Hi everyone, this has probably been asked before but I didn't want to i guess bump a necro thread.
Basically I was wondering is it possible for me to copy an nfc tag to another nfc tag. From a post I saw here, it said it is possible as long as the tag isn't encrypted.
So basically what i was hoping to know is one how would be the best way I would know if its encrypted and two what would be the easiest way to do this.
If it helps my mindset is basically I want to copy the NFC tag from my bus card onto a wristband so that I don't need to use the card anymore. What I'm guessing is that everything is set electronically in terms of card cost and stuff like that as I read that I can recharge and view my balance online so I'm assuming the card just acts like a connecter to your specific account and doesn't actually contain any money information on it.
I tried an app to read from the card and it did show me what I think is numerous files, in which the one I saw said that I was allowed to read from the device but no write access which I'm guessing is fine since all I want to do is read and copy from that NFC tag and then write it to another one I can buy.
The other thing I could do is just cut up my bus card and get the nfc part and place it under a watch or something, the bus company said I can get a new card for free whenever I like if I lose my current one so that's another way but seems a bit crude to me.
eitherrideordie said:
Basically I was wondering is it possible for me to copy an nfc tag to another nfc tag. From a post I saw here, it said it is possible as long as the tag isn't encrypted.
Click to expand...
Click to collapse
You can copy any information you can actually read. BUT the following is not working:
If it helps my mindset is basically I want to copy the NFC tag from my bus card onto a wristband so that I don't need to use the card anymore. What I'm guessing is that everything is set electronically in terms of card cost and stuff like that as I read that I can recharge and view my balance online so I'm assuming the card just acts like a connecter to your specific account and doesn't actually contain any money information on it.
Click to expand...
Click to collapse
Wrong assumption. A card used for banking etc has a private key on it that the bank will use to authenticate you. In order to do this they let the card sign some data and verifies the signature. If everyone could read that key, that would be horrible unsafe. Everybody that would be able to read the key could sign the data on your behalf. That is why the key is on the card and never leaves it.
I tried an app to read from the card and it did show me what I think is numerous files, in which the one I saw said that I was allowed to read from the device but no write access which I'm guessing is fine since all I want to do is read and copy from that NFC tag and then write it to another one I can buy.
Click to expand...
Click to collapse
As I said above, this works for cards that contain only data. You can copy any data that is readable, but cards that give you the functionality you want are not copyable via nfc.
The other thing I could do is just cut up my bus card and get the nfc part and place it under a watch or something, the bus company said I can get a new card for free whenever I like if I lose my current one so that's another way but seems a bit crude to me.
Click to expand...
Click to collapse
Same as above. Id guess your buscard is some sort of mifare card. You can only read/write those if you have the keys. And I don't think you will have them. Well it depends on the exact card but still.
Damastus said:
You can copy any information you can actually read. BUT the following is not working:
Wrong assumption. A card used for banking etc has a private key on it that the bank will use to authenticate you. In order to do this they let the card sign some data and verifies the signature. If everyone could read that key, that would be horrible unsafe. Everybody that would be able to read the key could sign the data on your behalf. That is why the key is on the card and never leaves it.
As I said above, this works for cards that contain only data. You can copy any data that is readable, but cards that give you the functionality you want are not copyable via nfc.
Same as above. Id guess your buscard is some sort of mifare card. You can only read/write those if you have the keys. And I don't think you will have them. Well it depends on the exact card but still.
Click to expand...
Click to collapse
I guess I had too much I was hoping would work, but from reading what you said it doesn't sound like it will . I do get that it has a private key, I was just kind of hoping that in this case it wouldn't since the card doesn't really seem like its worth much, such as compared to something like a visa card or something like that.
Each card has a unique number on them written on the back, so I guess I just kind of assumed each number was assigned for each account type thing and if you lost a card they would just change the account with another different number since you can own multiple bus cards, and that would be all I need, but it seems like you are most likely correct. Our buscard only came into affect about a month or two a go, but I'm assuming they probably paid a company of some sort to do it, and if thats the case they probably would have it encrypted either way
Is there still a way I could check? Just in case theres like some sort of miracle and it is only just a basic card type thing? Even though thats most likely wrong?
You can copy any data that is readable, but cards that give you the functionality you want are not copyable via nfc.
Click to expand...
Click to collapse
If this is the case though I guess its impossible
Cheers though
eitherrideordie said:
Is there still a way I could check? Just in case theres like some sort of miracle and it is only just a basic card type thing? Even though thats most likely wrong?
Click to expand...
Click to collapse
You could try to identify the card. Maybe use sth. like NFC TagInfo or ReTAG to see what type of card it is. These TagInfo will also show you whats in the card when its readable. But dont get your hopes too high.
