After reading a lot of questions, i decided to post this one. I read that stock version of android does not support API's for card emulation. Also, we cannot write custom applications to secure element embedded in nfc controllers due to keys managed by google/samsung.
I need to emulate a card (mifare or desfire etc). The option i can see is doing it via software. I have a ACR122U reader and i've tested that NFC P2P mode works fine with the Nexus-S that i have.
1) I came across a site that said that nexus s's NFC controller (pn532) can emulate a mifare 4k card. If this is true, can i write/read apdu commands to this emulated card? (Probably if i use a modded rom like cyanogenmod)
2) Can i write a android application that reads apdu commands sent from the reader and generate appropriate responses (if not fully, then upto some extent only). To do so, i searched that we need to patch nexus s with cynagenmod. Has someone tried emulating card via this method?
I see that this is possible since we have products from access control companies offering mobile applications via which one can open doors e.g. http://www.assaabloy.com/en/com/Products/seos-mobile-access/
Some facts that may be of help in your quest:
The NFC controller in the Nexus S (and Galaxy Nexus, Nexus 7 and quite a few other Android devices) is the PN544
Card emulation can be done either by the secure element connected to the NFC controller or by the host device (=Android device in this case). The Nexus S has a secure element that could be used for that (used in Google Wallet). Card emulation from the host device is not a feature of the PN544 NFC controller, although some claim that they have managed to get it working.
You can turn on card emulation by the secure element by rooting your device and following the instructions at https://stackoverflow.com/a/10506299/1202968 (haven't tried this with 4.x JB, but I assume that it still works).
Emulating a MIFARE Classic card can be done by the secure element in the Nexus S, but not by the host device. Emulating a DESFire card is not supported by the secure element in the Nexus S.
I have investigated a similar doorlock product that used card emulation itself to communicate to an NFC mobile device, while using card reader/writer mode to communicate to access control cards.
IMO, the 2 simplest options are: use P2P communication (Android Beam) or use card emulation in a reader device (if it supports it). All the other options require things like rooted devices and custom ROMs, which are not future-proof and have no possibility to be translated to a real product.
Card emulation via software is now available with Android 4.4. http://developer.android.com/guide/topics/connectivity/nfc/hce.html
2) Card emulation by software should definitely be possible, but not exposed in current Android APIs. You will have to dig deeper into the libnfc-nxp (and possibly below). This might be a difficult one though. This feature is offered on Inside Secure's chips, as shown in their OpenNFC reference implementation. The only question is whether it requires a CLF firmware change. If not, then you can hack it into a software image.
The caveats are, however, that you will lack the following features :
- security (an Android app is not as secure as a smartcard)
- fast and predictable response times (well, depends how you code it probably)
- card emulation running when phone is off
I believe SEOS is based on ISO14443-4 and not Mifare. This means you would need a secure element to run it.
1) Not too sure about this one, my guess is that this will still be hardware-based (e.g. depend on an embedded secure element such as NXP's SmartMX.
The other alternative is to start developing on a secure element. The most straightforward way would be to get some sample test SIMs with SWP/HCI support. There is a free dev kit called IzyNFC which you can use for the javacard, and GSMA and AFSCM technical documents for the Android application side.
Related
I know, there has been a few ppl asking this question but that was around the Time when Andriod 4.4 was still around. I found something in this Thread but im not sure if anything has changed since then.
Nothing in Android has changed, it's still not possible to emulate a non standard Mifare card unless the firmware of a specific chipset has the feature and you can hack it to enable it.
It's probably got even worse as there are more chipset suppliers for NFC in Android now and most of these don't even support reading Mifare cards never mind emulating them.
The only thing that might have made it better is more support for USB on the Go, which would allow you to use a NXP external USB reader that has Mifare emulation capabilities (no hacking needed for this)
I buy ACR122U SDK that has a acr122 reader,cd and cards and I try to test it. the reader detect the cards by changing its LED light from red to green but when I take my phone (NFC is turned on) near the reader,there is nothing happen.
How do I make the reader detect my phone? I have to install java card applet into my phone for letting my phone act as a contactless card?
