Hmm good idea. You’d need to talk to a park employee first. Technically yes it can be programmed with the proper AIDs (application IDs) and data, but the real question is whether or not the magic bands come pre-initialized with the proper AIDs and the park simply writes user-specific data to that band when it’s issued… or if the bands come totally “factory” and the issuing process configures the AIDs.
I have a magic band here… let me test it… this is what the band I have says;
IC manufacturer:
NXP Semiconductors
IC type:
MIFARE DESFire EV1
DESFire Applications:
Access control data for electronic locks #0
- Timelox AB
Disney MagicBand
– NDEF ------------------------------
No NFC data set storage
– EXTRA ------------------------------
Memory information:
Size: 512 bytes
Available: 320 bytes
IC detailed information:
Capacitance: 70 pF
Version information:
Vendor ID: NXP
Hardware info:
- Type/subtype: 0x01/0x02
- Version: 1.0
- Storage size: 512 bytes
- Protocol: ISO/IEC 14443-2 and -3
Software info: - Type/subtype: 0x01/0x01
- Version: 1.4
- Storage size: 512 bytes
- Protocol: ISO/IEC 14443-3 and -4
Batch no: 0xBA35519360
Production date: week 51, 2012
– TECH ------------------------------
Technologies supported:
ISO/IEC 7816-4 compatible
Native DESFire APDU framing
ISO/IEC 14443-4 (Type A) compatible
ISO/IEC 14443-3 (Type A) compatible
ISO/IEC 14443-2 (Type A) compatible
Android technology information:
Tag description:
- TAG: Tech [android.nfc.tech.IsoDep, android.nfc.tech.NfcA, android.nfc.tech.NdefFormatable]
android.nfc.tech.NdefFormatable
android.nfc.tech.IsoDep - Maximum transceive length: 261 bytes
- Default maximum transceive time-out: 618 ms
- Extended length APDUs not supported
android.nfc.tech.NfcA - Maximum transceive length: 253 bytes
- Default maximum transceive time-out: 618 ms
Detailed protocol information:
ID: 04:6F:8F:9A:9D:2B:80
ATQA: 0x4403
SAK: 0x20
ATS: 0x067577810280
- Max. accepted frame size: 64 bytes (FSCI: 5)
- Supported receive rates:
- 106, 212, 424, 848 kbit/s (DR: 1, 2, 4, 8)
- Supported send rates:
- 106, 212, 424, 848 kbit/s (DS: 1, 2, 4, 8)
- Different send and receive rates supported
- SFGT: 604.1 us (SFGI: 1)
- FWT: 77.33 ms (FWI: 8)
- NAD not supported
- CID supported
- Historical bytes: 0x80 |.|
Memory content:
PICC level (Application ID 0x000000)
- PICC key configuration:
- AES key
- PICC key changeable
- PICC key required for:
~ directory list access: no
~ create/delete applications: no - Configuration changeable
- PICC key version: 254
Application ID 0xF70090
-
Key configuration:
- 3 AES keys
- Master key changeable
- Master key required for:
~ directory list access: no
~ create/delete files: yes - Configuration changeable
- Master key required for changing a key
- Key versions:
~ Master key: 0
~ Key #1: 0
~ Key #2: 0
-
1 file present
- File ID 0x00: Standard data, 128 bytes
~ Communication: encrypted
~ Read key: master key
~ Write key: master key
~ Read/Write key: master key
~ Change key: master key
~ (No access)
- File ID 0x00: Standard data, 128 bytes
Application ID 0x78E127 (Disney MagicBand)
-
Key configuration:
- 2 AES keys
- Master key changeable
- Master key required for:
~ directory list access: no
~ create/delete files: yes - Configuration changeable
- Master key required for changing a key
- Key versions:
~ Master key: 1
~ Key #1: 1
-
2 files present
- File ID 0x01: Standard data, 16 bytes
~ Communication: plain
~ Read key: free access
~ Write key: free access
~ Read/Write key: blocked
~ Change key: free access
~ Contents:
- File ID 0x01: Standard data, 16 bytes
[0000] D1 27 2F 00 00 00 00 00 05 D9 00 05 00 89 01 88 |.’/…|
- File ID 0x02: Standard data, 56 bytes
~ Communication: plain
~ Read key: key #1
~ Write key: free access
~ Read/Write key: blocked
~ Change key: free access
~ (No access)