Forum / MIFARE SDK / Creating app that can read mifare desfire card and then emulate card from phone
Tagged: mifare desfire
-
I need help.
please guide i want to create app which can read mifare desfire card and then emulate it as card when user takes it near to reader.
If it will work then this will help people to save money plus and will make easy to use faster than typical card because of phone always on hand.
please send me information or help me to make this app if it is possiable.
+ 0 | - 0
Hi Jay,
To communicate with a MIFARE DESFire EV1 on a smart phone, you can use the TapLinx SDK for Android. But the second part of your question will not work.
Please take in mind, the MIFARE DESFire EV1 is a high security product. You use it, because it allows encrypted communication with the reader terminal and protects the saved information. You cannot read the information out of the card if you do not have the keys for a valid authentication. This is the reason why this product is used.
Any emulation running in a smart phone as “user written software” is definitely NOT SECURE and can be compromised very easily. Nobody will accept such approach as secure solution.
The TapLinx team
+ 0 | - 0
so what is the recommended solution to have a 'mifare desfire ev1' card emulation on a smartphone for ie. students
+ 0 | - 0
any progress on this Steve? Wondering the same thing.
+ 0 | - 0
Hi Steve and Bryan,
Please read my answer to "have a MIFARE product on a phone or a wristband":
https://www.mifare.net/support/forum/reply/34776/
The TapLinx team
+ 0 | - 0
Thank you. Seems like the only way to offer a virtual card, or use a mobile device as a EV1 card is to go with your solution Mifare2Go.
Is Mifare2Go a service you all provide and charge for or is this an application that I'll need to write? If you all do charge for this, is there any documentation available?
Bryan
+ 0 | - 0
Hi Bryan,
I can hand-over special questions to one of my colleagues if you want. You can write to our team at: taplinx@nxp.com.
Please let me point it out, why a simple “emulation app” cannot be a solution. If you choose a NXP product, let say a MIFARE DESFire, then you want a reliant product which offers high security and protect your credentials. You can issue it to your end-users and you can be sure, card data cannot be read out if you protect the access. So, you can be confident using the MIFARE DESFire in your business with payment and access systems.
A card emulation app which does not use a Secure Element or other special hardware can be easily installed on any Android device. All credentials reside inside of the app. Please note, any installed Android app can be easily copied to another device. Any Android app can be analyzed easily, and your credentials can be read. Even if you think to encrypt the credential for protecting it, it must be decrypted if you want to use it. This decryption can be analyzed by an attacker and your credentials are lost. So, you would never use such app for payment or access systems.
Therefore, you must use special hardware to protect your data. For a respectable solution you must either take a third-party product or design your own wristband with a NXP NFC reader with a combined Secure Element. In this case you are the product owner and able to create a virtual MIFARE DESFire on this hardware. This approach is serious and secure.
The TapLinx team
+ 0 | - 0
-
AuthorPosts
Viewing 7 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic.