Android, BlackBerry all provide the analog NFC card API, theoretically can use the phone to simulate a meal card, traffic card, and even bank card to carry out identity authentication, trading, is not very happy, the mood is very excited ah.
Wait
The reality is
Application Scenarios:
Most of the domestic, 99% of the cards are the cheapest M1 cards, and the entire system only applies the card UID data. The UID of an NFC card can no longer be modified when the card is shipped out of the production line.
Can the phone set the NFC UID.
The phone cannot simulate a fixed or specified UID on an NFC card, in other words, the UID of an NFC card that is simulated on the phone is an API that does not have the UID specified on the random + dynamic phone (early Android, the BlackBerry phone has an API to set the UID, But for security reasons, this API was disabled after just half a year.
Solution.
Transforming the card-reading machine and reconstructing the backstage authentication system
The card reader reads the identification of the NFC card and other data areas to determine whether the card is an ordinary NFC card or a more secure NFC phone;
In the case of an NFC phone, the card reader reads the other data areas of the NFC card (the data on the other areas of the NFC card that the phone simulates can be set up, encrypted, or even dynamically updated like RSA tokens), to authenticate successfully to the background.
In the case of an ordinary NFC card, the card reader reads the UID of the NFC card and authenticates successfully to the background.
Reference:
Ten questions about card emulation on Android NFC phone
Hotel door Lock (homemade) with NFC phone
NFC Door lock (foreign)