Phone NFC to open doors?
#1
FlyerTalk Evangelist
Original Poster
Join Date: Nov 2002
Location: ORD
Posts: 14,231
Phone NFC to open doors?
It would be super convenient if I could use my iPhone's NFC chip to impersonate my work proxy card, so I don't need to carry my wallet (or fish the card out of it) to go between floors. Is this sort of thing at all possible?
#3
FlyerTalk Evangelist
Original Poster
Join Date: Nov 2002
Location: ORD
Posts: 14,231
That's actually a good idea. Why didn't I think of that?
Proxy cards don't do any crypto. They just send their static serial number to the door reader (well, the reader induces a current in the antenna embedded into the card, which is enough to power a tiny chip that sends its serial number). Actually, I think they send a facility number (1-256) and a serial number (1-65536). The computer running the thing then determines if that serial number is authorized to access the door. So you need is to get the phone's NFC chip to send the correct facility and serial numbers.
I don't know if NFC on the phone uses the same frequencies as door proxy cards, though.
Proxy cards don't do any crypto. They just send their static serial number to the door reader (well, the reader induces a current in the antenna embedded into the card, which is enough to power a tiny chip that sends its serial number). Actually, I think they send a facility number (1-256) and a serial number (1-65536). The computer running the thing then determines if that serial number is authorized to access the door. So you need is to get the phone's NFC chip to send the correct facility and serial numbers.
I don't know if NFC on the phone uses the same frequencies as door proxy cards, though.
#5
Join Date: Dec 2009
Location: RDU
Programs: DL DM+(segs)/MM, UA Ag, Hilton DM, Marriott Ti (life Pt), TSA Opt-out Platinum
Posts: 3,223
Proxy cards don't do any crypto. They just send their static serial number to the door reader (well, the reader induces a current in the antenna embedded into the card, which is enough to power a tiny chip that sends its serial number). Actually, I think they send a facility number (1-256) and a serial number (1-65536). The computer running the thing then determines if that serial number is authorized to access the door. So you need is to get the phone's NFC chip to send the correct facility and serial numbers.
#6
Join Date: Aug 2008
Location: Somewhere in Florida
Posts: 2,618
Some cars allow you to use NFC in place of the keys.
As far as proximity card readers, they're on a completely different frequency than NFC. Depending on what sort of prox card system is in place, you can clone it to a new card.
Now, you can use an NFC-enabled phone to skim contactless credit cards... but that's a whole other discussion.
As far as proximity card readers, they're on a completely different frequency than NFC. Depending on what sort of prox card system is in place, you can clone it to a new card.
Now, you can use an NFC-enabled phone to skim contactless credit cards... but that's a whole other discussion.
#8
FlyerTalk Evangelist
Original Poster
Join Date: Nov 2002
Location: ORD
Posts: 14,231
I did put my proxy card sandwiched in my phone case behind the phone, and it works just fine. Thanks for the idea!
#9
Join Date: Aug 2008
Location: Somewhere in Florida
Posts: 2,618
#10
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
Phone NFC to open hotel doors has definitely become more common in some parts. But I've also noticed how some hotels that used to provide my wifi-connected phones with mobile phone keys are no longer doing so unless I first enable the phone's cellular network. I haven't cared to look into what caused the changed requirement at some hotels to get mobile phone/NFC keys on my iOS devices, but something definitely changed on the hotel side in some parts.
I have to assume there are some offices that have mobile phone keys using NFC even as there are some employers who would prefer not to have phone NFC as an option for employees to unlock doors.
I have to assume there are some offices that have mobile phone keys using NFC even as there are some employers who would prefer not to have phone NFC as an option for employees to unlock doors.
#11
FlyerTalk Evangelist
Original Poster
Join Date: Nov 2002
Location: ORD
Posts: 14,231
Phone NFC to open hotel doors has definitely become more common in some parts. But I've also noticed how some hotels that used to provide my wifi-connected phones with mobile phone keys are no longer doing so unless I first enable the phone's cellular network. I haven't cared to look into what caused the changed requirement at some hotels to get mobile phone/NFC keys on my iOS devices, but something definitely changed on the hotel side in some parts.
I have to assume there are some offices that have mobile phone keys using NFC even as there are some employers who would prefer not to have phone NFC as an option for employees to unlock doors.
I have to assume there are some offices that have mobile phone keys using NFC even as there are some employers who would prefer not to have phone NFC as an option for employees to unlock doors.
#12
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
Bluetooth can be enabled with airplane mode still on. That is how I used to use the mobile phone keys at some hotels without issue but no longer could this month.
#13
FlyerTalk Evangelist
Join Date: Jan 2014
Location: San Diego, CA
Programs: GE, Marriott Platinum
Posts: 15,507
NFC on phones/credit/some door access cards is 13.56MHz, while many other door access cards are in the 100ish kilohertz range. Definitely not compatible depending on what system you're using.
#14
Join Date: Mar 2010
Location: PDX
Posts: 908
A lot of work badges these days contain smart cards with some form cryptography. I know mine does. I don't know whether it's PKI or something else, but I am 99.9% certain that it can't be replicated or spoofed by the phone's NFC even if they operate on the same frequency. In most of these cards, the encryption algorithm (generator) is hardwired into the chip.