Question about generic Chinese Cloner

Good day; I am new to RFID and hoped someone could help me with some basic info.

Regarding these generic RFID cloners that come out of China…

My arduino takes about 5 seconds to read the entire 1K of memory, but the chinese cloner takes only milliseconds to clone. This leads me to believe that either the arduino runs at a fraction of the clock speed of the other device, or that the chinese cloner only copies the UID.

So do they simply copy the UID or do they copy the contents of the entire card? And do I need to copy the entire memory contents for the cloned card to work?


What kind of card are you talking about? I don’t think cloners typically copy “user” memory, just the UID and any needed keys.

1 Like

It is a mifare ultralight card. SAK 00 ATQA 44, 7 byte UID

I have read that most RFID locks do not use the memory- only the UID. I would assume the memory is used for storing user info- name, address, etc?

Not sure you would want the address of the lock stored on the key, in case it ever got lost…But you are correct. most locks just look at the UID. Some more secure locks will use the advanced crypto features in the cards like the DESfire . Not sure if there are any locks that use the user memory. If there are, they are few and far between.

1 Like

You seem very knowledgeable; thank you!

Perhaps you can help me further understand how this works. The cloner I speak of has a feature where it can supposedly clone encrypted cards. For this you must hook it up to the computer via usb and run an executable.

So what encryption exactly is this referring to? and does this have anything to do with the user memory?

The reason I ask is because I read that the user memory contains keys in the sector trailers, which control access to the user memory blocks. Block 3 of sector 0 has one too - which is the block that stores the UID (in block 0 sector 0). Furthermore, the RFID-cloner sketch for the arduino RC522 has an array called “known keys” containing the FFFFFFFFFFFF key that I see in the sector trailer when I scan my card. This is of course a blank card that came with the reader, so it is not programmed for any proprietary lock yet. Perhaps it would have an unknown key at that point?

So thats why I thought it needed the user memory to clone the UID, but at the same time it doesnt really make sense because why would they require a key that is fully visible to anyone who reads the card with a simple memory dump?

Any light you can shed on this would be a big help!

Some systems actually use the memory… hotel door locks for example… the valid dates and times are often written to the card along with the door lock number… that way the door locks only need to have the valid date and time to function properly. No need to connect the locks to any centralized system.

Other systems that use the memory and security features of the card often don’t care about system security… they only care about using those features to ensure customers have to buy replacement cards from them.

1 Like