xEM compatibility

Hello! New to everything here and have spent a lot of time reading and researching, but still a little unclear and confused on some things (overload of information!). Apologies in advance if I ask anything naive - learning as much as I can! I was hoping to get an xNT or xEM (+ a vivokey) in the next few months and wanted to ask if either would be compatible with my building’s system.

My building uses the AWiD “KT-AWID-GT-0” fob which is LF 125kHz but I’m wondering if I can add my implant UID to the roster (not so interested in diving into cloning yet), seeing as the AWiD page says they use proprietary encryption. Encryption & compatibility is where I get a little confused.

I’m 90% sure this is the reader the building has (it’s pretty old).

If it seems unlikely the xEM would work (not even sure management would agree to it) I’ll settle for an xNT for other uses. I did read the other forum post about cloning apartment fobs, my phone won’t read this fob and cloning is a little beyond me at this point so… not gonna bother with that for now.

1 Like

That’s an awesome start, and appreciated. Also thanks for the links, it makes helping easier :+1:

First things first, personally I am not familiar with AWiD “KT-AWID-GT-0”, SO I will help do some research for you, hopefully somebody else on here can answer that for you.

I would however suggest you get a NExT (xEM + xNT 2in1) if the xEM side works then that is a win, If not, you will have the LF 125kHz for futureproofing ( there is a lot of LF out in the world ), and you will have an HF for the other uses you mention. NExT has free postage in North America and Free postage if your order is over $150 I think.

Let me do some research and see if I can find anything more for you…

SO I am not 100% on this but relatively confident ( If it was for me, I would “give it a crack” ) it looks like AWiD IS compatiable with xEM and NExT ( Also I dont think it is capable of encryption!!! ), HOWEVER it looks like you will need a ProxMark or at least access to one.
I see you say

Something for you to consider
DT cloning-service so it can be done before you buy and loaded onto the implant for you, you would just have to send you access card away so can cause you some issues if you don’t have a spare.
You probably want to check this with DT first

The xEM and NExT come by default in EM41** mode but I believe it needs to be in T5577.
So again would need to have mode changed with ProxMark.

In short, I am pretty sure (90%) it can be done, but you will need to decide on what you want.

There is a 87.9472% chance they are full of shit and this nothing more than a bold faced lie. When HID was heavily selling ProxCard, a totally insecure easily readable 125kHz proximity card, they sold it as “highly fortified, heavily secure” blah blah blah… I’m actually surprised there have not been any class action lawsuits here.

If you have a spare AWiD fob, send it to me and we’ll give it a test. Let me know if you’re interested and I’ll PM you the address to send it to.


After reading their “data sheet”, I’m 99.9999% convinced they are full of complete and total crapola and this fob is no different from any other AWiD transponder - totally insecure and easily clonable.

See the difference… the website is managed by marketing people, while the product and sheets are typically managed by engineers… you will not find a single mention of “cryptography” or “encryption” anywhere in the product sheet… that’s because engineers are more honest and, let’s face it, just better human beings in general than slimy lying marketing people.


Also thanks @amal, looks like you covered it all in the time it took me just to update my post above.

1 Like

Indeed, I have heavily secure, highly fortified HID clone in my hand.

I don’t think that’s the reason: it’s just that marketdroids are paid to make promises while engineers are paid to deliver actual features. The former can lie or bend the truth because what they promise is open to interpretation (e.g. “this car is fast and comfortable”) while the latter describe reality and have no room for lies (e.g. “this car has a 4-cylinder, 60kW engine and the skai-clad seats have 2 manual adjustment levers”)

I was picking apart Kantech “Extended Secure Format” the other day. They’re using a 26 bit Wiegand protocol (very common) with three “layers of added security”.

Their first “layer” was Frequency Shift Keying (FSK), which is a common demodulation scheme for reading LF cards. The second “layer” was flipping every bit (bitwise NOT). The third “layer” was adding a some header and trailer bits that are just noise, to bring the total to 39 bits.

None of that is “encryption”, it’s just obfuscating bullshit.

1 Like

Just a heads up @Pilgrimsmaster. The chip is called a T5577 (actually ATA5577C). On the proxmark forums they’ll also refer to it as t557x because there’s other types.

EM4100 is a configuration used to emulate a specific type of card. So is HID. To get the T5577 chip into those modes, you need to change the information in block 0 of the chip’s memory.

1 Like

Technically yes, legally no.

I won’t go into details, but back in 2000, I was sued under the DMCA by a dot-com bubble company because I had written a Linux driver for a product they made that “encrypted” its output with a simple XOR. They almost bankrupted me before they went bankrupt themselves, because their business plan was utter crap - luckily for me. That’s part of the reason why I left the US forever and I now live happily in Europe.

So yeah, if you’re half clever, you’ll figure out pretend encryption in a matter of minutes. But get caught exploiting it, or release code to exploit it, and you’re looking at years of legal hell - at least in the Land of the Fee, Home of the Slave.


Thank you to everyone who replied! It has been great reading so much of this forum, everyone is very willing to help and it is super appreciated!

I will most likely go with the NExT and hopefully snag a Spark 2 at the same time. Has the Ultimate MAX kit been replaced by the red/white bundles?

@amal I think I might send you my fob and add the DT Cloning Service with my order. (thanks for linking that @Pilgrimsmaster)

To slightly change the topic, I’m excited dor the Vivokey Apex line as is everyone else - from my understanding, getting a Spark 2 will still be worth it as more of a personal identifier to work in conjunction with the Apex, yes?

I also realise that Vivokey functionality is constantly improving though most of the info is on the Vivokey forums (looking dorward to joining!) but can the Spark 2 be used with 2FA services like Google Authenticator now or in the forseeable future?

1 Like

Yes you are correct in about the Spark being a personal identity that can work in conjunction with the Apex line.

The spark does not however support 2FA like Google authenticater due to it not being able to run Java Applets like the Apex and VivoKey flex lines.

You can deploy login schemes though with the Spark, as some of us here use our Sparks to login on the DT forums, or the VivoKey forums or my word press site.


Ahh yes, I got confused with the flex! Thanks for the clarification :slight_smile:

1 Like