypts and protects all the passwords, so there is no way for SMARTRAC to actually see any of the end-user passwords. As a former naval cryptologist, Weiss understands the importance of security, and Stormpath’s advanced security features were a deciding factor in SMARTRAC’s choice.

“We know Stormpath is following the best practices that are out there today for security,” Weiss said. “I don’t have to worry that somebody screwed up the implementation, because it’s all managed by the Stormpath service.”

In the retail market, Stormpath has also proved advantageous, helping SMARTRAC position itself as highly reputable and ultra-secure, and helping avoid embarrassing security breaches. “I remember at one of my last positions, a developer left a debug statement turned on in the code that logged the password,” Weiss recounted. Even though there was no breach, the company had to tell its entire customer base to change their passwords.

“That’s a very embarrassing conversation to have with paying customers. Been there, done that. I never want to do that again.”

Stormpath has not only saved the SMARTRAC team development time and engineering man
hours, it cut down on the team’s stress. “I would have lost sleep thinking, ‘We’re deploying this at a
federal institution. Did we get everything coded correctly? Did we have all the right unit tests to
make sure it’s safe?’” Weiss explained.

With Stormpath, the entire SMARTRAC team can rest easy without having to stress about data security.