Hello!
I have been interested in the possibility of getting an implant or at least a ring that can replace my RFID college badge. However, I have had much trouble in finding out what type of technology it uses. It has no numbers that showed up on google, and when I bought the RC522 rfid reader to try to read it, it did not even register. I could have been using it wrong, but my older college card (from another college) showed up just fine, along with both of the extra cards supplied with the unit.
Anyways is there any way I can find out what type of technology/frequency it is using? This small college has actually no idea what kind of card it is, so that was also a dead end.
Some possibly helpful items:
This is a pdf on everything the card can do;
It is relatively thick, but here were some pictures that I could get of the inside and back of the card. (the front had personal info)
If the RC522 didn’t pick it up, it’s probable that the card is running on low frequency rather than high frequency (that, or it’s using a non-NXP standard). Your best chance of figuring it out would be to get your hands on a Proxmark and give it a scan with that. Barring that, you could order a RFD card from DT and hold it up to the scanner to see what band it’s scanning on.
Not to be a downer (but I’m gonna be a downer): have you felt out how the powers that be at Covenant College will react if and when they discover you have an implant? Reformed Presbyterian is pretty laid back, but an RFID / NFC implant could push that.
So if it is indeed low frequency, what is the best way to go about copying that?
I took a look at the Proxmark, but it seemed a bit too expensive. On multiple Arduino forums I got the impression that it’s hard to copy 125 kHz cards without spending something like $50-$70 on it. Although I might be willing to pay the $50 for an implant or ring, I don’t want to have to buy a lot of extra hardware just to copy it then rarely use it again. (the RC522 was just $5)
Is there anything that I can do about that? Or do I just need to face the fact that it’s pretty expensive?
Just going to take a step back here.
Let’s do this methodically.
Yes I agree it sounds like a LF card.
However, can we give you a few things to do / try.
I understand you are trying to do it on a budget, so I will take that into account.
I know you have tried RC522 rfid reader.
Have you read any other cards with your RC522
Generally, if a card has a rectangular antenna it is likely HF, if it is circular it is likely LF. Yours looks rectangular.
?
Are you iPhone or Android? Either way, Could you:
Download TagInfo by NXP
Turn on NFC on your phone
Remove any phone cover
Open TagInfo
Place your card on the back of the phone, and let us know if it reads.
So yes, I have tried other cards with the RC522, and they do work fine. Even my old college card (that is from a different school altogether) works fine. Could there be something wrong with the RC522?
I do have an Android, but unfortunately it does not have NFC capability, it’s kind of old.
Maybe one of the forum dwellers lives near Chattanooga and has a PM. As for copying it with a blue cloner, it would be doable if the card is an EM4xxx (or possibly a HID if you buy one of the newer cloners). But I’d advise you identify the card before buying the cloner, because there’s a good chance you’ll be wasting your money if the card isn’t one of the types it handles.
Also, be aware that your college might give you a stern sermon / expel you / burn you at the stake if they see you use your hand instead of the “official” card: the reason why I suspect they would is because they think LF cards are secure enough to do micropayments with in the first place, which is pretty naive, ignorant and borderline reckless. Naive people in a position of authority are often very aggressive when you subvert the very thing they don’t understand, and will readily “lay down the law” and punish you for not doing exactly as you’re told.
Not saying you shouldn’t do this (you should imho ) but there is that aspect of things.
It would be nice if someone had something to identify the card with. I think that is currently the biggest issue.
Would it be any help if I took pictures of the variety of scanners on campus that my card works with and work backwards from there?
As to your second point, I’m going to try my best to stay out of sight (mostly use it for opening doors and clocking into work) but if I get caught it’s not the end of the world. I might receive a stern sermon but most of authority seems reluctant to expel people.
The thing with insecure systems is, they only work as long as everybody is honest and plays by the book. If you clone your card, you’ll mark yourself as someone ignoramuses think of as a “hacker”, and someone who, while you don’t mean the system no harm, knows know to. You’ll disturb their little illusion of security, and the way those people deal with a problem like that is to go all Ender on the “hacker”, to make double and triple sure their illusion is maintained.
So, if you know for sure the powers that be at your college are cool, or at least open-minded enough to listen to an intelligent explanation on what you did and why, by all means go for it. If you know them to be people who impose rules rigidly and don’t want to hear anything but “Yes Sir I will”, or if you don’t know how they’d react, maybe you shouldn’t. Only you know how far you can go too far.
Thanks for the advice. It has indeed surprised me.
If they tell me to stop, I do know that I will have to stop. But until then, I’m going to keep trying.
Although the security themselves might not take it too kindly, from what I have seen the actual disciplinary process is very lenient, so that’s why I’m not as concerned as I would be an any other college.
Sorry, I missed that, But still, I am not sure how particular the RC522 is outside of “Mifare” /ISO14443 I guess included in that is also I2C, but Do you know if it is capable of reading ISO15693, do you have those in your test cards?
I2C and ISO15693 are still HF ( and you would then be looking at an xSIID or xSLX respectively, but let’s not get ahead of ourselves ) , and YES, it is highly likely the card is LF, but if you were in a position to borrow a phone to test your card, before we start “chasing our tails”
Put it this way, It can’t hurt to do this step, Then we can focus on LF
Depending on the results of your NFC scan, That was going to be the next step.