I have noticed a lot of support topics asking about which implant the poster should get. This will not "solve" that (as it is not a problem in the first place), but it should give people a good idea as to what is available, and maybe help them narrow down what they want before posting.
Hopefully this helps give people some direction!
If there are any major factual errors or anything very unclear, please let me know so I can update it. This is not meant to be flushed out or all-encompassing by any means, but the goal is just to give people a brief(ish) overview.
PDF Version:
NotāsGuide-Apr2025.pdf (78.3 KB)
Notās Unofficial Dangerous Things Implant Overview
So, you have discovered the interesting world of subdermal RFID implants and know you want one. But which one should you get?
In this short(ish) guide, I will not discuss magnetic implants, as there seem to be very few options at any given time, and I am probably not the best person to ask. Otherwise, with RFID implants you should first ask yourself exactly what you want to do with it. Do you have a badge at work that opens the doors, and you want the implant to do the same? Do you want to share a business card by tapping your hand on somebodyās phone? Would you prefer to use it to unlock your own stuff, like your home desktop or instead maybe your car? There are thousands of different opportunities here that I wonāt cover. You just have to have an idea.
Iāll put a little disclaimer here, that with most implants, you are kind of limited to one task per implant, maybe two or three. How many things you can do with one implant almost always depends on whether or not those things will interfere with each other and if they use the same technology. If there is a particular system (ie a door access badge) that you want to clone or integrate with, you will need to identify what protocol it is using. This can usually be done by scanning the card with your cellphone with the TagInfo app. If the card does not show up, you may have to scan it with a Proxmark3. You can always inquire to the Dangerous Things Forum for help here.
Vocabulary:
-LF: Low Frequency, 125kHz. Usually used by older systems.
-HF: High Frequency, 13.56MHz. Most newer systems and phones can interact with this.
-Flipper Zero and Proxmark3: Tools that are extremely helpful for doing anything involving cloning and pulling info from RFID/NFC cards.
-UID: An NFC deviceās serial number.
-KBR1: There is an HF and a LF version. This is a tool that you plug into your computer and it will take the info off of an RFID device and use it in place of a password.
-xAC: A DIY device used for making your own locking mechanisms.
There are dozens of options available for install, many of which are very similar. It would be best to put them into a few groups to simplify, starting with the four main groups:
T55: These implants contain a T5577 chip, used almost exclusively to open up older enterprise door systems. If your workplace has had the same badge system for many years, thereās a pretty good chance that they use an LF technology similar to HID Prox or EM4xxx. The T5577 chip can emulate almost any one of these LF cards, and hey, thereās a chance your work badge is a T5577 pretending to be one of these. They can also sometimes be used for unlocking your desktop (see āLF KBR1ā).
NTAG: These implants tend to have an HF NTAG 2xx chip or something that functions in a similar manner. Generally speaking, these are most often used for storing little bits of information like a URL (possibly to a YouTube video or a business card). They also have an unchangeable UID that can be used to do things like unlock your desktop with the help of a reader (see āHF KBR1ā and āxACā).
Magic: This large group if implants refers mostly to implants that emulate an HF MIFARE 1k and MIFARE Ultralight chipsets. These can be used to open some āMiddle agedā enterprise door systems, open many families of hotel door locks, and will usually** work with most Chinese-made ultra-cheap products you will find on the usual websites. These also have a changeable UID that you can take advantage of (see āHF KBR1ā and āxACā).
Cryptographic: These HF implants can generally be used as a factor for signing into accounts or sometimes be used for payment** or as a Tesla (car) key.
There are some other implants with more specialized chips that donāt fall into the categories above or are generally unpopular, but here are some quick descriptions if you are interested in them:
xDF2/flexDF2: DESFire EV2 8k- These can store a ton of data. This family of chips is usually used for newer enterprise door systems, but are extremely hard to clone. You will almost certainly need permission and help from your IT or Facilities team at work to get one of these implants to open the doors unless you are part of that team.
xDF3: DESFire EV3 8k- Similar to the xDF2, but with more features especially relating to security.
xHT: HITAG S2048- A less common LF access control chip.
xSLX: ICODE SLIX2- An uncommon HF access control chip vaguely similar to but incompatible with NTAG chips.
flexClass: HID iClass- A small family of HF access control chips.
So now you hopefully know which category of implant is right for you, or you know that you need one of the five more specialized ones.
Now it is time to think about form-factor. Donāt choose just yet, just think about it. Pretty much every implant will fall into one of the two following form factors: xSeries or Flex. The name of the implant should indicate which form factor it is in.
xSeries implants are encased in a very strong biocompatible glass. These come in the shape of a small cylinder ranging from 2-3mm wide and 10-15mm long, loosely similar to a pill. These should be placed in a fleshy area that is not directly over bone, like between your thumb and forefinger metacarpals. (Donāt worry about it being glass. Your bones are more likely to break than the glass. If the glass has broken, it is probably the least of your worries.)
Flex implants are laminated between two layers of a flexible biocompatible polymer. These can widely range in size and shape, but they are always flat around 0.5mm thick, and usually they are either long and thin (roughly 7-8mm wide and 28-38mm long), or circular (20-35mm wide). These should be placed on flat parts of your skin with little movement, like the back of your arm just above where a watch would sit or sometimes the back of your hand.
