Introducing a Portable Standalone MIFARE Ultralight and NTAG2x3 Emulator

Emulator View

"With a flip of a switch, the Emulator is turned from a functional clone [of NFC tag] into a fully writable memory array."

Emulator Overview

This Emulator has been designed to emulate NFC Forum Type 2 tags (ISO 14443 type "A" modulation) with EEPROM memory up to 192 bytes long.

The current firmware releases can emulate the following NFC tags:

In addition to replicating the wireless interface of tags, their memory architecture, and internal state machine, the Emulator offers features of programming a custom UID, manufacturer byte, internal data byte, as well as resetting OTP bits, lock and block-locking bits to their initial state of logic 0. All one-way counters of NTAG2x3 and EV1 can be programmed with any value at any time. NTAG213 and EV1 firmware also offers reading out the stored authentication password and ackowledge fields which are write-only on original tags, as well as instantly removing read and write protection imposed by PROT and AUTH0 fields. The new Password Sniffer Mode introduced in 2017 allows storing the password from AUTHENTICATE command argument. The 32-byte signature of NTAG213 and EV1 can be programmed by a series of 8 writes to 8 pages in a single NFC session. All this makes the Emulator ideal for software development, system testing, and application support, in cases where project development or system administration require many test-case scenarios involving memory areas with security restrictions.

What the Emulator is:

What the Emulator is NOT: