Archive for the ‘RFID Stuff’ Category

Today Tonight Interview

So the other night the interview I did with Today Tonight aired. I thought I would just put it up here to share with everyone else.

A little corny but was still good fun!

Central Locking and RFID

So the next RFID project of mine is almost complete (the car).
I spent Sunday and this afternoon installing the Central Locking in my car but I went one step further and install some RFID kit to go with it. Using an RFID reader and another Solid State relay (with a few diodes thrown in for flavour) when I swipe my hand near the front windscreen the door locks/unlocks.
Unfortunately during the installation I only took 2 photos as I forgot to along the way. 🙁
I will however upload a video soon demonstrating its operation.

The first image is the drivers side door, unfortunately you can not see the actuator, but you can see the metal rod from the actuator connected to the locking bar.
The second image shows the RFID Readers antenna mounted to the window, I will probably find a better place to put this but for the time being it is fine.  The LED indicates a valid ID swipe. I have just placed this LED inside the speaker for now.

RFID Bike Vid

Here is a quick video I made of my bike starting using RFID.

RFID Bike Mods (pics)

Here are a few pictures during the modification process on my bike.
Video to follow shortly. I will also attempt to draw up the Circuit Diagram for all those interested.

Front and Garage Door

Ok so here is a vid of the RFID working on the front door and garage door. This is just to prove that it is working! 😛

Just had a few people complain that their browser doesn’t support mp4 so here is the link to youtube :


Just a quick update before I post some pics and footage.
My bike is now officially RFIDeded! Woooo, here is a list of bits I used to do this.

1) Cheap ass RFID reader of ebay with a 12V output
2) Diodes
3) Wire
4) Solid State Relay (I used this instead of a Reed Relay because altronics didn’t have stock, although I should of waited because these aren’t cheap compared to a Reed Relay)
5) 30A Horn Relay
6) Handlebar mounted Switch

I will list specifics later but just quickly I used the Solid State Relay from the RFID reader as this can only do a few mAs and the SS Relay only requires small amounts of mA’s to throw the coil. The SS Relay then throws the horn relay which is connected to the ignition poll on my bike.  So the process of starting my bike consists of the following steps;

1) Turn on RFID reader (this is the switch mounted to the handle bars).
2) Swipe hand over antenna (hey presto we has got powah!)
3) Push start button and listen for the roar of the mighty 250cc engine *cough* 😛

I will insert pictures onto this post soon so watch this space!

Someone thinks I am interesting or just silly…

So on monday I had a call from Ben Grubb (ZDNet reporter), he basically interviewed me about the rfid implant I had done.
If you would like to read it, it can be found here

There is a bit of information that missed the cut.  Currently there is no way of me stopping someone grabbing my hand and reading the UID, recording it and writing to another tag. However I have a solution in place for this.  Time and funds permitted (I just bought an iPad so super poor atm) I will investigate and slowly implement this.  That said you have to be literally 2cm from the chip, know exactly where it is and in order to read the whole chip it takes about 3 seconds then you need to know what pages of data are used as the UID.  I am not particularly fussed about this, it’s not much different from someone stealing my keys, it just makes it a little bit harder 😛

If I get time tomorrow I will upload a vid of me swiping the reader at the front door and gaining access.

RFID Implant

On Wednesday the 16th June 2010 I finally had my rfid chip implanted into my hand!

Ho-freakin-ray (About time huh). So I managed to find a Doctor that was happy to do the procedure for me.  10am rocked by he called my name and it was on.
I took my lovely wife with me to video tape it, although she would of much preferred to do the procedure than tape it but she did a good job none the less.

Below is the procedure (with sound) It is embedded with HTML5 so if you can’t view go check it out at

I will also upload a vid of me demonstrating on my house readers, this isn’t as cool as the video of getting the implant but it will demonstrate one application.

Apologies for the noisy kids in the background they were getting their flu shots.

RFID Readers

Ok it has been almost a month since my last post so I thought I better quickly put something down before I forget.
The readers arrived a few weeks ago as did my GIS TS-RW36 *yay*  The RW63 is a USB HID Device (Device Device? ;P)  Initially when I plugged it into my mac it came up as a keyboard, which was cool because the software I have for it is windows, which is not so cool. Anyway I launched VMWare Fusion assuming it would just pass the USB Device through and I would be able to use it, unfortunately Fusion did not do this and it couldn’t see the device at all. I then tried a few tweeks that were suggested to me but still no joy, so I downloaded Parallels and it worked! So I am now a Parallels user (take that VMWare! *stabby*).

So with the RW36 I can now read all the pages of the HitagS chip.  I haven’t spent much time with this but I have learnt a few things.
All my chips where sent to me in Plain mode with the all the bits set so I can R/W, it was also set to transmit Pages 4 and 5.  This is how it emulates an EM4102. When playing around with the Hitag S whatever you do, do not change the AUT bit in CON1 on Page 01, it will brick your tag unless you have a NXP reader/writer (phillips proprietary shiz I believe).

Ok so here is the break down of the chip.  Page 00 is used as the UID (This is not to be confused with the EM4102 emulation as this uses the data in pages 04 and 05), Page 01 contains 3 configuration bytes and this is used to configure the chip (duh), going from MSB to LSB you have Reserved and CON2 to CON0. CON0 you have 8 bits (going from MSB still) RES 5 to RES 0 are exactly that, they are reserved. Bits 1 and 0 are the memory bits, this tells us what size chip it is.  Next is CON1 these are the Mode and Lock bits. Again if you change the AUT But to 1 (Auth mode you will probably brick your chip). The other bits you may be interested here is the Lock Configuration Bit (LCON) which is bit 1, if you change this to 1 then CON1 becomes read-only meaning you can no longer write changes to it and CON2 becomes one time programmable meaning as part of this write you will no long be able to change CON2.  (I hope this makes sense). The next bits that are interesting is the Transponder Talks First Bits TTFM0 and TTFM1, bits 2 and 3 respectively.  As I mentioned previously this is set to Pages 4 and 5 to transmit in TTF State.  This allows it to work with most 125khz readers, obviously if you change this to TTF mode disabled (Reader talks first) then standard readers can no longer read this chip.  I am looking at getting a few more RWD that claim to work with these chips and perform some form of authentication but that will have to wait for now, so at this stage I will leave my chips in transmit pages 4 and 5 mode. There are a number of other bits that should be left alone like the LKP bit (Lock key and Password) this should be set to 0 until you know what you are doing as should all 8 bits in CON2.  If you want more information about this please feel free to contact me or check out most of the information has now been added to Tim’s wiki and we will continue to add stuff as we discover more.

Well thats about it for the information on the HitagS chip, just to finish up my rfid readers are now installed and controlling the strike locks via my alarm panel and a secondary 12 volt PSU (with battery backup).  The locks I have used are fail secure as you can still override them manually from the inside.  All that is left with the alarm panel is to add a few more PIRs and integrate it into my HA.

Here are a few shots of the readers, Sorry for the poor quality I didn’t have my flash with me and I wanted to get as much of the blue/green colour in the shot. Blue indicates that the Reader is on/ready green indicates card accept/door unlocked.

Alarm Panel Module

So today the modules for my alarm panel arrived (finally). What these allow me to do is connect a Wiegand supported RFID Reader to the Panel.  I have just wired up the 2 modules and quickly connected a test button and strike (with a 12v battery) to test the RTE functionality.  After about 10 minutes of screwing around I managed to get it working. Woohooo…

I am going to *borrow* a rfid reader of my friend Hewball tomorrow so that I can attempt to enrol one of the Hitag S chips before I actually get in implanted.  Watch this space!

Return top