As the HCE was implemented in the version 4.4, I could not find information of how to write in an emulated card.
The android website has a sample of card emulation and a sample of to read the card, but I could not find information about the possibility of writing in a emulated card and how to do it.
I am developing a application that will read an emulated card, it will modify the card and write it again.
Someone know if it's possible and how can I do it?
The question "How [do I] write in a [Android HCE] emulated card?" does not really match the concept of Android HCE.
With Android HCE you do not emulate a memory card, hence there is no such thing as writing to/reading from such an emulated card by default. Instead, you emulate an APDU based smartcard application (note: application, not memory area, not whole card). APDUs are commands that you can send to a card (for instance with a PC/SC-compliant contactless smartcard reader). These commands are then interpreted by your emulated smartcard application (i.e. your HCE service) and used to generate response messages.
So, to summarize, you define the commands (based on ISO 7816-4 APDU structure) that your application should understand and the response message format (again based on ISO 7816-4 APDU structure) that your application sends back.
There are some ISO 7816-4 based commands listed in this link:
http://www.cardwerk.com/smartcards/smartcard_standard_ISO7816-4_6_basic_interindustry_commands.aspx
I've based my communication is this commands, mainly in the item 6.6.
Related
I am making a Host Card Emulation app on Android, everything works fine with my PC/SC reader. I am able to send APDU commands and get the reponses. Now I want to know if it's possible to manipulate the ATR of the card emulated by Android using Android's NFC library (or not)? I have looked into the documentation but there's nothing about the ATR, does Android generate it automatically for each device?
Yes, Android generates the answer-to-select (ATS) automatically. There is no Android API to change its contents. The same applies to the anti-collision identifier (UID).
ATS vs. ATR
Note that contactless smartcards (ISO/IEC 14443-4A) do not expose an ATR (answer-to-reset) during the activation sequence. Instead, they provide an ATS (in response to the selection procedure). PC/SC readers for contactless smartcards typically map parts of that ATS into an (emulated) ATR for compatibility.
Rooted devices
Even though Android does not provide an API, you might be able to modify values such as the ATS by modifying the NFC controller configuration files. See Editing Functionality of Host Card Emulation in Android and Host-based Card Emulation with Fixed Card ID
We have a ACR 1252u NFC card reader. We want to read/write NFC cards on Android with this device. The problem is that this device is not seen as a NFC device but as a USB device instead. Therefore native Android NFC can not be used. Currently we are able to detect the device and to trigger an event by adding or removing a card. But we are neither able to read nor to write a card. In the documentation we found some HEX codes that are transmitted to the device, but we did not figure out how they work in order to read/write cards. Also on the net we found some example codes using other ACR devices but obviously they are not compatible to our one.
I am looking for any working examples in order to get the ACR1252u reading/writing NFC cards on Android.
The reader is a USB CCID (chip card interface device, see http://www.usb.org/developers/docs/devclass_docs/) device. Hence, you need to implement the PC/SC abstraction layer (see http://www.pcscworkgroup.com/specifications/overview.php) or use some ready-made library in order to send smartcard commands to that reader.
I am trying to develop an Android application for a hospital. In this system there is a need to get the patient information stored in the database in the android phone into the desktop computer using NFC technology. Is there anyway where I could use a NFC USB Reading device (ACR122U NFC Smart Card Reader RFID Writer 5 Mifare USB) to transfer the data from the mobile phone to my desktop computer?
The real scenario for this would be, in a hospital when a person wants to take some test results he will reach to the counter and place the mobile device on the NFC reader device installed at the counter when this is done all the details about the patient should be transferred to the desktop machine at the counter.
I don't want to transfer a lot of information if there is any way in which I could transfer the patient id stored in the mobile database into the desktop using NFC that would be enough.
Depending on what NFC devices you want to use in combination with the ACR122U NFC reader you multiple options:
If you only need to exchange a single message (data packet) in a single direction, you could use peer-to-peer mode. However, the peer-to-peer protocol stack is relatively complex (in comparison to the other alternatives). Moreover, Android's built in Beam functionality will request user confirmation (Beam UI) for every message transfer.
If you only need to support Android devices with Android 4.4 or later (and even then not all Android NFC devices are supported, see this), you could use the ACR122U in reader/writer mode. In reader/writer mode, the ACR122U can communicate with contactless smartcards. See the reader's manual on how to access such ISO/IEC 14443-4 contactless smartcards. On the Android side, you would use the host-based card emulation (HCE) mode. See the Android documentation on how that works on Android 4.4 and later.
In my opinion the best option would be to use the ACR122U in card emulation mode. In card emulation mode the ACR122U can be used to emulate a tag/contactless smartcard that can be detected by an Android device just like any other NFC tag/contactless smartcard. You can find examples, for instance, with libnfc. Also see this answer on how to bring the ACR122U into card emulation mode. This option can be used across all Android versions (and on BlackBerry and with some additional effort to some extent even on Windows Phone). With this scenario, the phone would take the reader (interrogator) part in the communication and the ACR122U (and the connected PC) would be the card (controlled component). Using techniques like inverse reader mode you could reverse that relationship.
