Android NFC card emulation / use phone as card - android

I'm searching for a way to send specific commands from my phone to a reader.
I have already read that card emulation is not supported on android due to securtiy reasons, but it is possible via a firmware patch for android 2.3.4 on the Nexus S.
My main question is, do I really need card emulation to send defined APDUs to the reader and to recieve the answer APDUs or is there any other posibility maybe by misusing android Beam?
If I need to use card emulation are there any new insights?
The last posts, few posts I found are nearly one year old...
As adiditional information in the end I will not have any control over the reader.
Thanks for answering and on any new insights on card emulation.

It's possible in Android KitKat 4.4.
Check out this link, more information will be added soon I belive.
http://developer.android.com/guide/topics/connectivity/nfc/hce.html

What you are trying to achieve is somewhat candid. The reason smart cards are being used in NFC is because the NFC protocol is built in such a way that it is not possible to know the correct response in advance. There is always a secret involved, and you can't just guess it. Otherwise there would be a major security flaw in all the systems using contactless smartcards (building access control,
You can't just spy on the protocol, save the exchanges, and replicate them in some software, on most applications this will fail. There will be some random value at some stage, and some crypto computation to perform.
In order to emulate a card with the phone, you need a secure element (smartcard chip on the phone or the SIM card in your phone), and you need the NFC chip in your phone to route card emulation APDUs to this secure element (this is probably what the patch you are referring to is doing).
There are ways to do card emulation in an Android application, but I suspect this will require substantial patching, and you will not have predictible response time, so your reader might not like it. Also this will prevent card emulation from working when your phone is off (battery delpleted for instance).

Related

Use Phone NFC Chip to emulate Mifare card

I know, there has been a few ppl asking this question but that was around the Time when Andriod 4.4 was still around. I found something in this Thread but im not sure if anything has changed since then.
Nothing in Android has changed, it's still not possible to emulate a non standard Mifare card unless the firmware of a specific chipset has the feature and you can hack it to enable it.
It's probably got even worse as there are more chipset suppliers for NFC in Android now and most of these don't even support reading Mifare cards never mind emulating them.
The only thing that might have made it better is more support for USB on the Go, which would allow you to use a NXP external USB reader that has Mifare emulation capabilities (no hacking needed for this)

Card emulation via software NFC

After reading a lot of questions, i decided to post this one. I read that stock version of android does not support API's for card emulation. Also, we cannot write custom applications to secure element embedded in nfc controllers due to keys managed by google/samsung.
I need to emulate a card (mifare or desfire etc). The option i can see is doing it via software. I have a ACR122U reader and i've tested that NFC P2P mode works fine with the Nexus-S that i have.
1) I came across a site that said that nexus s's NFC controller (pn532) can emulate a mifare 4k card. If this is true, can i write/read apdu commands to this emulated card? (Probably if i use a modded rom like cyanogenmod)
2) Can i write a android application that reads apdu commands sent from the reader and generate appropriate responses (if not fully, then upto some extent only). To do so, i searched that we need to patch nexus s with cynagenmod. Has someone tried emulating card via this method?
I see that this is possible since we have products from access control companies offering mobile applications via which one can open doors e.g. http://www.assaabloy.com/en/com/Products/seos-mobile-access/
Some facts that may be of help in your quest:
The NFC controller in the Nexus S (and Galaxy Nexus, Nexus 7 and quite a few other Android devices) is the PN544
Card emulation can be done either by the secure element connected to the NFC controller or by the host device (=Android device in this case). The Nexus S has a secure element that could be used for that (used in Google Wallet). Card emulation from the host device is not a feature of the PN544 NFC controller, although some claim that they have managed to get it working.
You can turn on card emulation by the secure element by rooting your device and following the instructions at https://stackoverflow.com/a/10506299/1202968 (haven't tried this with 4.x JB, but I assume that it still works).
Emulating a MIFARE Classic card can be done by the secure element in the Nexus S, but not by the host device. Emulating a DESFire card is not supported by the secure element in the Nexus S.
I have investigated a similar doorlock product that used card emulation itself to communicate to an NFC mobile device, while using card reader/writer mode to communicate to access control cards.
IMO, the 2 simplest options are: use P2P communication (Android Beam) or use card emulation in a reader device (if it supports it). All the other options require things like rooted devices and custom ROMs, which are not future-proof and have no possibility to be translated to a real product.
Card emulation via software is now available with Android 4.4. http://developer.android.com/guide/topics/connectivity/nfc/hce.html
2) Card emulation by software should definitely be possible, but not exposed in current Android APIs. You will have to dig deeper into the libnfc-nxp (and possibly below). This might be a difficult one though. This feature is offered on Inside Secure's chips, as shown in their OpenNFC reference implementation. The only question is whether it requires a CLF firmware change. If not, then you can hack it into a software image.
The caveats are, however, that you will lack the following features :
- security (an Android app is not as secure as a smartcard)
- fast and predictable response times (well, depends how you code it probably)
- card emulation running when phone is off
I believe SEOS is based on ISO14443-4 and not Mifare. This means you would need a secure element to run it.
1) Not too sure about this one, my guess is that this will still be hardware-based (e.g. depend on an embedded secure element such as NXP's SmartMX.
The other alternative is to start developing on a secure element. The most straightforward way would be to get some sample test SIMs with SWP/HCI support. There is a free dev kit called IzyNFC which you can use for the javacard, and GSMA and AFSCM technical documents for the Android application side.