Using the ACR122U NFC reader you have three options:
ACR122U in peer-to-peer mode: In peer-to-peer mode, you can communicate with an Android device using Android's built in Beam functionality. On the reader side you would need to implement the SNEP service (and the underlying LLCP + NFCIP-1 protocol stack). You can find examples, for instance, with ISMB-SNEP, NFC Tools and nfcpy.
ACR122U in card emulation mode: In card emulation mode the ACR122U can be used to emulate a tag/contactless smartcard that can be detected by an Android device just like any other NFC tag/contactless smartcard. You can find examples, for instance, with libnfc.
ACR122U in reader/writer mode: In reader/writer mode, the ACR122U can communicate with contactless smartcards. This goes into the direction of what takumar already posted in his answer. While you were stuck with the requirement of a secure element (which is typically difficult due to lack of access or even lack of an SE), with recent Android versions (specifically CyanogenMod 9.1+ or Android 4.4+), you have the option to use host card emulation (HCE) mode. See the Android documentation for how that works on Android 4.4 and later.
Your phone must be enabled for card emulation, not all are. Furthermore, you need to figure out where card emulation is routed to. This can be the SIM or some embedded secure element. Once that is done, you can think of deploying the application onto a test SIM (it is very unlikely that you'll ever get the keys to the embedded secure element). Working with an AOSP build of Android (for instance on the Nexus 5) helps because you can set the route. Test SIMs with test keys can be bought online I believe. Once you have one, you can use GPShell to install the application. Good luck.
I'm searching for a way to send specific commands from my phone to a reader.
I have already read that card emulation is not supported on android due to securtiy reasons, but it is possible via a firmware patch for android 2.3.4 on the Nexus S.
My main question is, do I really need card emulation to send defined APDUs to the reader and to recieve the answer APDUs or is there any other posibility maybe by misusing android Beam?
If I need to use card emulation are there any new insights?
The last posts, few posts I found are nearly one year old...
As adiditional information in the end I will not have any control over the reader.
Thanks for answering and on any new insights on card emulation.
It's possible in Android KitKat 4.4.
Check out this link, more information will be added soon I belive.
http://developer.android.com/guide/topics/connectivity/nfc/hce.html
What you are trying to achieve is somewhat candid. The reason smart cards are being used in NFC is because the NFC protocol is built in such a way that it is not possible to know the correct response in advance. There is always a secret involved, and you can't just guess it. Otherwise there would be a major security flaw in all the systems using contactless smartcards (building access control,
You can't just spy on the protocol, save the exchanges, and replicate them in some software, on most applications this will fail. There will be some random value at some stage, and some crypto computation to perform.
In order to emulate a card with the phone, you need a secure element (smartcard chip on the phone or the SIM card in your phone), and you need the NFC chip in your phone to route card emulation APDUs to this secure element (this is probably what the patch you are referring to is doing).
There are ways to do card emulation in an Android application, but I suspect this will require substantial patching, and you will not have predictible response time, so your reader might not like it. Also this will prevent card emulation from working when your phone is off (battery delpleted for instance).
I have an android phone (nexus s, sdk v15) which shall send a string to a development board running in nfc-reader/writer-mode by using tag-emulation. I know this is not officially supported by android, so I could do it natively by accessing the driver directly(?).
Is there any example out there where anyone has done this before or an app which does this (and preferably is open source?)
I found some stuff on google where it is generally advised not to do this, or where people talk about how it would be possible or how they've (very generally) done it, but I couldn't find any code or precise advice.
I don't want to access the secure element or do any smartcard stuff that needs to be approved by the vendor/provider. I just want to transfer the string. I also know this could be done by the android api methods via p2p, but this doesn't work well with the board, so I give this approach a try.
For a device running stock KitKat 4.4
With Android KitKat 4.4 the ability to have the phone act as an NFC card is built into the operating system so you no longer have to rely on Cyanogenmod or a custom ROM. It won't let the phone act as a Mifare Classic tag per se but I've had great results in getting my phone to communicate with an ACR122 reader so I'd definitely recommend this option if you can get 4.4 on your device.