There are pros and cons to each, but be aware not all implants come in both form factors:
xSeries
Pros:
-Less Expensive
-Usually indefinite lifespan
Cons:
-Lower range
-Can have trouble coupling with some devices
Flex
Pros:
-Higher range
-Usually can couple with more devices
Cons:
-More likely to break down over time if poorly placed
Here we are. You know what you want to do with your implant. You know what category of implant you need for that. You know about the two different form factors and what those mean. Now it is time to choose which implant(s) to get. Let me break down the categories into their individual implants:
T55:
-xEM: Contains a T5577. This is good for cloning EM4xxx cards, HID Prox cards, Indala cards, and many similar LF chips. You can also unlock your computer using this and the LF KBR1.
-flexEM: Contains a T5577.
-NExT: Contains an NTAG 216 and a T5577.
-NExT2: Contains an NTAG I2C and a T5577, with a Green, Blue, or White LED connected to the NTAG.
-xMagic: Contains a Magic MIFARE 1k (gen 1a/2) and a T5577.
NTAG:
-xNT: Contains an NTAG 216. Good for working with smartphones, sharing small bits of data, unlocking computers with the HF KBR1, and unlocking physical devices with the xAC.
-flexNT: Contains an NTAG216. Just like the xNT but with more range.
-xSIID: Contains an NTAG I2C (effectively the same as an NTAG 216). The difference between this implant and the xNT, is this will use any extra power not used by the chip to power an LED (Red, Green, Blue, or White). [Superseded by NExT2]
-NExT: Contains an NTAG 216 and a T5577.
-NExT2: Contains an NTAG I2C and a T5577, with a Green, Blue, or White LED connected to the NTAG.
Magic:
-xM1: Contains a Magic MIFARE 1k (gen 1a/2). This is good for cloning certain access control chips
including some (especially older) hotel key cards and working with the HF KBR1 and xAC.
-flexM1: Contains a Magic MIFARE 1k (gen 1a/2).
-xMagic: Contains a Magic MIFARE 1k (gen 1a/2) and a T5577.
-flexUG4: Contains an Ultimate Magic MIFARE gen4. This is good for cloning pretty much any MIFARE chip outside of DESFire. MIFARE Mini, MIFARE 1k, MIFARE 4k, MIFARE Ultralight (many hotels use these), and even NTAG chips.
Magic Generation excerpt:
Magic MIFARE was not developed by NXP, maker of the MIFARE family of chips. It was effectively created in the grey market where standards do not necessarily need to be met and the same result comes from multiple different āgenerationsā of chip designed by different people. Technically these just emulate a MIFARE chip with special backdoor functions that the end user (you) can exploit.
-Gen1a: You can only use the wakeup (backdoor) commands using a special tool like a Proxmark3 or a Flipper Zero, but it is effectively impossible to brick the device in normal use. Some readers especially in Asia can recognize a Gen1a chip and will reject it.
-Gen2: You can use the wakeup commands using special tools or an Android phone. This is usually not detectable by readers. It is possible to brick it under normal use but is sometimes recoverable.
-Gen4: Comparable to Gen2, but can optionally be programmed to work as a gen1 instead. This is capable of emulating many more types of MIFARE family chips. This is effectively the best version of Magic MIFARE.
Cryptographic:
-Spark 2: Contains an NFC Type 4 with AES128 cryptography. This is good for anything that an xNT would be good for, but with special encryption related features. It can be used with the Spark Actions app to have more advanced behaviors.
-Apex Flex: Contains a P71 capable of very advanced cryptographic functions. VivoKey and Fidesmo applets can be run on the implant to do multiple different tasks. It can work as a Tesla Keycard, can be an OTP authenticator (similar to a Yubico key), and is technically capable as a payment device (note: No companies have certified it for use at the time of writing.)
-flexSecure: Contains a P71 capable of very advanced cryptographic functions. This differs from the Apex Flex only that it is not supported by the same app repositories, so you will need to compile and install the applets yourself. You benefit by not being locked to these platforms like the Apex Flex, but you loose access to these platforms.
Bonus:
-xLED: Just an LED connected to an antenna. It will flash when in range of either an HF or a LF field depending which version you get. Useful for finding the optimal position for presenting your other implants to a reader.
Whew. Okay, so youāve gone through and seen pretty much every RFID implant available, at least from Dangerous Things. Are you still confused on what to get? Iāll throw in some editorās picks here:
-xMagic or NExT: These are really nice all-around implants, that even if you donāt make full use of, you get double the implant for one install. Both can work with older door systems, both can talk to both versions of a KBR1 and the xAC, and the xMagic can work with some slightly newer door systems. If you want a decent entry level access control implant that can do a lot, get the xMagic. If you want to share data with cellphones instead but still want a T5577, get the NExT.
-NExT2: If the NExT sounds like the implant you want, think again just one more time for me. For all intensive purposes it is the same as the NExT, but IT FREAKING LIGHTS UP!
-flexUG4: If you know you need a MIFARE magic chip for hotel use or otherwise, and you are willing to get a little in the weeds with it, this is your implant. It can emulate almost any MIFARE chip beautifully, and you get that sweet sweet flexy range.
-Apex Flex: Do you own a Tesla and plan to keep it? Just buy this immediately. Donāt own a Tesla but you want to have the most secure form of MFA possible? This is perfect for you too.
*Updated to April 17, 2025