Payment ‐ DESFire card issues - chuwuwang/ReadingNote GitHub Wiki

DESFire cards - Known Bugs

Android has a bug which interferes with DESFire cards, a popular card for payment systems. We have built a workaround, but that workaround comes with some limitations of its own. Please read this page carefully in order to avoid problems.

Reader limitations

In order to enable you to read DESFire cards, we are using a workaround. However, this workaround also breaks Android's method of detecting if a card has been removed. This means that you will have to manually tell Android if you remove the card.

In the application, there is a reset button. Once you hold a card to the device, this button will change to read "Forget card". Once you have removed the card again, please press that button to let android know about this.

Until you have pressed that button, Android will not detect new NFC Tags!

That's all you need to know in order to use the application. If you are interested in technical details, read on.

Technical details

Android periodically communicates with attached NFC tags in order to make sure that they are still present. For this, it sends a command to the card and checks if it receives a reply. These commands are usually NOPs ("No OPeration", commands that don't do anything).

However, the Android NFC libraries seem to have a bug that leads to them sending commands to DESFire cards which lock the card into a specific mode. Once a card is locked into a mode, it will not accept messages using other modes and will reply with an error (0x6e00).

For our workaround, we start a thread which resets the keepalive timer of the Android NFC watchdog thread every 100 milliseconds. That way, no keepalive commands are sent and the card is not locked into any specific mode.

However, this also means that android will not detect the removal of a tag while the workaround is active. Accordingly, we have to kill the watchdog thread to allow Android to recognize the removal of a card. For this, we use the button mentioned above: All it does is to kill the workaround thread. After that has happened, the Android watchdog thread will resume operation and detect the removal of the card.