The subway around here uses NFC tags to debit your account. I'm wondering if there is a way to get my BlackBerry 9930 to serve this purpose instead of carrying a card.
I have my NFC subway card, and the BlackBerry can read it. Using ShortcutMe and NFC Shortcut, I can get that to do pretty much anything on the device. That's cool, but not really what I'm looking for.
What I'd like is for the BlackBerry to be broadcasting (essentially mimicking) my subway card, so when I tap my card on the subway turnstile, the subway system would authenticate and debit my account tied to my card.
Can anyone think of a way to enable such functionality?
- 05-02-12, 04:25 AM #2
that would be cool if you could mimic the nfc id of your card with your phone. then you could use this for security doors and other things as well. you could also program your gps to determine what id you want your phone to have, so you wouldn't need to select which id you would want to mimic.
only if eh
- 05-02-12, 06:39 AM #3
- CrackBerry Genius
05-02-12, 09:32 AM #4
- 3,220 Posts
- 0 Post(s)
- 0 Thread(s)
- 05-02-12, 12:26 PM #6
To be able to mimic a card from a credit card company or a transit system company, the card info/credentials need to be securely stored in a secure area on the mobile device.
The secure are on the device is either SIM (new SIMs that are NFC enabled), or embedded secure element (BlackBerry has one ).
To be able to securely store card info/credentials on the secure elements (SIM/Embedded), the device needs to be connected to a back-end cloud system called TSM. The TSM should be supported by the credit card company or the transit system the card belongs too.
As it seams, it is not something that can be done by an end-user, or one single company/institute.
Transit System Companies might end up allowing credit card payment to enable mobile payment without going through the hassle of having a TSM and a system to works with TSM.
Last edited by Vijik; 05-02-12 at 12:54 PM.
- 05-02-12, 12:52 PM #8
I think BB can emulate an NFC tag specifically for others to read it (Business card, etc). Those tags don't necessarily need to reside from secure element. They can be in BB memory or in secure element (I am not sure how BB OS does that).
The secure NFC Cards from Credit Card, Access Control, and Transit system companies however need to reside from the secure element.
As long as you have an NFC card from the company categories mentioned above, and as long as your device OS is BlackBerry OS (Secure ), then yes, you don't need to worry about someone clone your NFC card.
- 07-20-12, 01:02 AM #9
So I understand for the most part as to what your saying vijik. Thanks for the awesome nfc app by the way. But entertain my idea here...the 9900/9930 can read the nfc tag, I haven't tried this but hypothetically, if it can read my nfc card (chicago card) as we use here. Can the phone in theory, store the tag or 'code' if you will. And just emit the same code out when needed? In the sense it's replicating/mimicking the tag.
- 07-20-12, 07:44 AM #10
It is a difference between reading (something from) a tag and get the tag to authenticate something (PAT: Payment, Access, Transit, etc).
You can get BB to read some data from a tag (universal ID, tag type ID, etc), and you might be able to program the BB to emulate that, but that is not enough for PAT.
PAT readers get authentication from the tag by sending a Challenge and verifying the Response received from the tag. The tag can respond "correctly" to the Challenge because it "knows" how to decipher the challenge (taking away the random number in challenge/etc) and it knows a secret code, a code that is used by the reader to create the Challenge.
The secret code and the know-how about how to decipher the Challenge is what you need if you wanted to mimic a PAT card.
(And because of the random number used in the Chellenge and Response, it doesn't help to sniff to the communication between the reader and a real tag)
If you are interested google
How mifare classic was hacked
- 07-20-12, 04:26 PM #11
- 07-21-12, 08:31 AM #12
RIM has announced that they have deployed mobile payment in Turkey. I hope it also becomes available in other countries.
I think the biggest problem for deploying mobile payment is to get the carriers and other companies to agree on one business model. Some carriers are real greedy.
- 07-24-12, 01:45 AM #13
- CrackBerry Abuser
07-24-12, 02:37 PM #14
- 280 Posts
- 0 Post(s)
- 0 Thread(s)
Watch this space... (and have a google) HID Corp have something in the pipeline where IClass credentials can be stored on the phone and it used as your building access card.
At the moment its on limited trial, and once Visa finally get there finger out (Even though we had the TV adverts in the UK a while back now showing wavepay loaded onto a 9900) they are the key to this. This is also the reason why most CDMA (Non SIM devices) will never get access to secure objects.
The SIM is the key as others have said above and forms part of the secure wrapper. The same thing is relevent to this specific transit provider issue, ditto Oyster card here in London. At the end of the day to access those services you *will* have to wait for the providers (transit providers, app builders etc) to all come together and sort something out.
You can get apps that may let you read the balance off your travel card, but thats about it - no hope in using them fully at the moment.
- 07-27-12, 07:23 PM #15
Lol, not really NFC at work but once I get my SIII in, the NFC bus card will be small enough to just stick between my battery and back door. Lol, people next to me will probably be shocked. How did you do that? At least here in Chicago.
- 08-14-12, 08:14 PM #17
I'm sure it would work if I placed my Chicago card between my phone's battery and back door, but I tried it between my case and phone and it did not unfortunately, I wonder if it just needs to be a little closer. Or if the phone is causing interference. But I'll need to find another workaround.
- 08-14-12, 08:18 PM #18
- 08-18-12, 12:48 AM #19
- 08-18-12, 07:09 AM #20
Or, if you have another NFC Card in the reader's field at the same time, the reader might (depending on the implementation policies) reject using any of the cards.
- 08-18-12, 10:34 AM #22