Password Protection for T2T Tags with ST25R200

Mark12 · ‎2025-08-04

Hi all,

I am using ST25R200 and NTAG215 from NXP. I configured RFAL to use T2T and NFCA

#define RFAL_FEATURE_LISTEN_MODE               false      /*!< Enable/Disable RFAL support for Listen Mode                               */
#define RFAL_FEATURE_WAKEUP_MODE               true       /*!< Enable/Disable RFAL support for the Wake-Up mode                          */
#define RFAL_FEATURE_LOWPOWER_MODE             true       /*!< Enable/Disable RFAL support for the Low Power mode                        */
#define RFAL_FEATURE_NFCA                      true       /*!< Enable/Disable RFAL support for NFC-A (ISO14443A)                         */
#define RFAL_FEATURE_NFCB                      false       /*!< Enable/Disable RFAL support for NFC-B (ISO14443B)                         */
#define RFAL_FEATURE_NFCF                      false       /*!< Enable/Disable RFAL support for NFC-F (FeliCa)                            */
#define RFAL_FEATURE_NFCV                      false       /*!< Enable/Disable RFAL support for NFC-V (ISO15693)                          */
#define RFAL_FEATURE_T1T                       false       /*!< Enable/Disable RFAL support for T1T (Topaz)                               */
#define RFAL_FEATURE_T2T                       true       /*!< Enable/Disable RFAL support for T2T                                       */
#define RFAL_FEATURE_T4T                       false       /*!< Enable/Disable RFAL support for T4T                                       */
#define RFAL_FEATURE_ST25TB                    false       /*!< Enable/Disable RFAL support for ST25TB                                    */
#define RFAL_FEATURE_ST25xV                    false       /*!< Enable/Disable RFAL support for ST25TV/ST25DV                             */
#define RFAL_FEATURE_DYNAMIC_ANALOG_CONFIG     false      /*!< Enable/Disable Analog Configs to be dynamically updated (RAM)             */
#define RFAL_FEATURE_DPO                       false      /*!< Enable/Disable RFAL Dynamic Power Output support                          */
#define RFAL_FEATURE_ISO_DEP                   true       /*!< Enable/Disable RFAL support for ISO-DEP (ISO14443-4)                      */
#define RFAL_FEATURE_ISO_DEP_POLL              true       /*!< Enable/Disable RFAL support for Poller mode (PCD) ISO-DEP (ISO14443-4)    */
#define RFAL_FEATURE_ISO_DEP_LISTEN            false      /*!< Enable/Disable RFAL support for Listen mode (PICC) ISO-DEP (ISO14443-4)   */
#define RFAL_FEATURE_NFC_DEP                   false      /*!< Enable/Disable RFAL support for NFC-DEP (NFCIP1/P2P)                      */

So far detecting the Tag and reading and writing works just fine by using:

rfalT2TPollerWrite
rfalT2TPollerRead

However, I am not sure how I can use the password protection feature from the nfc tag. I would like to be able to set a password and then to read and write from memory using the set password. What API Methods would I use for that? I am quite confused with all the different types and Feature configurations. I only want to use and support T2T tags, which should be able to handle password protection.

Brian TIDAL · ‎2025-08-04

Hi,

The rfal_t2t.c file implements NFC Type 2 Tag (T2T) commands as specified by the NFC Forum:

READ command
WRITE command
SECTOR_SELECT command

Password protection is a proprietary feature not defined by the NFC standard. It relies on a proprietary PWD_AUTH command (1Bh) described in the tag datasheet. To implement support for the PWD_AUTH command, duplicate the rfalT2TPollerWrite function as rfalT2TPollerPwdAuth and modify it to send the 1Bh command with the 4-byte password and to check the returned PACK value.

The rfalT2TPollerWrite function can be used to write various configuration pages to update AUTH0, PWD, and PACK values. For more details on the authentication, contact the manufacturer of this tag.

Rgds

BT

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

View solution in original post

Brian TIDAL · ‎2025-08-04

Hi,

The rfal_t2t.c file implements NFC Type 2 Tag (T2T) commands as specified by the NFC Forum:

READ command
WRITE command
SECTOR_SELECT command

Password protection is a proprietary feature not defined by the NFC standard. It relies on a proprietary PWD_AUTH command (1Bh) described in the tag datasheet. To implement support for the PWD_AUTH command, duplicate the rfalT2TPollerWrite function as rfalT2TPollerPwdAuth and modify it to send the 1Bh command with the 4-byte password and to check the returned PACK value.

The rfalT2TPollerWrite function can be used to write various configuration pages to update AUTH0, PWD, and PACK values. For more details on the authentication, contact the manufacturer of this tag.

Rgds

BT

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.