Damastus said:
You could try to identify the card. Maybe use sth. like NFC TagInfo or ReTAG to see what type of card it is. These TagInfo will also show you whats in the card when its readable. But dont get your hopes too high.
Click to expand...
Click to collapse
Hi, thanks heaps, had a go at using NFC TagInfo and this is what I get
Tag information says the tag type is ISO/IEC 14443-4 smart card
mifare desfire evi(mf3ICD2I)
Under the ISO/IEC 14443-4 Smart card part
it talks about the mifare desfire
Within there it says
Key configuration changeable YES
Master Key required for application creation/deletion YES
Master Key required for application directory list NO
Master Key changeable YES
Available Keys KEY 0: Key version 1
Another key configuration says the exact same thing but also says
Key change permissions AUTHENTICATE WITH KEY 0 application master key
And there's a whole heap of files in there, most of which are readable but some say read fail.
From the sound of all this, its starting to not look that good , I'm assuming if there's keys and things that the only way would be to break them and I don't want to do anything against the rules to be honest .
Related
Hi
Here at the university we use a NFC card to check in. Is it possible to copy the tag to my phone so I don't have to carry my student card around?
Depends
Sent from my LS670 using XDA
Shark_On_Land said:
Depends
Sent from my LS670 using XDA
Click to expand...
Click to collapse
Wow, helpful much?
I'd like to know this too.
thx
arjun rajput
+1
I like to know this to.
(Here at the university we use a NFC card to check in. Is it possible to copy the tag to my phone so I don't have to carry my student card around?)
Hi Samuel
I believe this is not possible right now, as there are security measures in place to prevent fraudulent use, but give it a couple of months there will be apps you can download , to copy re-writeable NFC tags to your phone, making your phone work as an emulator of some sort.
virus007 said:
(Here at the university we use a NFC card to check in. Is it possible to copy the tag to my phone so I don't have to carry my student card around?)
Hi Samuel
I believe this is not possible right now, as there are security measures in place to prevent fraudulent use, but give it a couple of months there will be apps you can download , to copy re-writeable NFC tags to your phone, making your phone work as an emulator of some sort.
Click to expand...
Click to collapse
To emulate cards with your NFC phone, you have to have full control of the secure element. In the Nexus phones, access to the secure element is restricted to Google - only they have the codes to access it. In non-Nexus phones like the SGS2, they don't even have built-in secure elements and therefore have to rely on SIMs, which are in turn controlled by operators. Without access to the secure element, you won't be able to emulate another card. So, no, even in a few months you won't be able to copy a tag and emulate it from your phone. Unless Google opens up the secure element to, which is unlikely.
To OP: Even if you could actually copy the contents of the card and then emulate it, this might not be enough. Many schools use just the UID of the card to associate it with your account on their system. This means that there's a good chance that your card actually has no data on it. Furthermore, phones aren't currently able to emulate UIDs. You're out of luck.
LoveNFC said:
To emulate cards with your NFC phone, you have to have full control of the secure element. In the Nexus phones, access to the secure element is restricted to Google - only they have the codes to access it. In non-Nexus phones like the SGS2, they don't even have built-in secure elements and therefore have to rely on SIMs, which are in turn controlled by operators. Without access to the secure element, you won't be able to emulate another card. So, no, even in a few months you won't be able to copy a tag and emulate it from your phone. Unless Google opens up the secure element to, which is unlikely.
To OP: Even if you could actually copy the contents of the card and then emulate it, this might not be enough. Many schools use just the UID of the card to associate it with your account on their system. This means that there's a good chance that your card actually has no data on it. Furthermore, phones aren't currently able to emulate UIDs. You're out of luck.
Click to expand...
Click to collapse
Clearly, a direction NFC will follow. There's no way users will allow something like that to remain as neutered as it currently is. It just (seemingly) has not worked that way in the past.
thanks
thanks
Hi, I just downloaded some nfc reader app from the play store and discovered the phone reacted when I stick the gym I'd card at the back of it.
This card is usually used in order to enter the gym i go to every day (almost). I just have to place it close to a black box installed in the automatic doors and they get opened. I noticed I must place it very close in order to make it work.
Now, I'm not 100% sure it's this technology but if an nfc app is able to read it, o guess it is.
Now, my idea is to replace my Id card, which sometimes I forget, with my phone.
I want to ask if there is a way to make my phone store the nfc data in the card so when I go to my gym, I place the phone near this door instead and make the same function as with the card.
Is this doable? I'd need to read the card once store whatever is on it and then be able to transmit such info on demand.
I'm new to nfc but I'd like to see something like this.
Thanks!
Sent from my Nexus 4 using Tapatalk 2
Short answer:
No.
Long Answer:
Unless you know how to emulate the card's UID, you can't do it.
If your card uses the data stored non the card, which is not likely, you will have to find a way to emulate it.