is card emulation implemented through libnfc-nxp library in Android?

I know NFC functionality is implemented in libnfc-nxp library in Android. So, does it mean that card emulation functionality is defined and implemented there, too? To be more specific, I have a phone in card emulation mode, my CPR 40.30 reader, however, cannot read nor write to the card emulated in it, as it doesn't even recognize the type of transponder.Although it can read the UID when touching the phone to it. When I asked someone for help, he asked me if I wanted to work with libnfc-nxp library.This is why I'm curious about this library and to know if I can modify it so that I can access card emulated in secure element. Any help will be very grateful
The actual card emulation is done by the embedded Secure Element in the NFC chip in Android NFC devices that use libnfc-nxp as the driver library. The library itself is only used to turn card emulation on or off.
Can you post the UID your reader is receiving from the phone? I do have the doubt that your reader is detecting an NFC target (and not the emulated card). If the ID starts with 0x80 (or ends -- depending on the byte order), it is the anticollision ID of an NFC Target.

How to make an android phone act as Contactless smart card?

I would like to know how to make the android phone act as contactless card to transfer certain data to POS. Is there any specific Intent we should try to catch and how to communicate with that eternal POS via NFC.
I am afraid it is not directly possible. You need to enable NFC Card emulation which involves recompiling a custom firmware image. I am not aware if beyond Android 2.3.6 emulation is already enabled by default (so Google Wallet can be used). If you want to enable card emulation by recompiling the system by yourself here you have more information. At any rate secure element of the emulated card can not be accessed (see information following the links) directly from an application by any means.
In order to contact with a contactless smart card you need to use the pending intents and foreground dispatch. Now regarding the contactless terminal i'm not sure.

NFC payment demo with Samsung Nexus

I´ve been reading a lot about NFC, card emulation and etc.... I found two very helpful posts about this issue:
Android and Symbian NFC mobile development questions and answers (FAQ)
http://forum.xda-developers.com/showthread.php?t=1281946
Reading them I realized that it is quite complicated to write an application to make a payment.
Since I just want to see "something" working I'd like to ask the more experienced people if using the patch provided at xda-developers forum (second link above) would be enough just to write an appication that would open some door ou register/authorize someone´s entrance at an event (provided that I have a NFC device to properly interact with my phone, of course).
Thank you all
Payment is mostly impossible since you don't have the keys for the JavaCard card manager, better forget about it. Additionally, to write a Visa, etc compatible payment applet, you
need access to their specs, which means signing NDAs, paying money, etc.
Apparently the Mifare chip has stock keys, so you can modify it. So if you have a reader, and a device (door, etc.) that uses Mifare cards, you might be able to get it work. The thread also mentions that you might be able to clone your transport card. But:
you need to build your own firmware and flash it on a rooted phone
you may need to port the patches to whatever is the current GB version (2.3.7) or use exactly the same (old) tag
You need to do a lot more reading :)
In my opinion, you shouldn't bother with trying the patches on XDA Developers, especially if you are considering using Android 4.0 ICS. Android 4.0 already has built-in functionality on the Nexus S and Galaxy Nexus phones to enable card emulation. Drawback: you need a rooted phone to make it all work (see e.g. How to obtain NFCEE_ADMIN permission on rooted phone? for an example of someone succeeding).
A perhaps simpler approach is using NFC peer-to-peer communication ("Android Beam") with an external reader. This can work with any Android NFC device using a simple app to push the necessary data to the reader. Provided the reader support peer-to-peer communication, this is far the easiest solution. It would require some development work on the reader side, though, see http://code.google.com/p/ismb-npp-java/wiki/NppFromPhoneToACR122 for an example of this approach.

Categories

Resources