How it works
Two ways an instrument protects its reading.
Tamper detection tells you when an instrument has been opened. Coded calibration controls who is allowed to set it right again. Together they mean a reading you can stand behind.
The code is generated on the server, shown on the phone, and entered into the instrument over Bluetooth. It never lives on the device — which is exactly what keeps the device simple.
Sealed and calibrated
The instrument leaves calibration sealed. It shows readings normally and records that its enclosure is intact.
Tamper is detected
If the enclosure is opened, the instrument enters a tamper state. It stops showing readings and logs the event — a breached scale cannot be used to transact.
A code is requested
To recalibrate, an operator requests a code from the server. The server issues one that is valid exactly once, for that instrument.
Entered over Bluetooth
A phone app connects to the instrument over Bluetooth and passes the code in. With the calibration switch on and a valid code present, calibration proceeds — and the code is spent.
Re-sealed and trusted
The instrument is re-sealed and returns to showing readings. The next recalibration will need a fresh code from the server.
When a government adopts it
The weights-and-measures authority holds the server. Every sealed instrument in the country can only be recalibrated on the authority's terms — turning coded calibration into an enforceable standard rather than a feature.
When an operator runs its own fleet
Even without a national standard, an organisation — say a tea factory like KTDA — holds its own server for its own scales. The code still has to be entered before calibration will take, even with the calibration switch on.