More than one on xMagic

Hey,
I got an Xmagic chip in my left hand, which I use to open doors. It works as a clone from a Mifare Chip from Salto.I did that with a proxmark3 and the clone tutorial. Can I write additional info on that 13.56Mhz Chip like text or data?
Thanks for your help

1 Like

it depends how the access control system is using the chip for authorisation.

if the chip’s UID is all the system requires then yes you can ndef format it and put text etc on it.

if th memory content itself is being used (check by looking at the file and seeing whether data is default or not) then you’d be unable to ndef format and write custom things to this implant while it is working as your access control card

1 Like

Also the Mifare is not an NFC compliant chip… so even if you have free memory sectors to store data with that won’t interfere with the Salto access system, only phones with NFC reader chips from NXP will have the proper licenses to interact with the memory sectors at all. Other phones won’t be able to read any memory.

Now, you didn’t specify phones so if you want to store data and read it off with some.othee type of reader and software application, then sure totally possible.

1 Like

iphones (and other non nxp ndef capable devices) can still read out NDEF memory if the mifare classic has been pre formatted with MAD. this is limited in the same way other NDEF capable chips are in that not all record types are accepted, can’t remember the full list atm but supported ones are URI/URL and a few others.

you can’t scan with nxptaginfo/nfctools and see more of the tags memory but you can interact with them in an NDEF context. it’s a cross compliance feature thanks to the existence of MAD

1 Like

Sorry that’s not accurate. iPhones do have nxp reader chips. This is the only reason they can do anything with mifare at all. There is no compliance though. The NFC Forum does not recognize NXP’s pseudo-standard as NFC compliant.

At this point it’s a very loose arrangement between Google, Apple, and NXP all kind of agreeing to do this thing based on guidance from NXP… there is no compliance to any standard though.

2 Likes

edited to withdraw the point abt the chips(also, what chip is it in iphones? can’t find documentation & if they’re using nxp chips nfctools & nxptaginfo should eventually gain full mfc support), the point of NDEF messaging still being accessible is still accurate however so you’re unlikely to be in a situation where a phone is completely unable to read ndef records off a mifare classic given the record type is within the acceptable type list.

i’ve yet to come across a situation where a phone of any type capable of ndef & nfc in general is unable to produce records from a mifare classic. would love to know if anyone else has observed it ofc

2 Likes

Earlier iPhones used the NXP 65V10 reader. Not sure about current models.

NDEF is just a data format, it’s not about access. The problem is that accessing the memory sectors on Mifare chips requires a license for crypto-1, and this will never be acceptable by the NFC Forum. Mifare classic chips will never be part of the NFC standard, unless NXP gives up the license completely… which is unlikely.

1 Like

which is why MAD is a thing as using NDEF over mifare classic requires sector access to read off the appID & point to memory content in latter blocks. the ndef app uses a set of default keys so to circumvent the need for crypto1 it’s using predefined nonces & nested authentication within sector 1 to access the memory blocks containing whatever record it is. they’ve managed to skirt licensing for crypto1 by exception for the ndef mad app within its background polling but doesn’t extend any further into other MAD use cases

1 Like

Yeah I get that, but a license is still necessary… it’s just been granted by NXP to any hardware using NXP reader chips… it’s built into the reader chips purchase price… but unless they drop the license entirely it won’t ever be accepted by the NFC Forum as part of the standard.

The only reason Apple only works with the NDEF container on Mifare chips is because of Apple. They have the license to properly interact with any memory sectors they want, but the NFC framework doesn’t make that easy and apps don’t bother with it either.

The MAD is a useful innovation for mifare formatted memory sectors, particularly when dealing with 4k chips. It’s similar to the capability container used in type 1, type 2, and type 4 NFC compliant chips which defines the NDEF version, size of the NDEF container, etc. They (NXP) created their own document for “NFC Type Mifare” but it’s an outlier.

Ultimately there are plenty of Android phones out there that use Broadcom, ST, Texas Instruments, Qualcomm etc. chips that can’t read any memory sectors of Mifare classic chips. If you want your transponders to work with NFC on any phone capable of NFC, don’t use Mifare classic.

1 Like