Is there one implant that does everything I need?


#1

I’m new to NFC implants so I really appreciate your guidance as I get ready for my first one. Ideally I would install just one flex implant that can do everything I want, but I’m not sure if thats an option. Here’s my wish list:

  • maximum range and performance. My desire to have the best equipment is drawing me twords the flex options.
  • vCard sharing. I network a lot for my work, I would LOVE to share my contact information to strangers phones seamlessly as I have seen in videos.
  • commercial building access. I work in real estate and have 4 buildings with RFID access that I visit regularly. One building uses ProxyPass cards but we updated the other three to a new system recently. All I know is that I manage access on the new system through VirtualKeypad.com
  • phone / computer / account security. I’m pretty ignorant about this subject because I have never used implants for digital security. But if I understand correctly I believe certain implants can be used as passwords on NFC capable devices like my Pixel XL 2 and 2017 MacBook Pro.

So here’s the ultimate question. Is there a flex implant that can be used for vCard, building access, and login security? The FlexNT looks like a good option but I’m not sure if it does building access. I don’t understand the difference between the FlexNT and FlexDF. And maybe the new Vivokey Flex One could do all of this… But isn’t available yet… Should I wait?

It looks like the vCard sharing maybe isn’t as seamless on the Vivokey Flex since it has to go through their proprietary website first, compared to the FlexNT which seems to pull the contact info right up.

Anyways, iv rambled on enough. I’d really appreciate it if you could help me figure this out :sweat_smile:


#2

Update! I looked up the work order for the new entry system we are using on the three buildings, and it’s described as

“IEI-Prox.pad - Keypad, IEI, Stand alone or wiegand 26 bit, keypad, reader”

Hopefully that is enough info to identify compatability. If not, I can collect more info tomorrow!


#3

Wiegand 26 bit suggests to me that it is using low frequency, not NFC, so I doubt you could use any current Flex implant for building access.

What do you use to access the building currently? Is it a card/keyfob, and if so is there anything written in it such as HID or Indala?


#4

Hey thanks for the insight! One building takes a RFID card and the other three take a RFID keyfob. Honestly they all take keycodes so if I had to give up one of the three features I mentioned, building access would be the one because I can always use the code. I have direct access to program the systems though so if I did have the correct implant it would be easy for me to set up. I will take a closer look at the card and fob at my office tomorrow to answer your question.

Is it possible that a Vivokey applet could enable this functionality? I see there is one “coming soon” called Vivokey KeePass but no description.


#5

From what you described, I think the best single-chip solution would be the flexNT. The flexNT and the xNT use the exact same chip (an NFC NTAG 216). The flex has significantly greater read range. The flexNT will give you the maximum range and performance

The advantage of the NTAG 216 chips is that there are quite a few existing devices that work with them. And the chips are semi-programmable so you (or others) can also write client applications that could make use of them. They also work with any smartphone that has an NFC reader. You can easily store a vCard or many other types of NDEF data on the NTAG216, and on most Android phones, just tapping the phone to the chip will bring up a dialog asking to add the contact, send an email, open a webpage, etc. A couple of caveats though. First, having multiple NDEF records is a mixed bag. Some phones will only respond to the first. Others (like my Samsung S8+) will respond to multiple. So if I have a vCard NDEF record and a webpage record, both may open. But my friends Huawei sometimes opens the vCard record and sometimes does nothing. Second, there is only limited support on iPhones. Search the forums for more info, but only the last few generations of iPhones started having even half-way decent support for NFC.

Commercial Building Access: As others have said, this depends on the type of ACS (access control system) your building uses. If this is the pad you are talking about, then you will not be able to use the flexNT/xNT to access it. Only the xEM would work for this, and even then I give it a 50/50 shot at best. In order to get any new RFID chip to work with an ACS, you have two strategies. First, if you have access to the ACS system, or can convince the building owner, it is usually pretty simple to register a new chip with the ACS. You or someone else would “enroll” the xEM. If this isn’t possible then you might be able to clone your existing RFID key to an xEM. But this requires purchasing or having access to a device called a ProxMark, along with some knowledge of terminal commands. It isn’t difficult, but it’s not a one-click operation either.

For Phone/Computer/Account security, the NT is again your best bet, at least for now. The simplest way is to use your flexNT to augment an existing password. You would type in the first part of your password, then use a USB reader to scan your flexNT and have it spit out the UID. This UID would form the second half of your password which would then let you log-in to the computer. Dangerous Things sells one of these readers. The computer sees it as a keyboard, meaning it can be used anywhere you would enter text, so it can augment any kind of password. I would not recommend using it as the full password, as there is nothing you can do to prevent anyone with an RFID scanner from reading the UID off your tag. The fact that it is implanted in your hand helps, but it is still pretty easy to get the UID if someone is determined. You can also program other kinds of data on the flexNT, and the chip does have some security features for protecting that data from both reads and writes. However it is complicated to setup, and if you wanted to store your own “secrets” you would need to code your own computer application to read it.

The forthcoming VivoKey Flex One is both more and less functional than the xNT. It if more functional in that it is fully programmable and can, in theory, do a ton of stuff. However, it currently is less functional out of the box. There are no access control systems, door locks, or even phones that can interact with it natively. The Flex One does have some cool uses, and one of those is as a replacement to Google Authenticator. This is already working and opens some cool account security uses. But this is more for protecting online accounts like Gmail, Facebook, etc, then for logging into your computer locally.

