How to Read Contactless Smart Card From a Chrome App (Part 1)

How to Read Contactless Smart Card From a Chrome App (Part 1)

Sunny Sun Lv4
  2019-08-10 2019-08-10 Created   2024-08-16 19:46:17 2024-08-16 19:46:17 Updated      1.1k Words  6 Mins  

Develop a Chrome Apps to read a NXP Mifare 4k classic card with the HID OMNIKey 5427 reader

Welcome to the world of embedded programming

As a software developer who spends most of his time in web-based apps, my only experience dealing with hardware was connecting to a barcode scanner years ago. Recently, I have had an opportunity to develop a Chrome App that reads contactless SmartCards from a reader that is connected to a Chrome Device. I was quite overwhelmed at the start. The developer guide and SmartCard specification is in English. I can recognize every single word, but could hardly understand most of the paragraphs. They were written in electrical engineering Jargon. I can’t find any good tutorials for Developers new to embedded programming.

After days of research, I can understand just enough to get the app working. I know I just scratched the surface of the new world, but it may be useful to share my newly gained knowledge with other Devs who are also new to SmartCard technology.

In this article, I will discuss the development of Chrome Apps to read a NXP Mifare 4k classic card with the HID OMNIKey 5427 reader. Although some specific details are tied to the card specification, but most should be applicable to other contactless memory cards and PC/SC compliant readers.

To begin, we need to understand the basics of the card reader Standard and SmartCard technology.

PC/SC

PC/SC is the standard defined the API for communication between personal computers and smart cards by the PC/SC Workgroup . It provides software developers with a standard set of tools for managing smart card readers and communicating with readers and cards. The interface defined by PC/SC includes enumeration of readers, retrieve reader and card states and read/write data to and from cards.

The PC/SC standard has been fully implemented by Microsoft on Windows, and partly implemented on Linux in PC/SC Lite.

The best thing about PCSC is that it is the industry standard. Before PC/SC, there was no standard API, and each manufacturer had its own. Thus, applications are locked to vendor-specific drivers and readers. But now, an application implemented with PC/SC will be able to work with any PC/SC compliant SmartCard reader. Using the PC/SC API, the App can find available readers, detect smart cards, and then communicate with a particular card.

Having said that, although PC/SC defines the commands used to communicate with SmartCards, provides the communication channels, and hides the complexities of the underlying card-reader protocols, it does not provide an abstraction of different card types. Thus, the meaning of those commands is still largely defined by the manufacturer. It is up to the application developer to deal with different types of cards and special cases.

CCID

The Chip Card Interface Device (CCID) specification defines how a smart card reader communicates to a computer via USB at a low level (i.e. the actual commands sent via USB). This means that, in theory, any CCID smart card reader can be installed on Windows without needing a driver, because the default Microsoft driver is available, just like other USB class devices.

SmartCard

SmartCard is also called Chip Card. Hundreds of different types and billions of cards are produced every year. Although it looks simple, a typical chip card comprises more than 10 elements and needs about 30 steps to be produced.

The SmartCard discussed in this article is a contactless memory card, where the data is stored into a fixed address on the card. They are used for building access control, membership card, ticketing or giftcard. The contactless memory cards are in the high frequency (HF) category, which is the 13.56 MHz spectrum and comply with either or both the ISO 14443 or ISO 15693, or their own proprietary protocol.

Within the four big players in the market, HID and NXP are the top 2.

Mifare card

NXP’s family of Mifare cards is built on the ISO 14443 Type A standard. Each card is factory-programmed with a unique serial number. It is very durable and designed with an encryption key to protect the data on it.

Mifare Classic 4K card has 40 sectors, 32 of them are divided into four blocks (each block contains 16 bytes memory storage) and the remaining 8 are divided into 16 blocks. The memory structure is as follows:

miFare 4k Classic Card memory structure

The last block in each sector is called a sector trailer. It contains two secret keys, A and B, and access condition bits. The access condition bits contain data such as “write,” “read,” and “read & write.” The section trailer block protects the data in the sector, as any read/write command can only be successful after passing authentication with the keys.

Understanding the memory structure is important for a developer, as you need to figure out which memory block you need to read/write and where the keys are stored.

OMNIKey 5427 SmartCard Reader

OMNIKey 5427 is a dual frequency reader, meaning it can read various cards.

To set up the reader for Windows, download and install the Windows driver from the HID web site, then download and install the OMNIKey workbench. Plug in the reader to your PC’s USB port, and start the workbench. You should see the reader is shown, as well as the ATR and UID of the reader.

To set up the reader on the Chrome Device, just plug the reader into the Chrome Device’s USB port; no driver is required.

Google has provided a SmartCard Connector Chrome App as the implementation of the PC/SC API, so a custom middleware App can talk to smart card reader via it. The connector App is bundled together with the USB CCID Driver. After installing the App from Chrome Store, your reader will be shown in the App. Unfortunately, the App only works in the Chrome Device, which means we can’t develop the App for Windows.

Google SmartCard Connector App

The API exposed by the Connector App is a PC/SC-Lite API adopted for the message-exchanging nature of the communication between Chrome Apps.

It is surprising that I have not been able to present one line of code after 1000 words. To avoid making a super long post, I will stop here and leave the rest to Part 2.

  • Title: How to Read Contactless Smart Card From a Chrome App (Part 1)
  • Author: Sunny Sun
  • Created at : 2019-08-10 00:00:00
  • Updated at : 2024-08-16 19:46:17
  • Link: http://coffeethinkcode.com/2019/08/10/how-to-read-contactless-smart-card-from-chrome-app-part-1/
  • License: This work is licensed under CC BY-NC-SA 4.0.
Recommended
How to Read Contactless Smart Card From a Chrome App (Part 2) How to Read Contactless Smart Card From a Chrome App (Part 2) REST API Design - Core Concepts and Best Practices REST API Design - Core Concepts and Best Practices Choosing the Right Platform - IIS or Nginx for Angular Deployment Choosing the Right Platform - IIS or Nginx for Angular Deployment
Recommended
How to Read Contactless Smart Card From a Chrome App (Part 2) How to Read Contactless Smart Card From a Chrome App (Part 2) REST API Design - Core Concepts and Best Practices REST API Design - Core Concepts and Best Practices
On this page
How to Read Contactless Smart Card From a Chrome App (Part 1)
  1. Develop a Chrome Apps to read a NXP Mifare 4k classic card with the HID OMNIKey 5427 reader
  • Welcome to the world of embedded programming
    1. PC/SC
    2. CCID
  • SmartCard
    1. OMNIKey 5427 SmartCard Reader