Can you really use NFC to clone a college key fob?!

[anon(10181084)]

Ok, so last year I was at a tech camp at Stanford. There was this Russian hacker (yes, I'm being serious) kid who had an NFC-enabled phone (he told me it was some "Mark 2" version of the HTC 10). On the last day of camp, he literally held his residence hall key fob to his phone, did some magic, and was able to UNLOCK THE DOOR of Roble Hall with his CELL PHONE! Is this even legal/possible or did he somehow embed an illegal key cloner into his phone?!

 

[SpookDroid]

With the right tools, it's possible (definitely needs a rooted phone to bypass most of the NFC reader/transmitter security). However, it's not that simple most of the time, especially with newer NFC tags. I'm assuming your campus used either simple RFID tags which have now known 'codes' to bypass encryption, which are fairly easy to read/re-create on a phone. Newer tags, however, have a much stronger encryption and coding so those are fairly hard to 'hack'.

On top of that, your phone can't read ALL RFID/NFC tags out there, so those out of the frequency range (non-commercial) will not be read without the proper added hardware.

 

[anon(10181084)]

Ok, cool. I also just checked the play store and there are some RFID reader apps (!!!). Not sure if those can do what this hacker did. I mean, it is still EXTREMELY irresponsible of Stanford to have hackable RFID keys. That hacker kid did have a rooted phone, so in theory he could share the contents of the key with criminals if he wanted to and that could lead to a robbery/invasion of the residence hall. If the college I go to next year ends up having NFC keys, I will have to test those and immediately report to the housing department if the keys are cloneable, since somebody could potentially invade the rooms.

 

[SpookDroid]

Yeah, and again, those usually just do basic reading for 'basic' tags. You might be able to see some data stream but not really be able to decrypt the contents and definitely not emulate the whole string. But hey, you can do the same with WiFi keys, BT tokens, etc. All you need is the right tools and knowledge of the underlying encryption.

 

[anon(10181084)]

Yeah, and again, those usually just do basic reading for 'basic' tags. You might be able to see some data stream but not really be able to decrypt the contents and definitely not emulate the whole string. But hey, you can do the same with WiFi keys, BT tokens, etc. All you need is the right tools and knowledge of the underlying encryption.

Good point. Also, I'll go over to the HTC subforum and try and figure out more about that weird phone he had.

 

[SpookDroid]

Phone doesn't really matter that much since all phones have the same NFC tech. As long as you root to bypass security of the device and have the right tools to use the hardware, you can do that with any device that has a reader (limited to the ones the phone can actually read, of course).

 

[anon(10181084)]

What about the legality of this? Is it even legal to do this for personal use (i.e. If you are sick of carrying your key with you and want to use your phone instead)?

 

[SpookDroid]

It's not legal to break proprietary tech/encryption. That being said, the copying part and using the key (IF you own it) is a legal gray area, since, in theory, you own the original tag.