Beamed from my Maguro.
So, I'm interested in an Ouya, but I have literally no interest at all in actually buying anything through the Ouya store; I just want to hack it and see what I can make it do. Is there ANY WAY to skip going online and registering a username, or is that a requirement? I suppose I could just make a full backup with CWM after making a username and never have to worry about being online with it again, but skipping it would just be easier. Any suggestions, or is that just how the Ouya works?
pedrovay2003 said:
So, I'm interested in an Ouya, but I have literally no interest at all in actually buying anything through the Ouya store; I just want to hack it and see what I can make it do. Is there ANY WAY to skip going online and registering a username, or is that a requirement? I suppose I could just make a full backup with CWM after making a username and never have to worry about being online with it again, but skipping it would just be easier. Any suggestions, or is that just how the Ouya works?
Click to expand...
Click to collapse
well the registration is basically just to have a credit card on file you don't actually log on to anything when you turn it on and it doesn't bother you if your offline its just a means to buy things on the store. Now with that said you can't proceed with anything unless you have a credit card so if you buy this thing and don't have a card to use your screwed but there are ways around that use a test card number from the link below as your credit card number and you wont be able to buy anything but it will ring true with the credit card server and you can proceed without using your actual info.
This is links to the test card numbers these are usually used to test a newly installed card reader without having to actually charge anything.
http://www.paypalobjects.com/en_US/vhelp/paypalmanager_help/credit_card_numbers.htm
https://support.adyen.com/index.php?/Knowledgebase/Article/View/11/0
huckjam said:
well the registration is basically just to have a credit card on file you don't actually log on to anything when you turn it on and it doesn't bother you if your offline its just a means to buy things on the store. Now with that said you can't proceed with anything unless you have a credit card so if you buy this thing and don't have a card to use your screwed but there are ways around that use a test card number from the link below as your credit card number and you wont be able to buy anything but it will ring true with the credit card server and you can proceed without using your actual info.
This is links to the test card numbers these are usually used to test a newly installed card reader without having to actually charge anything.
http://www.paypalobjects.com/en_US/vhelp/paypalmanager_help/credit_card_numbers.htm
https://support.adyen.com/index.php?/Knowledgebase/Article/View/11/0
Click to expand...
Click to collapse
Okay, thanks. I'll definitely use a fake CC number, as I never plan on buying anything from the Ouya store. I'll just have to do a CWM full backup after I set everything up.
This works. I used a face cc also. I get everything from play store or side load.
Sent from my Nexus 4 using Tapatalk 2
lets say a nfc/rfid card for a job or apt is disactivated. Is there a way you can reprogram the card in anyway for it to be able to gain access again to those places?
bump
q-live said:
lets say a nfc/rfid card for a job or apt is disactivated. Is there a way you can reprogram the card in anyway for it to be able to gain access again to those places?
Click to expand...
Click to collapse
Afaik, there is no 'activation' or 'deactivation' on nfc.
Afaik, again, the readers interpret what the card has written on it. Let's take opening a door. On the card you have an unique ID, the reader goes through a list of authorized IDs, and if yours is in there, it opens the door.
Via an NFC reader app you should be able to replicate any card you like, and I also think reprogramming is possible. If your ID is not allowed to cross a gate anymore, you would have to scan a tag which can and emulate it. This goes without saying, don't do anything illegal.
Also, there could (should) be some more layers of protection, like encryption of the data on the tag, which could prevent advanced editing.
Of course, these are my two cents, I may be ridiculously wrong.
Sent from my XT1068 using XDA Free mobile app
Wow
Ok i have read the FAQ and im somewhat sure that this does not fall under the "How can I emulate, copy, edit or bypass my Mifare card (student ID, work ID, Bus pass etc)?" section
I have a smart card that i require to log into an online site, normally i can do this easily by haveing a smart card reader pluged into my desktop and i put in my pin and i can log in. However because of this im unable to log into my account while on my andriod phone. my smart card does have nfc capabiltys and is sometimes used to access rooms where i work.
Enabling nfc on my phone and using "smart card toolkit" that i downloaded from the play store it was able to read data from my card but it did stop and according to the log it said "response sw1sw2: 6a 81 (function not supported)" and in other "steps" next to response sw1sw2 sometimes i saw "instruction code not supported"
now with this alone i dont know enough to say if its hopeless or not so hopefully the people here can help shed some light on this for me. im just looking for a way to use nfc to read the data on my smart card and save it to a pkcs#12 file so i can use the certificates to log into my online account. Or honestly even if i need my card every time it doesnt matter to me just so i can log in to my account on my phone.
and yes i did try holding my card to with nfc enabled while the webpage looked for certificates but i just get ERR_CONNECTION_CLOSED in the chrome browser, firefox doesn't work either.