Bottom line, if you really, really only want a single chip, ever, then wait for the Flex One. But it could be a long time before it does everything you want it to. Instead, I’d get the flexNT now, make use of the low-configuration uses like vCards and unlocking your door, then getting a Flex One in the future when it’s ready.


#6

Just dive in and get multiple implants. :slight_smile: If you are willing to go under the knife to get a flex, then getting an injectable xEM to cover other scenarios is an easy solution.


#7

I’d shoot for a flexone when it comes out. And an xEM or flexEM if that ever becomes a thing.

Virtual Keypad is a DMP product, I’ve installed a few of their stuff before. Should be standard HID 26-bit unless your installer hated himself. That should be able to work with an xEM.

The difference between the Virtual Keypad/DMP product and payment/NFC is mainly frequency. There’s no easy way to get the kind of output you need for the “new system” out of NFC just in general.


#8

@Rum buy the RFID diagnostics “credit” card. It has two LEDs one that lights up when presented to a 125khz reader and one that lights up when presented to a 13.56 MHz reader. This will tell you what frequencies the RFID reader operates on.


#9

Wow, this community is amazing! I’m blown away by the amount of time you all spent helping a noob like me understand implants. Especially you @GrimEcho, thank you!

It almost seems like I need a different implant for each of the three features I want. EM for access, NT for vCard, and Vivokey for authentication.

My fear is jumping in too fast with three implants right now, and then causing scar tissue in all my best implant locations. We all know they will continue releasing better equipment so I would prefer to thoughtfully install new chips over time. Tough decisions…

What implant do you guys think would pair best with the Vivokey Flex? I wish they made a flexEM…


#10

The xEM is the most future-proof, imo. That is, if you have a need for it, otherwise it would be non-sensical to implant it.

As a side note, scar tissue should be minimal or non existent if the procedure is done right. The only scar would be the entrance point, and you can reuse that.


#11

I mean it’s hard to say which is most future-proof. I’ve seen (out in the wild) plenty of NFC-based access systems, be it Mifare Classic, Ultralight, Desfire, or an active platform like javacard. That being said I do think HID readers will stick around for quite some time as they are basically the standard. It’ll go away eventually, sure, but it’s hard to say exactly when


#12

The xEM covers practically all the 125khz options.

On the other hand, who knows maybe most applications will be based on 13.56mhz going forward, but you can’t cover them all with one chip, and if you do cover one, it probably won’t be for long. Hence, the 13.56mhz chips you implant need to be more tailored to current needs you have.

The only thing I was saying is we won’t be missing 125khz applications any time soon. I was not trying to predict the “next big thing” in RFID.


#13

True.


#14

There really isn’t s strong need for a flexEM. The difference between the flex line of implants and the “x” line is simply the antenna. In general, the more data you exchange with an RFID chip, the stronger the coupling you need between the chip and the magnetic field produced by the transceiver. When you combine the 125khz frequency the xEM uses, with the comparatively low amounts of data and processing, the small antenna on the xEM is fine for most applications. If you install the chip in a location that is adaptable (e.g. finder, webbing between fingers, etc), then coupling with a reader is very easy. I’ve used my xEM with three different access systems, and rarely have an issue getting a read on the first try. The only time weak coupling is an issue is when you are trying to program the xEM with a cloned UID. Here you do need a very strong coupling, but this can be achieved by using the write external antenna on the programming device (e.g. a Prox Mark).

The chip in the xEM is widely used, but it is also very insecure. The minimal encryption/protection has been broken for a long time, and access control vendors are moving to more secure alternatives, usually in the 13.56 NFC spectrum. But AC systems are hard to upgrade and HID and similar systems will be around for a while.

Contrast this with the Vivokey Flex One. This uses the NXP P60 chip, which was designed from the ground up to be multi-purpose. The chip runs JavaCard applications and is Turning complete. But that processing comes at a cost, and there likely no way such a chip could ever be in an “x” form-factor. When released the Flex One will be able to replicate some of the functionality of the flexNT. For example, you will probably be able to install an applet on it for storing NDEF records (e.g. vCard, website, etc). However, this probably won’t extend to access control systems. Any AC system that is designed to work with standard NTAG or MiFare chips will probably not work with the Flex One. These readers typically only do very minimal processing, such as reading the UID.

The flexNT still has the most out-of-the-box uses. If you have a specific 125khz access control system in mind, then first figure out if you can add an existing key to the system. If so, then definitely grab an xEM. The xEM is injectable and requires very little install or healing time. There is usually no permanent scarring, and if there is, it is a tiny dot about the size of an ink drop from a pen. If you can’t enroll a new key to the system you want access too, then I would only get the xEM if you are able to also purchase a ProxMark or know someone who has one.


#15

I’d second this with my experience, the xEM reads quite easily with the several different styles of scanners at work, one of them even reads it from about 2 inches away. Apparently the more reliable performance with the xEM is because the lower frequency of the 125khz chips/antenna just makes for easier coupling as compared to the 13.56mhz chips. If you don’t want to mess around with/invest in the Proxmark, I’d recommend the white Multi-Frequency cloners, I’ve had zero problems writing to and reading from my xEM/HID Access Control Badges using it. There’s a great thread on all of the different options for programming the xEM here :