Okay, I figured I’d finally take some time to describe how to setup a Tasker script to automatically enters a PIN into a banking app when scanning an NFC implant without hardcoding the PIN in the script.
So I have this banking app from my bank (Nordea) called Nordea Codes. What it does is, when you log into the online banking website, you enter your customer ID. As soon as you hit Submit, the app buzzes and asks you to punch your PIN number on the screen. As soon as you do, you’re logged into the online banking website.
This is a fairly standard cellphone-based online banking authentication scheme, and it works. But it requires me to enter a PIN each time when one of my implants could very well do the job.
Of course, I reached out to Nordea and asked them if they would consider an option to scan an implant as a replacement for the PIN. Of course, being a giant faceless bank with exactly zero interest in helping one single guy, they never bothered to answer. I didn’t hold much hope, mind you.
What’s a half-decent biohacker to do, you ask? Well, hack of course I needed to trick the banking app into accepting a PIN from Tasker, and do it in a reasonably safe way.
1 - The app is not helpful
First of all, the banking app only accepts PINs tapped on the touchscreen. I tried connecting a USB keyboard to my cellphone, to see if it would accept the PIN from key events, but no: it has this custom entry form on the screen and there’s no way to feed it outside input events easily.
I’m pretty sure it contravenes a variety of laws on access for people with motor of visual impairment. But nevermind that. The short of it is, the only way to autotype a PIN is to use AutoInput to simulate screen taps.
2 - The app is paranoid
If you “type” the PIN at an impossible speed for a human with Tasker / AutoInput, the app locks up and you have to get a new code from the local branch of the bank, to the tune of 4.50 euros. If you enter the wrong PIN 3 times, the app locks up again, and that’s another 4.50 euros. Guess how I know… Fucking ripoff!
So the Tasker script needs to slow down to human-credible speeds to enter the pin, and there has to be a mechanism to prevent typing any PIN at all if the wrong implant is scanned.
3 - Hardcoding a PIN in a Tasker script is a Really Bad Idea™
The obvious, easy solution to autotype a pin when an NFC implant is scanned with Tasker is to trigger the script on your implant’s UID, and hard-code the PIN to type in the banking app into the script. The major problems with that are, if your phone is stolen:
1/ Your implant’s UID is hardcoded in Tasker. If you use it for other things, like get into your house, someone has the ability to make a clone.
2/ Your banking app’s PIN is hardcoded in Tasker: any idiot can read the script, log into your online banking and clean your account.
Not good. Not good at all… So the script needs to do some math so that the script alone, or the UID alone, aren’t enough to discover the PIN.
Tasker is terrible at math. But it has just enough to make something reasonably secure. It’s not proper security by any means, but it’s better than leaving your balls hanging in the breeze with a hardcoded PIN.
Here is the profile and task you need, described in Tasker “pseudo-code” (I really wish that thing had a proper keyboard input and syntax…). The explanataions are down below:
Profiles: * NFC enter banking PIN NFC Tag -> NFC UID to PIN type Tasks: * NFC UID to PIN type 1. NFC Tag Output Variables %nfc_id ID 2. Variable Convert Name %nfc_id Function Hex to Decimal Store Result In %nfc_id_dec 3. Variable Clear Name %nfc_id 4. Variable Set Name %header To %nfc_id_dec * 49 + 813692853 Do Maths 5. Variable Clear Name %nfc_id_dec 6. Variable Set Name %trailer To %floor(%header / 100000000) Do Maths 7. Variable Set Name %header To %header - %trailer * 100000000 Do Maths 8. Variable Set Name %pin To floor(%header / 10000) Do Maths 9. Variable Set Name %header To %header - %pin * 10000 Do Maths 10. Stop If %header NEQ 1337 or %trailer NEQ 1337 11. For Variable %digitno Items 1:4 12. Variable Set Name %digit To %pin % 10 Do Maths 13. If Condition %digit EQ 0 14. Autoinput Action Configuration: <Whatever needed to click 0 in your banking app> 15. End If 16. If Condition %digit EQ 1 17. Autoinput Action Configuration: <Whatever needed to click 1 in your banking app> 18. End If 19. If Condition %digit EQ 2 20. Autoinput Action Configuration: <Whatever needed to click 2 in your banking app> 21. End If 22. If Condition %digit EQ 3 23. Autoinput Action Configuration: <Whatever needed to click 3 in your banking app> 24. End If 25. If Condition %digit EQ 4 26. Autoinput Action Configuration: <Whatever needed to click 4 in your banking app> 27. End If 28. If Condition %digit EQ 5 29. Autoinput Action Configuration: <Whatever needed to click 5 in your banking app> 30. End If 31. If Condition %digit EQ 6 32. Autoinput Action Configuration: <Whatever needed to click 6 in your banking app> 33. End If 34. If Condition %digit EQ 7 35. Autoinput Action Configuration: <Whatever needed to click 7 in your banking app> 36. End If 37. If Condition %digit EQ 8 38. Autoinput Action Configuration: <Whatever needed to click 8 in your banking app> 39. End If 40. If Condition %digit EQ 9 41. Autoinput Action Configuration: <Whatever needed to click 9 in your banking app> 42. End If 43. Variable Set Name %pin To Floor(%pin / 10) Do Maths 44. Wait MS 200 45. End For 46. Variable Clear Name %digit 47. Variable Clear Name %pin
In case someone wants the importable XML for the task (specifically for the Nordea Codes app in this case) to avoid entering everything manually, here it is:
NFC_UID_to_PIN_type-Nordea_Codes.zip (2.7 KB)
So what does it do?
The “NFC enter banking PIN” profile is linked to the task “NFC UID to PIN type” task and triggers when any NFC tag not natively handled by Android is scanned.
In the task, line 1 stores the NFC UID in the %nfc_id variable. A UID is just a number, but at this point it’s a hex string. Line 2 converts it into a decimal integer that you can do math on.
Line 4 is where the black magic happens: it takes the UID number, does a quick operation on it and turns it into another large integer.
In this example, the implant’s UID that’s supposed to trigger entering the PIN is A1B2C3D4. It’s a sample 4 byte Mifare Classic UID, just to illustrate the logic. So this UID is scanned, then turned into the integer 2712847316, then the operation 2712847316 * 49 + 813692853 yields the value 133743211337.
That value is in fact 1337, the PIN to type in reverse (here 1234), then 1337 again, all concatenated into a single integer. Lines 6 - 9 split that value into the variables %header, %trailer and %pin. Then line 10 checks that %header and %trailer contain the magic number 1337 before allowing the rest of the script to autotype the PIN.
That way, if another UID is scanned, %header and %trailer won’t match and the script will not autotype the wrong PIN into the banking app (or rather, strictly speaking, %header and %trailer will be very unlikely to both contain the magic number, but that’s good enough to stop mistakes). And of course, you also need the right UID to extract the right pin.
The trick is to make up the math formula in line 4 so that the right UID yields the right pin and magic header and trailer.
Once the PIN is determined, the rest of the script from lines 11 to 45 extract each of the 4 PIN digits, unit first (hence the need to encode it in reverse) and types it into the banking app using AutoInput.
Line 44 introduces a short wait between each tap in the banking app, so it doesn’t figure out it’s not a human entering the PIN.
Finally, lines 46 and 47, but also 3 and 5 clear any compromising variables from memory, so that nobody can read them later on or manually trigger the script using the last scanned UID. If you’re very paranoid, you can even scan another implant after the “hot” banking implant to really make sure Tasker has forgotten it.
I hope the above will give you ideas. If anything isn’t clear, let me know and I’ll try to explain better.