I’m doing some house cleaning, and I found an old HID access card today - probably circa 1998 or 1999 - with a photo of my younger self on it. It was the access card to the building of a company I used to work for back then. I promptly threw it on my LF RFID reader to see if it’s still readable, and… nothing.
My reader is supposed to support 125 kHz, 135 kHz and 13.56 Mhz, and it’s supposed to support a whole bunch of protocols. So either my old HID card uses an unsupported frequency or protocol - which I doubt - or the chip has gone tits up over the years. Considering that I know for a fact the card went from being a working card to a souvenir stored in a shoebox for over 20 years, I’m thinking the chip has aged badly. Which makes me wonder how long those things are supposed to last.
Anybody knows if our chips have known aging issues? Has anyone experienced one going silent on them for no reason? I realize maybe people haven’t been chipping themselves long enough to start reporting aging failures, but I’m wondering…
Depending on how the chips.were programmed, if IDs are stored in eeprom then there will be a maximum “data retention” period that comes into play. It’s possible the memory blocks basically degraded to “unreadable” and the chip is functional but has no ID number to report.
Well, I remember reading somewhere that the charge in the cells of eeproms, flash etc lasts around 20 years if no refresh is done. That’s long enough for most house pets to die before the chip does. Also, if a vet can’t scan a tag, they’re far more likely to assume the pet is unchipped rather than diagnose a silent tag, so I reckon it’s unlikely to get reported.
It’s possible that the technology has gotten better and solid state storage lasts longer now, because I remember reading about that a long time ago. Still, one thing is certain: the data retention life isn’t infinite.
As for the chip in my HID card, I don’t know if it’s supposed to report an error or stay quiet if it works but can’t send an ID, but the red LED on my reader sure doesn’t light up. So it’s most likely not communicating with it at all.
It’s not all same same… eeprom differs from flash, and even different eeprom and flash memories have different data retention ratings… that’s why “data retention” is a spec on eeprom and flash (and basically all data storage)… so you’ll notice NTAG216 chips have a data retention rating of 10 years (see spec sheet) and the ICODE DNA chips used in the VivoKey Spark 1 have a 50 year data retention… but both use eeprom style storage blocks.
Many chip types however are not designed to be reprogrammed at all, and have their code and usually their ID numbers laser etched or lithographed into the silicon during wafer manufacturing… so those won’t ever deal with memory loss issues like eeprom will.
I just read the old HID card I had with my brand-new Proxmark3. The card isn’t dead, but the read results are a bit strange:
proxmark3> lf search
NOTE: some demods output possible binary
if it finds something that looks like a tag
False Positives ARE possible
Checking for known tags:
HID Prox TAG ID: 23220bb7f8
Invalid or unsupported tag length.
Valid HID Prox ID Found!
So it’s invalid, but it’s valid
Still, the Proxmark3 truly is a versatile tool. Great little thing!
How old? It is possible that some chips are programmed with an ID number … either one time programmable bits or some kind of memory locking method… but either way if the ID isn’t laser etched into the chip during wafer manufacture, then there is a possibility that the memory is degrading… the “data retention” period may have been reached and it’s now losing integrity.
Well the tag is 40 bits, and there is a class of HID cards with 40-bit IDs (so-called Casi Rusco format). I found a press release that states HID would distribute Casi Rusco products circa 2000. My card dates back to that particular year.
So I believe it’s alive and well, just very old and not very common anymore. Hence the PM3 saying it’s invalid/unsupported and yet knowing it’s valid at the same time, possibly if the two different parts of the firmware that spew out those messages were coded by two different people, one of whom included the possibility of 40-bit IDs just because they once existed.
The latest I believe. I pulled it out of the git repo only a few days ago:
proxmark3> hw version
Prox/RFID mark3 RFID instrument
bootrom: master/v3.1.0-176-gd00a30d-suspect 2020-01-17 15:58:06
os: master/v3.1.0-176-gd00a30d-suspect 2020-01-17 15:58:07
fpga_lf.bit built for 2s30vq100 on 2019/11/21 at 09:02:37
fpga_hf.bit built for 2s30vq100 on 2019/11/13 at 14:52:19
Yeah, I’ve been wondering about doing a periodic data refresh - sort of like what you do with magnetic media. After all, flash memory holds data with electric charges, so a “top-up” once in a blue moon might be a good idea.
Correct… though most chips use EEPROM… but the same principle applies… there are two numbers that matter when it comes to “data rot” (@thevampkid)… first is data retention - how long will a bit written to a memory block remain reliably readable. Many of our chips have a 10 year data retention, but VivoKey chips like the Spark line and upcoming Apex line will have a 50 year data retention.
The next number is write count - how many times can a specific memory block be written to before it can no longer reliably represent the data written to it. Many of our chips have a 100,000 write count, but VivoKey chips have a higher write count - up to 500,000.
So, if a chip has a 10 year data retention and a 100,000 write count, that means you could write data to it once, wait 10 years, write to it again… even the same exact data to “refresh” the memory blocks… and now you have another 10 years and 99,999 writes left for that chip. In theory, if you wrote to your chip once every 10 years to keep the data fresh, your chip could last (in theory) for a million years… VivoKey chips up to 25 million years… in theory