Know your magic cards
Posted by Lab401 Steve on
Navigating the world of "Magic" RFID Cards can be difficult. Different suppliers have different badges with different abilities, and each version may have multiple generations.
At Lab401, we work closely with our suppliers to ensure we have the latest and most stable versions of "Magic UID Tags".
But before we can jump into the technical details - first a history lesson.
In the beginning there was the MIFARE CLASSIC® 1K card.
Compared to the 125KHz tags at the time, which simply burped out a string of data, the MIFARE CLASSIC® 1K was an advanced card.
Each individual card had an individual Unique ID. These UIDs blocks were managed between manufacturers to ensure that no two cards ever had the same UID.
The MIFARE CLASSIC® 1K also featured a plurality of data sectors, access control lists and keys.
As the MIFARE CLASSIC®1K became more popular, many companies and access control solutions started using the UID as a security feature - relying on the UID to authenticate cards, users, purchases and more.
The MIFARE CLASSIC®1K's cipher system, combined with a poor Pseudo-Random-Number-Generator (PRNG) were cracked - now meaning cards could be cracked and dumped.
At a similar time, Chinese companies, most notably FUDAN, started creating 'Compatible' chipsets - and some of these chipsets evolved special, even.. magical.. abilities - including forging the sacred UID.
The original generations of MIFARE CLASSIC® Compatible / Magic chips required a special sequence to 'Unlock' the badge. Once unlocked - the entire card, including the UID and ACL sections could be read and written.
The unlock code, 0x43 / 0x40 became so well known - that many card reader systems would query this code to all badges. If a tag responded - it was deemed a clone card, and refused.
In response, "Magic" cards evolved other abilities - some allowed "Direct Writing" to anywhere on the card, without unlock codes - and others allowed the UID to be changed only one time.
With each iteration, the chipsets also became more and more stable, and could also emulate more and more badge types.
Today - the most modern "Magic" cards can withstand a fair bit of user abuse (writing incorrect values, corrupting the manufacturer sectors etc) - but should in general be treated with care - as to not 'brick' them.
Recently, the "Ultimate Magic Card" was released. Also known as a "Gen 4", this card is a highly configurable 13.56MHz card emulator.
It can natively emulate NTAG / MIFARE / Ultralight tags (and all their variations), supports complete control over ATQA/SAK/ATS values, UID and UID length (4, 7 and 10 byte) and has advanced functionality including Recovery Mode, Shadow Mode and automatic BCC Calculation.
History lesson aside, Lab401 has compiled a quick Magic Tag Cheatsheet to quickly and easily understand what tags are what.
There are also several other types of Magic Cards available, that support other chipsets or provide other functionality, but new versions replace the old, instead of maintaining several versions on the market.