Need Help with Secure NFC Access Control System Implementation

kahlenberg · ‎2024-05-26

Hi everyone,

Me again 🙂

I'm working on an access control system project and would appreciate some assistance or advice. My goal is to use NFC cards (ISO 14443A) and smartphones (in card emulation mode) as access keys. Specifically, I want to ensure the security of the system beyond just reading the UUID of the card. I aim to read encrypted data from the card instead.

I should mention that I'm quite new to NFC technology and don't have extensive knowledge of NFC standards, NDEF messages, and related concepts. My main questions:

How can I enhance the security of my NFC access control system?
I want to read encrypted data from the NFC cards rather than just the UUID. What are the best practices for encrypting and securely storing data on NFC cards?
How can I record an encrypted message on an NFC card?
Are there any specific methods or tools that I should use to write encrypted data to the card? How can I ensure that this data can be read securely by the system?
How can I achieve this using the RFAL library?
I'm planning to use the RFAL library for this project, but the documentation is lacking. Can anyone provide guidance or examples on how to implement secure data reading and writing with this library? Also, why isn't the RFAL library available on GitHub, so that we can fork and port to another platforms?
Where should I start?
Any recommendations on resources, tutorials, or documentation that could help me get started with implementing secure NFC communication and access control?
Bluetooth out-of-band bondingIs it possible BT OOB pairing or bonding with RFAL? How?

Since I'm new to this field, any additional background information or beginner-friendly resources would be greatly appreciated.

Thank you in advance for your help!

Best regards,

Ulysses HERNIOSUS · ‎2024-05-27

Hi kahlenberg,

ad 5) our ST25 Embedded NFC lib has a pairing demo which emulates on ST25R3916(B) a T4T with an NDEF pairing message. Please have a look!

ad 1-4)

Security for banking, car keys, access, etc. is typically done through smart cards (ISO7816 commands on to of ISODEP over ISO144443). For an NFC reader these ISO7816 APDUs are basically a pass-through (e.g. rfal_isodep layer in rfal). In terms of cards ST offers: https://www.st.com/en/secure-mcus.html and also in the ST25 eco system an upcoming ST25TA-E

I hope that helps and gives you some pointers where to additionally look.

BR, Ulyssses

kahlenberg · ‎2024-05-28

Thank you for your response. I am also looking to emulate a smart card using an Android phone, but I haven't been able to find any apps that provide this functionality. Do you know of any apps that can simulate smart card operations?

Brian TIDAL · ‎2024-05-29

Hi,

regarding the Card Emulation app on android, are you looking just for an apk (in that case you will find some on Play Store with "NFC Card Emulation" or "NDEF Tag Emulation" key words) or are you looking for CE source code example to implement your own app?

Rgds

BT

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

kahlenberg · ‎2024-05-30

I am looking for an apk or app to test the functionality with RFAL library. Maybe later, I will develop my own app on Android.

Thanks.

Brian TIDAL · ‎2024-05-30

Hi,

some NFC CE apps are available on the Play Store (just search for "NFC Card Emulation" or "NDEF Tag Emulation").

Rgds

BT

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.