How to password protect writing to NFC NTAG216 tag on iOS 13 using NFC Core
You can use the following method in iOS for sending any command to NTAG:
func sendCommand(data: CmdData, completionHandler: @escaping(Data?, Error?) -> Void) {
tag?.sendMiFareCommand(commandPacket: data, completionHandler: { (data, error) in
completionHandler(data, error)
})
}
where, parameter data is the command APDU and tag object is of type NFCMiFareTag.
Command APDU to write password & PACK to NFC Tag:
- Password (FF FF FF FF): [Write cmd: CMD | Address | Data] -> A2 E5 FF FF FF FF
- PACK (01 02): [Write cmd: CMD | Address | Data] -> A2 E6 01 02 RFU RFU
Note: In place of RFU you can simply write 00h or you can retain the values by following steps:
- Read page E6h ----> You will receive 16 bytes (4 page) data ---->
Take out the first 4 bytes, which will be the data on E6 page ---->
Replace 0th and 1st byte with PACK value to be written ----> Write
the updated 4 bytes data to E6h using write command as mentioned
above.
Activating Protection
Once the Password and PACK values are configured onto NFC tag, next step would be to activate the protection by defining from which page the read/write access must need authentication. In order to do that:
- Read page E3h ---> Copy the first 4 bytes into data[]
- Over-write the AUTH0 value at index 3, with the first user page number 04h, which means any page starting from 04h will need authentication for read (by default) access
Accessing Read protected pages
- User Enters PWD & PACK for unlocking the Tag
- Authenticate the tag using the entered data, using following command:
- Authenticate: [Command(1Bh) | PWD] --> 1B FF FF FF FF
- The Tag will respond with the PACK value, which can be verified by matching it with the PACK value that you have for extra security
- Now that the tag is in authenticated state, data can be written to tag. **Note: Once the tag goes out of the field, the authentication state gets reset. Therefore, you have to authenticate and write the data in the same session.
- Unless there is need of changing the PWD/PACK, no further action is needed as the tag goes back to protected state every time the session is complete i.e. comes out of field.
You can refer NTAG 213/215/216 Data sheet
How correct protect NXP NTAG215 for read/write
Everything looks fine except for the last command.
ENABLE READ/WRITE PROTECTION
nfc.transceive('A2 84 10 00 00 00')
In order to enable the protection the command must be as follows:
nfc.transceive('A2 84 80 00 00 00')
Writing to a Type 5 NFC tag from iOS?
I believe that the NXP Icode Slix chips are not formatted for NDEF Storage by default.
There is no Capability Container as defined by the NFC Type 2 Spec
There is no Empty TLV Block as as defined by the NFC Type 2 Spec
All blocks are delivered with 00h
values from the factory.
There is a procedure to initialise them as NFC Type 2 Spec cards.
See Section 6.5 of the correct Application Note
This should be possible https://developer.apple.com/documentation/corenfc/nfciso15693tag Apple NFC methods to write the correct data to Blocks 0 and 1 on iOS 13 and above.
I would not expect most NFC writing Apps to bother with formatting cards as NDEF capable as this was not possible pre iOS 13 and most are pre formatted from the factory, though I would expect that NXP's TagWriter App to have this capability (It does on the Android version).
Using NFC NTAG216 for Access Control
That depends on how secure you want your access control to be.
In short, the NTAG216 password gets transmitted by the reader in clear text, so all that an attacker has to do is to spoof and replay it at the secured door. That can be done even at a distance of several meters.
With the right equipment it would take me about two hours to break an access control system based on the NTAG216.
Then on the other hand lots of hotels are still using the completely broken mifare classic tags for access control and no one seems to care.
NFC Tag Writer sample or tutorial for ios?
You cannot write to an NFC tag from iOS, only read. In the Core NFC documentation from Apple it's stated you can only read NFC NDEF tags, and only on iPhone 7 and 7 plus devices (assuming 8 and X are also supported)
https://developer.apple.com/documentation/corenfc
The apps you are finding in the App Store require you to use an external Bluetooth NFC reader.
Update iOS 13 -->
It is now possible to use the CoreNFC framework to write to NFC protocol specific tags such as ISO 7816, ISO 15693, FeliCa™, and MIFARE® tags.
See Apple's example: https://developer.apple.com/documentation/corenfc/creating_nfc_tags_from_your_iphone
It is possible to read protected NFC tags in iOS?
Important note: The answer below was true for Core NFC in iOS 11. A lot has happened since then. In 2019, Apple added many enhancements to Core NFC. The API now provides access to lower protocol layers (such as exchanging APDUs with contactless smartcards (ISO/IEC 14443-4), and sending commands to MIFARE (and potentially, but not verified, other ISO 14443-3A tags), FeliCa, and ISO/IEC 15693 tags).
The Core NFC overview page announces that as:
Your app can also write data to tags, and interact with protocol specific tag such as ISO 7816, ISO 15693, FeliCa™, and MIFARE® tags.
Answer from 2017:
No, Core NFC only works with NFC tag that are NDEF formatted. Thus, you can only interact with NFC tags that adhere to the NDEF (NFC Data Exchange Format) hardware abstraction layer specified by the NFC Forum. Specifically, with NFC Forum tag types 1 to 5.
Core NFC overview page:
Reading NFC NDEF tags is supported on iPhone 7 and iPhone 7 Plus.
Using Core NFC, you can read Near Field Communication (NFC) tags of
types 1 through 5 that contain data in the NFC Data Exchange Format
(NDEF).
Contactless smartcards (like electronic passports, payment cards, etc.) and even additional protection features of NFC tags (like NTAG password protection, MIFARE DESFire or Ultralight authentication, etc.) cannot be accessed using the iOS 11 NFC API.
Related Topics
Simple and Clean Way to Convert JSON String to Object in Swift
Error: Initializer for Conditional Binding Must Have Optional Type, Not 'String'
Implementing Hmac and Sha1 Encryption in Swift
iPhone App Under Test Crashes After a Few Days
How to Save a Uicolor with Userdefaults
Restoring Animation Where It Left Off When App Resumes from Background
How to Compile for Arm Rather Than Thumb in Xcode 4
How to Add Equal Spacing and Equal Width for Button in iOS Auto Layout
Xmppframework - How to Create a Muc Room and Invite Users
The Executable Gets Signed with Invalid Entitlements in Xcode
Push Notification Not Receiving in Background iOS
Nsfetchedresultscontroller V.S. Uilocalizedindexedcollation
Uitextfield Securetextentry Bullets with a Custom Font
Optional Chaining in Swift Closure Where Return Type Has to Be Void
"Do Not Embed", "Embed & Sign", "Embed Without Signing". What Are They. What They Do