You could use the host based card emulation for exchanging the data: http://developer.android.com/guide/topics/connectivity/nfc/hce.html
Or alternatively the p2p communication:
http://developer.android.com/guide/topics/connectivity/nfc/nfc.html#p2p
Now that Android supports Card Emulation on the Nexus 5 with Android 4.4, is it likely that some apps may become available that allow me to effectively duplicate a smartcard (e.g. Smart Card that opens doors in my office) and use my phone in their place?
Would be pretty handy.
Cheers!
No, this is not likely. Typically, copying/cloning arbitary cards using Android HCE is not possible.
Many access control systems use the card ID (UID) to identify the card (or even to make an access control desicion!). With Android HCE, an app cannot set the emulated card ID.
Many access control systems use cards/acces tokes that are not based on ISO 14443-4 (ISO-DEP) + ISO 7816-4 smartcard protocol. With Android HCE an app can only emulate smartcard applications that use ISO 7816-4 APDUs and application structure.
Even if the access control system does not use the card ID and uses an ISO 7816-4 smartcard application, it is very likely that the card contains some cryptographic secret (secret key) that cannot be extracted from the card through smartcard commands.
I'm likely to be working on a project where existing Desfire cards (used to access paid services) will be replaced with an NFC-capable mobile device. Can anyone point me to any resources to help me understand what's involved in a) replicating a Desfire card's data onto a mobile device so it can take the place of a card, and b) for the app to deliver NFC data in order to present to the reader as if it were a card. All relevant keys and access will be provided by the card issuer (if the project goes ahead) but I'm keen to understand the process in advance.
I also need to understand how well the Android NFC API supports Desfire, because as far as I can see it only properly support Classic. http://developer.android.com/reference/android/nfc/tech/package-summary.html
MIFARE DESFire is ISO 14443-4 compliant. Support in Android for ISO 14443-4 (and therefore MIFARE DESFire) is done by the IsoDep class. You can send any DESFire command using the transceive() method of that class.
Besides that, DESFire can be configured to be NFC Forum type 4 Tag compliant. In which case Android will read out automatically any NDEF messages from the tag and dispatch it in an intent. So you can make your app start automatically when a specific tag is scanned. (Android can also format a DESFire chip to contain NDEF and write NDEF data to it.)
Replacing a DESFire card by a mobile NFC device is another matter. Card emulation on currently available Android devices is done by an embedded Secure Element connected to the NFC chip. An Android app cannot emulate a card (there is also no API for this) and the Secure Element cannot emulate a DESFire chip. Furthermore, there is no open API to access the Secure Element from an app.
The only way an Android NFC app can communicate via NFC to another device (that is not a card) is using Android Beam. This is, however, a different protocol than that used between card and reader.
NFC guy answer is excellent, but a bit outdated, so I decided to add an update.
Starting with KitKat (4.4), you can now emulate cards without a secure element.
It is called Host-based Card Emulation (Hce) and with that you can emulate a ISO 14443 type A card.. Like a desfire card.
There are two small caveats:
your reader must issues, just after polling the "card", a ISO SELECT (aid), with a fixed application id (aid) of your choice. This AID must be registered in your app manifest. Android will intercept this ISO SELECT, read the aid, and call you only if it matches with the one in your manifest.
Then you can exchange anything, it does not even have to be ISO APDUs (ISO 14443 encapsulation is done by android). So, for example, if you want to, you can even emulate the challenge response authentication of desfire (0xA0 key_num, 0xAF challenge, 0xAF response, 0x00 session_key)
you cannot rely on the UID (but you don't, right? This is a bad practice anyway, so no-one does it... right? :) ) because it is random, and it changes constantly (not inside a single session, of course, but...)
We are emulating our desfire cards, and the only change we had to do was to switch from our initial desfire select application (0x5A) to a ISO SELECT (0x00 0xA4 0x04).
Emulating authentication (the challenge-response thing) can be tricky, but we had already done it "the other way around" (using NFC to read desfire cards), so it was easy for us.
And if you rely on the card UID for authentication.. it's a good time to change it :)
Given your situation, i would say Android SDK is more than sufficient to solve your problem.
There are two parts to your case:
Reading the information from the existing cards.
Making an app with the information you have read from the cards.
Part 1:
Your only worry has to be in reading the DESFire card. If the information in the DESFire card is stored in NDEF format, it makes things even more easy.
Ndef is a class in the SDK which can be used to retrieve the information in NdefMessage type which you can then use to save the retrieved information into your storage facility, be it a local database, or a remote database, or just in the application memory.
The above is under the assumption the card is not protected. If it is, then you have to use transceive function to interact using raw byte communication. This would unlock for the rest of the information to be read. From here you can read the NDEF records.
Part 2:
My suggestion is skip the card emulation aspect of it. You are going to hit a wall at some point in time.
If the device that has been reading the card in the existing solution is attached to an android device, then Android Beam is the way to go. Which is nothing but Android App to Android App communication! Android already does the heavy lifting, so most of your work is going to be easy.
The information on the card can be stored as ndef messages and sent through beam, or you can simply create a custom object and send it through.
You may want to look at Mifare4Mobile, the initiative set up to transition from Mifare cards to NFC devices:
http://mifare4mobile.org/