If you're wanting to run below 4.4 and are willing to use Cyanogenmod
It is possible to load applications onto your device and have them communicate with a reader via NFC quite easily however you must be running Cyanogenmod, this feature is present from CM 9.1.
Wanting to run on Gingerbread (the old answer)
Yes it is possible and there's been a patch put out there for 2.3.4 to enable it, I'll post a few links for you to have a read of.
They do require flashing a 2.3.4 Gingerbread ROM to your device along with some other patches to enable the card emulation features so if you're not willing to do that then they won't be of much use but as far as I'm aware it's the only way to get it working. I haven't actually tested this myself but user comments suggest it works.
Here is a link to a blog describing the whole process: http://techshek4u.blogspot.co.uk/2012/01/applying-card-emulation-patch-to_03.html
Here is a link to the original forum post with the patch for 2.3.4 to enable it:
http://forum.xda-developers.com/showthread.php?t=1281946
And a link to the original discussion where various developers are trying to get it working, depending on your technical knowledge of Android and NFC this could be more or less interesting: https://groups.google.com/forum/#!msg/android-developers/1fw1qfFqpGc/6dlzvTqExN4J
Caution: According to NFCGuy from his answer "Don't bother with downgrading your phone to GB if it is running ICS. You cannot downgrade the NFC firmware to be compatible again with GB, so NFC will simply not work if you flash your device with GB."
If you root your device, it is possible to create an app that turns on the card emulation mode. It is not too difficult, see e.g. https://stackoverflow.com/a/10506299/1202968.
However, card emulation is completely handled by the Secure Element. Your app has no access to the data that is being transferred. The only way to get control over that would be to create and install a Java Card applet on the Secure Element. However, to be able to do that you need acces to secret authentication keys that are only known to Google.
PS: Don't bother with downgrading your phone to GB if it is running ICS. You cannot downgrade the NFC firmware to be compatible again with GB, so NFC will simply not work if you flash your device with GB.
Host card emulation is now officially supported by Android, according to http://developer.android.com/guide/topics/connectivity/nfc/hce.html
I´ve been reading a lot about NFC, card emulation and etc.... I found two very helpful posts about this issue:
Android and Symbian NFC mobile development questions and answers (FAQ)
http://forum.xda-developers.com/showthread.php?t=1281946
Reading them I realized that it is quite complicated to write an application to make a payment.
Since I just want to see "something" working I'd like to ask the more experienced people if using the patch provided at xda-developers forum (second link above) would be enough just to write an appication that would open some door ou register/authorize someone´s entrance at an event (provided that I have a NFC device to properly interact with my phone, of course).
Thank you all
Payment is mostly impossible since you don't have the keys for the JavaCard card manager, better forget about it. Additionally, to write a Visa, etc compatible payment applet, you
need access to their specs, which means signing NDAs, paying money, etc.
Apparently the Mifare chip has stock keys, so you can modify it. So if you have a reader, and a device (door, etc.) that uses Mifare cards, you might be able to get it work. The thread also mentions that you might be able to clone your transport card. But:
you need to build your own firmware and flash it on a rooted phone
you may need to port the patches to whatever is the current GB version (2.3.7) or use exactly the same (old) tag
You need to do a lot more reading :)
In my opinion, you shouldn't bother with trying the patches on XDA Developers, especially if you are considering using Android 4.0 ICS. Android 4.0 already has built-in functionality on the Nexus S and Galaxy Nexus phones to enable card emulation. Drawback: you need a rooted phone to make it all work (see e.g. How to obtain NFCEE_ADMIN permission on rooted phone? for an example of someone succeeding).
A perhaps simpler approach is using NFC peer-to-peer communication ("Android Beam") with an external reader. This can work with any Android NFC device using a simple app to push the necessary data to the reader. Provided the reader support peer-to-peer communication, this is far the easiest solution. It would require some development work on the reader side, though, see http://code.google.com/p/ismb-npp-java/wiki/NppFromPhoneToACR122 for an example of this approach.