They are designed to provide an additional layer of security to the NFC communication process by preventing unauthorized access to the chip’s data.
One example of such a chip is the NTAG 424 DNA from NXP Semiconductors. This chip has a unique feature called “Secure Unique NFC”, which generates a new and unique ID every time it is read.
Another example is the MIFARE Plus EV2 from NXP Semiconductors, which also has a feature called “Random ID” that generates a new and unique ID every time it is read.
Resources and links:
Secure RFID Chips Comparison: An Overview of NTAG424 DNA, ICODE DNA, and UCODE DNA - RFID Card
NTAG 424 DNA | 424 DNA TagTamper – Advanced security and privacy for trusted IoT applications | NXP Semiconductors
MIFARE Plus EV2 | MIFARE
That’s interesting but I feel uThat’s interesting but I feel it’d just confuse most systems unless they’re prepared to handle the yubikey-like OTP seed/key random generation. I’d love to see some use cases though, and ideally, non-proprietary hardware that can interpret and use the data.
Quick edit because I didn’t answer the title - No I don’t believe there are any implants with that kind of functionality.
Generally speaking, randomized UID is not a security feature. It is a privacy feature. It’s meant to make the true UID of the chip effectively hidden until properly authenticated.The random UID feature is defined in the ISO/IEC 14443 spec.
We don’t bother with this on the Spark 2 or Apex or any of our DESFire based implants because it’s not a significant positive impact for our customers. To the contrary, most of the time it becomes a problem for people that want to use their products with simple access control systems that don’t employ any security features and just use the UID.
In a stupid move they called it Random ID (RID) and use “RID” to describe it… but RID has a different meaning with smartcard chips like Apex that use Javacard AIDs and RIDs. Anyway, the whole UID thing is explained pretty well here;
AN10927.pdf (229.4 KB)
The DESFire spec doc also mentions it.
doc_DESFire-EV1-MF3ICDX21-41-81.pdf (112.1 KB)
From what I recall there is a command you can use to enable it with the DESFire chips, but it’s one way only. Once enabled I don’t think you can disable it. More reading is necessary.