Phone NFC to open doors?

Old Aug 20, 19, 9:27 am
  #1  
FlyerTalk Evangelist
Original Poster
 
Join Date: Nov 2002
Location: PWM - the way life should be
Posts: 11,696
Phone NFC to open doors?

It would be super convenient if I could use my iPhone's NFC chip to impersonate my work proxy card, so I don't need to carry my wallet (or fish the card out of it) to go between floors. Is this sort of thing at all possible?
gfunkdave is offline  
Old Aug 20, 19, 10:55 am
  #2  
 
Join Date: Jul 2008
Location: K+K
Programs: *G
Posts: 4,307
I imagine NFC devices have hardcoded IDs to prevent spoofing.

That said, why don't you just sandwich the card between the back of the phone and its case?
deniah is offline  
Old Aug 20, 19, 12:24 pm
  #3  
FlyerTalk Evangelist
Original Poster
 
Join Date: Nov 2002
Location: PWM - the way life should be
Posts: 11,696
That's actually a good idea. Why didn't I think of that?

Proxy cards don't do any crypto. They just send their static serial number to the door reader (well, the reader induces a current in the antenna embedded into the card, which is enough to power a tiny chip that sends its serial number). Actually, I think they send a facility number (1-256) and a serial number (1-65536). The computer running the thing then determines if that serial number is authorized to access the door. So you need is to get the phone's NFC chip to send the correct facility and serial numbers.

I don't know if NFC on the phone uses the same frequencies as door proxy cards, though.
gfunkdave is offline  
Old Aug 20, 19, 6:36 pm
  #4  
 
Join Date: Apr 2014
Posts: 397
fwiw I've tried this and it doesn't work. It's like NFC from the iPhone interferes.
PackingIt is offline  
Old Aug 21, 19, 7:22 pm
  #5  
 
Join Date: Dec 2009
Location: RDU
Programs: DL DM(segs)/MM, Hilton DM, Marriott Ti (life Pt), TSA Opt-out Platinum
Posts: 2,455
Originally Posted by gfunkdave View Post
Proxy cards don't do any crypto. They just send their static serial number to the door reader (well, the reader induces a current in the antenna embedded into the card, which is enough to power a tiny chip that sends its serial number). Actually, I think they send a facility number (1-256) and a serial number (1-65536). The computer running the thing then determines if that serial number is authorized to access the door. So you need is to get the phone's NFC chip to send the correct facility and serial numbers.
Nitpickery I got from one of our devs recently: for unsigned integers, it would actually be 0-255 and 0-65535 (assuming 8 and 16 bit).
gfunkdave likes this.
HDQDD is offline  
Old Aug 21, 19, 10:54 pm
  #6  
 
Join Date: Aug 2008
Location: Somewhere in Florida
Posts: 1,852
Some cars allow you to use NFC in place of the keys.

As far as proximity card readers, they're on a completely different frequency than NFC. Depending on what sort of prox card system is in place, you can clone it to a new card.

Now, you can use an NFC-enabled phone to skim contactless credit cards... but that's a whole other discussion.
KRSW is offline  
Old Aug 22, 19, 6:30 am
  #7  
Ambassador: Emirates Airlines
 
Join Date: Sep 2004
Location: Manchester, UK
Posts: 13,871
Originally Posted by KRSW View Post
Now, you can use an NFC-enabled phone to skim contactless credit cards... but that's a whole other discussion.
But not the CCV...
DYKWIA is offline  
Old Aug 22, 19, 7:12 am
  #8  
FlyerTalk Evangelist
Original Poster
 
Join Date: Nov 2002
Location: PWM - the way life should be
Posts: 11,696
Originally Posted by HDQDD View Post


Nitpickery I got from one of our devs recently: for unsigned integers, it would actually be 0-255 and 0-65535 (assuming 8 and 16 bit).
I majored in computer science and still don't really understand how signed/unsigned integers work. I also never really got P/NP/NP-completeness.

I did put my proxy card sandwiched in my phone case behind the phone, and it works just fine. Thanks for the idea!
synthkeys likes this.
gfunkdave is offline  
Old Aug 22, 19, 6:40 pm
  #9  
 
Join Date: Aug 2008
Location: Somewhere in Florida
Posts: 1,852
Originally Posted by DYKWIA View Post
But not the CCV...
...which is conveniently printed on the back/front of the card and available for anyone who touches your card, which is very common in the USA. Servers, front desk agents, etc.
KRSW is offline  
Old Aug 23, 19, 3:48 am
  #10  
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 88,277
Phone NFC to open hotel doors has definitely become more common in some parts. But I've also noticed how some hotels that used to provide my wifi-connected phones with mobile phone keys are no longer doing so unless I first enable the phone's cellular network. I haven't cared to look into what caused the changed requirement at some hotels to get mobile phone/NFC keys on my iOS devices, but something definitely changed on the hotel side in some parts.

I have to assume there are some offices that have mobile phone keys using NFC even as there are some employers who would prefer not to have phone NFC as an option for employees to unlock doors.
GUWonder is online now  
Old Aug 23, 19, 7:38 am
  #11  
FlyerTalk Evangelist
Original Poster
 
Join Date: Nov 2002
Location: PWM - the way life should be
Posts: 11,696
Originally Posted by GUWonder View Post
Phone NFC to open hotel doors has definitely become more common in some parts. But I've also noticed how some hotels that used to provide my wifi-connected phones with mobile phone keys are no longer doing so unless I first enable the phone's cellular network. I haven't cared to look into what caused the changed requirement at some hotels to get mobile phone/NFC keys on my iOS devices, but something definitely changed on the hotel side in some parts.

I have to assume there are some offices that have mobile phone keys using NFC even as there are some employers who would prefer not to have phone NFC as an option for employees to unlock doors.
Hotel doors actually use Bluetooth LE, not NFC. Perhaps it's not so much you have to enable the cellular function as that you have to enable Bluetooth - both are off in airplane mode.
gfunkdave is offline  
Old Aug 23, 19, 9:52 am
  #12  
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 88,277
Originally Posted by gfunkdave View Post
Hotel doors actually use Bluetooth LE, not NFC. Perhaps it's not so much you have to enable the cellular function as that you have to enable Bluetooth - both are off in airplane mode.
Yes, my bad about that.

Bluetooth can be enabled with airplane mode still on. That is how I used to use the mobile phone keys at some hotels without issue but no longer could this month.
GUWonder is online now  
Old Aug 23, 19, 3:44 pm
  #13  
FlyerTalk Evangelist
 
Join Date: Jan 2014
Location: San Diego, CA
Programs: GE, Marriott Gold
Posts: 13,316
Originally Posted by gfunkdave View Post
I don't know if NFC on the phone uses the same frequencies as door proxy cards, though.
NFC on phones/credit/some door access cards is 13.56MHz, while many other door access cards are in the 100ish kilohertz range. Definitely not compatible depending on what system you're using.
gfunkdave and D582 like this.
tmiw is offline  
Old Aug 24, 19, 11:33 am
  #14  
 
Join Date: Mar 2010
Location: PDX
Posts: 892
A lot of work badges these days contain smart cards with some form cryptography. I know mine does. I don't know whether it's PKI or something else, but I am 99.9% certain that it can't be replicated or spoofed by the phone's NFC even if they operate on the same frequency. In most of these cards, the encryption algorithm (generator) is hardwired into the chip.
König is offline  
Old Aug 24, 19, 11:40 am
  #15  
 
Join Date: Mar 2010
Location: PDX
Posts: 892
Duplicate post
König is offline  

Thread Tools
Search this Thread