Newbie Q's: cloning a Mifare card to a NFC chip... How?


#1

Hi all:wave:

Totally new to this, and slightly lost, so I’m hoping you guys can help me out a bit :slight_smile:

I am looking at getting the chip implant, so that I can access my workplace (and the 1000 doors within it) without carrying the actual keycard.

I’ve come so far as to borrow an Android to scan my card. Found out it’s a
“MiFare, Tag Type Iso 14443-3a nap, 13.56 MHz”

How easy is it to copy this card? - and what would I need in order to do so?
What chip should I buy? I’m guessing the xNT would be sufficient for my needs? Or would you suggest something else?

All tips are greatly appreciated!
P


#2

Have you got a pic of the reader? Is it MultiClass SE?


#3

When you bottom out @JamesW question, Dangerous things offer a service for you to consider.
this is a 125kHz service only, but if you ask you just never know…


You can ask on the website contact page, almost at the bottom.

The forum still may be the best place to ask, you never know who is out there near you that can assist.
Good Luck


#4

You need to find out what kind of mifare tag it is. There are several types. An app like NXP Tag Info should tell you this.

The next question is, if the readers are leveraging the mifare security features in the tag or are they just reading the UID.

You need more information before you can buy anything,


#5

So, I went reader-hunting today, and apparently there are a few different ones, but I’m guessing the technology is the same.

These are the 2 main types:


#6

Ahh. I’ll need to borrow an Android again - I’ll update when I know more.

If it’s any help, the wiring inside looks like this:


#7

Okay, here’s some more info:

*NFX Semiconductors
*MiFARE Classic EV1 (MF1S50)
*Multi-application card (*Unknown application 0x0401, *Card Administration)
*MF1S503xX/V1
*ISO/IEC 14443-3 (Type A) compatible
*ISO/IEC 14443-2 (Type A) compatible
*Size: 1 kB


#8

That looks like you’d have to use a flexM1 to do that.


#9

Mjah. I was afraid that would be the case.
Another idea is to maybe ask the ID-making department if they would be willing to program the chip for me. Would that be possible? (in the technical sense). And if so, which chip should I then get? I’m guessing the procedure would be the same whether it’s an ID-card or a chip.

It’s weird, since usually my workplace is 100% shit with their choices in security/IT stuff - and then for this they oddly enough didn’t screw it up. Why?! :sweat_smile:


#10

Not necessarily - the Mifare Classic series is old and EOLed but pretty cheap. It all depends on the readers and the config - sometimes you can get away with using a ultralight on a Mifare classic system but other times you can’t. It all depends on the reader. If you can find a model number or a datasheet we could help you a bit more. I’ve personally never heard of this vendor of RFID readers but it’s possible you’re not in the US where I’m most familiar with readers.


#11

Nope, not US :slight_smile:
There aren’t any visible model numbers on any of the readers. The “ARES” ones have several different readers that look identical, so that’s going to be a lost cause to find the right one. The round ones, however, only have one 13.56 model on the website. Here’s all the specks I could find (not sure if that’s what you’re after):

  • 12VDC, 150mA, 1.8W
  • Input: 3 TTL (light diodes)
  • Output: 2 open collector (data)
  • Protection class: IP65
  • Reading frequency: 13.56 KHz
  • Reading distance: 9 cm (ISO cards)
  • Encryption: Possible, if needed (using Secure Access Module)
  • Touch free technology to use with ISO card (with magnetic strip)
  • “Open system”/cost efficient; Can be installed/maintained by different installers if wanted. Reading technology is based on “open standards”, so that key cards can be made by any chosen vendor. Every key contains a unique identification number (It does not use site codes or running identification codes, that otherwise binds the user to a specific card vendor).
  • Readers are not centralized - every door is controlled by it’s own unique card reader in a closed installation (only connection is a common 2-leading communication cable). All control panels can communicate with the administration PC in real time (connected via COM-port, modem, network or internet). The PC/communication system doesn’t take part in the access control by itself - and can be turned off.
  • The reader only contains the needed technology to read the key. The reader sends the identification key to the control unit, which then determines if the key has access.

Everything is loosely translated, as I’m not sure what the proper english terminology would be :slight_smile:


#12

Also - Is there any specific info you are after? Because then I guess I could also just reach out to the vendor and ask. The datasheets I’ve found are very sparse - mostly working temperature range, dimensions and stuff like that.


#13

Another thing…
When I borrowed the Android, I was able to scan the card using the same app as below (not my screenshot):

In my read there were no reading errors, 10+ sectors, lot’s of 0’s similar to above - except for the first couple of sectors that included, what I’d asume, is my unique identifier.
In my mind, that means it’s readable? And if it’s readable, it’s copy-able? Or?


#14

Basically I want to know if it’ll support Mifare Ultralight tags, specifically the NT216 without drastic changes to software or hardware. I’ve installed and maintained readers that either a) will only read Mifare Classics, b) will read both but put them in different formats, or c) read both but put them in the same format.