Setting password authentication on NXP MIFARE Ultralight C (NTAG215) tag
Question
So I'm using the the official NXP TagWriter Android app, which allows me to setup a password for my tag. I'm new to these chips so sorry if the question doesn't make sense.
I was wondering how can I make the tag ask for the password once it's placed on back of my Android phone? Right now it looks like Android is still able to read and write information to it, even though I added a password authentication.
1 answers
solution1
0 2018-01-16 11:15:26
There is no out-of-the-box support for password-protected NFC tags in Android. Actually, those protection mechanisms (eg 112-bit 3DES key for Ultralight C, 32-bit password for NTAG and others, and many others) are product specific (proprietary) features that are not covered by standards (NFC Forum specifications for NFC tags). Consequently, supporting all these different mechanisms would not be trivial.
Anyways, NFC tags (as reflected in current NFC Forum specifications; future specifications might bring some additional capabilities in that respect) are pimarily meant for storing freely readable data. They are not intended as a means of authentication or for "password"-protected content. Consequently, there is no app that ships with Android that would automatically ask you for a password associated with an NFC tag.
However, that does not mean that you could not build your own app for this. Android provides APIs for low-level access (ie access below the NDEF abstraction layer used for freely-readable data) to NFC tags which is necessary for implementing various authentication schemes used by NFC tags (such as the Ultralight C 3DES authentication or the NTAG21x password verification).
Regarding the tag content being accessible despite setting the password: On NTAG21x setting the password does not automatically protect the data on the tag. You would have to configure the protection mechanism in addition to setting the password. Configuration options include the first page covered by the password protection and if the password protects against unauthorized write access or read/write access.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.