New NFC Sharing Applet

We just rolled out the new NFC Sharing applet to all Apex customers!

This new applet was developed by me for Vivokey, and supersedes the previous implementation by OpenJavaCard. The new applet comes with a few new fancy features:

• T4TOP 2.0 conformant NDEF implementation
• Interactive installer via Fidesmo! You can now specify the size of the NDEF data store you want to allocate (or pick one of the presets), an optional URL to load during installation, and even if you want to put the applet into read-only mode.
• Read-only mode! You can now either lock the applet for writing automatically directly after the installation, or any time when you want by sending a special command (APDU: 00 E1 00 00). This will eventually also be supported in the Apex manager app. There is no way to unlock the applet, you have to re-install it instead.
• Optional AES128-CMAC signature overlay! During installation, the applet is personalized using a random unique secret key and your Fidesmo ID. This key can then be used to sign the data read on each scan, to ensure the identity of the chip and also prevent re-using already scanned URLs. The template string {AES128_CMAC_SIGNATURE_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX} is automatically replaced with a new salted signature for each scan (format: UID-COUNTER-SIGNATURE). You can then validate this signature by posting it to the Vivokey validation API. For more information, see https://vivokey.com/api/ . This behaves a bit like the previous Spark functionality. The API is still being developed, if you are interested contact @amal .
• The FlexSecure crowd can of course still continue to use the OpenJavaCard implementation. I will continue to provide CI builds of that applet via GitHub as before. The new Vivokey NDEF applet will be available for Apex users for now (until we figure out how to securely deploy to FlexSecures remotely), because it integrates tightly with the Fidesmo ecosystem and also the Vivokey API platform.

If you have any questions or bugs to report, please feel free to do so in this thread.

How, if i can, emulate a mifare classic card with the apex flex? Or is the NFC sharing only for txt etc?

There are a few conflated terms here The P71 chip from NXP that the Apex Flex is built with has a hardware version that can do Mifare Classic card emulation, but that feature is not included in the version of P71 used for the Apex Flex.

The Mifare Classic chip type (S50) is not actually NFC compliant. The term NFC means a specific type of RFID transponder that conforms to the NFC Forum standard for NFC Types 1 through 5, and the Mifare Classic does not, therefore it is not an NFC compliant RFID transponder like the NTAG216 or other types of “NFC chips”.

The NFC Sharing application for Apex Flex means you can share data using a standard NFC defined NDEF container (an NDEF “message” that contains one or more NDEF “records” with payloads). This can be used for many things, including just sharing text etc.

Thx for answering this I have a Next chip, and the apex flex. But my employer has now gone over to mifare classic cards. So im out of luck then i guess

Yeah… xMagic?

what is the difference between the xMagic and the xM1? Can i not write to sector 0 on the xMagic? And what of a difference does that make?

xM1 is magic Mifare 1k only. It is also no longer being sold I believe.

xMagic is a combo of a magic Mifare 1k and a T5577 emulator chip. Kinda like a NExT, but with a magic Mifare chip for the HF side.

No limitations to what can be read/written. It’s the same magic Mifare 1k chip as the xM1.

The FlexM1, woukd be a great option, but they are currently getting an antenna redesign.
I woukd expect it will look similar to the newer PCB style HF Flex implants

like this

Clipped_image_20231005_080250232×834 128 KB

I’m not sure of the time frame, but im assuming it will be Soon™

It will still likely have 2 options
gen1a
and
gen2

Heres some more info

The FlexM1 will couple more easily with readers due to the antenna size
But
The xMagic is awesome, and it includes the T5577 chip as mentioned above.

/me is awaiting the FlexM1 aswell