Aaron Ardiri
[Valid RSS] RSS/XML feed
198 entries available (show all)


Internet of Things (IoT)

RIoT Secure AB


Is that an RFID token in your pocket or are you just happy to see me?

At the local social club an opportunity was discussed about handling membership - RFID was one of the technologies being discussed so it was definitely time to bring out the RFID reader that I picked up earlier and give it a wizz. It was also a great time to do some hands on Arduino tinkering with my long time friend and early-day mentor Mike Leishman who came down for the weekend.

Simply download the MFRC522 library that does all the heavy lifting communicating between the Arduino and the RFID reader. The most difficult (and fun part) was wiring the reader to the Arduino - the pinout does not match up perfectly with the SPI PINS; but the main thing is to make sure the power is 3.3V, not 5V. If you wire up the other pins incorrectly; the sketch simply wont work.

The kit I purchased came with a credit card sized RFID tag and a key-chain tag - by running the sketch I was able to extract the UID (unique ID) from both of them - the samples were a little too encapsulated for my liking so I extracted the bits needed just to obtain the UID:

  • rfid_uid_scanner
    author:  Aaron Ardiri
    version: Nov 29 2015
    MFRC522 (0x91) v1.0
    :: place RFID card on top of reader
    PICC type: MIFARE 1KB
    PICC UID: 0xB6 0xA8 0xE4 0x45
    :: place RFID card on top of reader
    PICC type: MIFARE 1KB
    PICC UID: 0x6C 0x61 0x2D 0x3B

Additional examples exist where it is possible to reprogram your RFID tags; by default my tags came with 4-byte UID's, but it is possible to have 7 or 10-byte values (higher byte-count means more uniqueness). It is also times like this where I like to dig into the source code - this was a gem:

  • /**
     * Performs the "magic sequence" needed to get Chinese UID changeable
     * Mifare cards to allow writing to sector 0, where the card UID is stored.
     * Note that you do not need to have selected the card through REQA or WUPA,
     * this sequence works immediately when the card is in the reader vicinity.
     * This means you can use this method even on "bricked" cards that your reader 
     * does not recognise anymore (see MFRC522::MIFARE_UnbrickUidSector).
     * Of course with non-bricked devices, you're free to select them before 
     * calling this function.
    bool MFRC522::MIFARE_OpenUidBackdoor(bool logErrors) { 

Have to love it how people figure out how to do things that technically should not be possible - in this case the hack does prove to be useful as it allows for reprogramming of what would normally be useless tags. The complete sketch (used above) is available for download:

In all honesty; and after exploring the RFID library in more detail I think a 1-wire based solution with iButtons will be the way to go for the membership management mainly due to the guaranteed uniqueness of the tags - especially since they want to deal with credit to encourage visits.


advertisement (self plug):
need assistance in an IoT project? contact us for a free consultation.


Raspberry Pi - X-Arcade MAME joystick - UPGRADED!
Raspberry Pi Zero - for only FIVE bucks?

All content provided on this blog is for informational purposes only.
All comments are generated by users and moderated for inappropriateness periodically.
The owner will not be liable for any losses, injuries, or damages from the display or use of this information.