NFC Chip Cloning


NFC UID Validation

Some NFC chip types have a rewritable UID, meaning that it is possible to change the UID of an NFC chip to a specific value just as the user memory can be changed. While this is useful for some systems, it allows for an NFC tag to be cloned as the UID is the only differentiator between blank NFC tags. The implication is that UIDs can not be blindly trusted as its possible that an NFC chip is “lying” to the software about its UID. The first step in preventing this to for the software to determine the NFC chip type of the NFC tag; each NFC chip type has its own way of determining this. However a malicious NFC tag could also find a way to “lie” about its NFC chip type; pretending to be an NFC chip type that does not have a writable UID when it fact it actually does have a writable UID. To combat this the software must also validate the manufacturer of the NFC chip by checking the originality signature to ensure the chip was made from a company that the software trusts to not lie to it about its UID or chip type. Verifying the NFC chip manufacturer via the originality signature is a cryptographically secure process, so it can not be faked by a 3rd party. This forms the root of the trust chain to ultimately validate the NFC chip UID for use is a secure system.