Method, system, and device for generating, storing, using, and validating tags and data

What is claimed is: 1. A smart tag, comprising: data storage configured to store tag data, an address of an authentication service, a cryptographic key, and a changeable data part that is initially stored in the data storage with an initial value and is changed to a new and non-repeated value after each use of the smart tag; a Tag Authentication Cryptogram (TAC) module that invokes a cryptographic engine to utilize the cryptographic key and the changeable data part to generate a unique TAC in response to receiving a read request from a reading device; and a communication interface that enables the TAC module to transmit the unique TAC along with the tag data and the address of the authentication service to the reading device, wherein the reading device is enabled to validate the smart tag by requesting a signature certificate for the unique TAC from the authentication service prior to the reading device executing one or more instructions contained in the tag data, wherein the authentication service receives the unique TAC from the reading device, validates the unique TAC and subsequently issues the signature certificate to the reading device. 2. The smart tag of claim 1 , wherein the data storage includes a secure element that stores at least one of the tag data, the address of the authentication service, and the cryptographic key in an encrypted fashion. 3. The smart tag of claim 1 , wherein the address of the authentication service comprises a Universal Resource Locator (URL) and wherein the unique TAC is appended to the URL when transmitted to the reading device. 4. The smart tag of claim 3 , wherein the unique TAC and URL are used to request the signature certificate from the authentication service, wherein if the signature certificate is valid and received at the reading device, the smart tag is validated to the reading device. 5. The smart tag of claim 1 , wherein the data storage is configured to also store a TagID and wherein this TagID is transmitted by the TAC module along with the TAC. 6. The smart tag of claim 1 , wherein the communication interface comprises a Near-Field Communications (NFC) interface. 7. The smart tag of claim 1 , wherein the communication interface comprises a Bluetooth interface. 8. The smart tag of claim 1 , wherein the cryptographic key comprises a symmetric cryptographic key. 9. The smart tag of claim 1 , wherein the tag data comprises at least one of a phone number, email address, and Universal Resource Locator (URL). 10. A method of operating a smart tag, comprising: receiving, at the smart tag, a read request from a reading device; in response to receiving the read request, generating, at the smart tag, a data object that includes tag data and response-specific data, the response-specific data including a signature value, a unique certificate Universal Resource Locator (URL), and a changeable data part that is initially stored in the smart tag with an initial value and is changed to a new and non-repeated value after each use of the smart tag; and transmitting the data object from the smart tag to the reading device via a proximity-based Radio Frequency (RF) protocol, wherein the reading device validates the smart tag by requesting a signature certificate for the response-specific data from an authentication service prior to the reading device executing one or more instructions contained in the tag data, wherein the authentication service receives the response-specific data from the reading device, validates the response-specific data and subsequently issues the signature certificate to the reading device. 11. The method of claim 10 , wherein the unique certificate URL comprises a substantially unique Tag Authentication Cryptogram (TAC) and a Tag Identifier (TAGID) incorporated therein. 12. The method of claim 11 , wherein the unique certificate URL is transmitted to the reading device with one or more delimiters separating the tag data, the TAGID, and the TAC. 13. The method of claim 11 , wherein the unique certificate URL and the TAC incorporated therein are used to obtain a valid signature certificate from the authentication service and wherein the reading device conditions execution of the one or more instructions contained in the tag data upon receiving the valid signature certificate. 14. The method of claim 10 , wherein the proximity-based RF protocol comprise at least one of a Near-Field Communications (NFC) protocol, an Ultra-High Frequency (UHF) protocol, a High Frequency (HF) protocol, and a Bluetooth protocol. 15. A method of authenticating a smart tag, comprising: receiving, at an authentication service from a reading device, a request for a signature certificate, wherein the request for the signature certificate includes a Tag Authentication Cryptogram (TAC) generated by the smart tag during an interaction between the smart tag and the reading device, wherein the TAC is generated using a changeable data part that is initially stored in the smart tag with an initial value and is changed to a new and non-repeated value after each use of the smart tag; analyzing the TAC to determine whether the TAC is unique and generated by a known and valid smart tag; based on the analysis of the TAC, determining that the TAC is unique and generated by the known and valid smart tag; in response to determining that the TAC is unique and generated by the known and valid smart tag, generating a valid signature certificate; and transmitting the valid signature certificate to the reading device, wherein the reading device conditions execution of instructions contained in tag data exchanged between the smart tag and reading device during the interaction upon receiving the valid signature certificate.