# FZ - NFC
{{#include ../../../banners/hacktricks-training.md}}
## Intro
For info about RFID and NFC check the following page:
{{#ref}}
../pentesting-rfid.md
{{#endref}}
## Supported NFC cards
> [!CAUTION]
> Apart from NFC cards Flipper Zero supports **other type of High-frequency cards** such as several **Mifare** Classic and Ultralight and **NTAG**.
New types of NFC cards will be added to the list of supported cards. Flipper Zero supports the following **NFC cards type A** (ISO 14443A):
- **Bank cards (EMV)** — only read UID, SAK, and ATQA without saving.
- **Unknown cards** — read (UID, SAK, ATQA) and emulate an UID.
For **NFC cards type B, type F, and type V**, Flipper Zero is able to read an UID without saving it.
### NFC cards type A
#### Bank card (EMV)
Flipper Zero can only read an UID, SAK, ATQA, and stored data on bank cards **without saving**.
Bank card reading screenFor bank cards, Flipper Zero can only read data **without saving and emulating it**.
#### Unknown cards
When Flipper Zero is **unable to determine NFC card's type**, then only an **UID, SAK, and ATQA** can be **read and saved**.
Unknown card reading screenFor unknown NFC cards, Flipper Zero can emulate only an UID.
### NFC cards types B, F, and V
For **NFC cards types B, F, and V**, Flipper Zero can only **read and display an UID** without saving it.
## Actions
For an intro about NFC [**read this page**](../pentesting-rfid.md#high-frequency-rfid-tags-13.56-mhz).
### Read
Flipper Zero can **read NFC cards**, however, it **doesn't understand all the protocols** that are based on ISO 14443. However, since **UID is a low-level attribute**, you might find yourself in a situation when **UID is already read, but the high-level data transfer protocol is still unknown**. You can read, emulate and manually input UID using Flipper for the primitive readers that use UID for authorization.
#### Reading the UID VS Reading the Data Inside
In Flipper, reading 13.56 MHz tags can be divided into two parts:
- **Low-level read** — reads only the UID, SAK, and ATQA. Flipper tries to guess the high-level protocol based on this data read from the card. You can't be 100% certain with this, as it is just an assumption based on certain factors.
- **High-level read** — reads the data from the card's memory using a specific high-level protocol. That would be reading the data on a Mifare Ultralight, reading the sectors from a Mifare Classic, or reading the card's attributes from PayPass/Apple Pay.
### Read Specific
In case Flipper Zero isn't capable of finding the type of card from the low level data, in `Extra Actions` you can select `Read Specific Card Type` and **manually** **indicate the type of card you would like to read**.
#### EMV Bank Cards (PayPass, payWave, Apple Pay, Google Pay)
Apart from simply reading the UID, you can extract a lot more data from a bank card. It's possible to **get the full card number** (the 16 digits on the front of the card), **validity date**, and in some cases even the **owner's name** along with a list of the **most recent transactions**.\
However, you **can't read the CVV this way** (the 3 digits on the back of the card). Also **bank cards are protected from replay attacks**, so copying it with Flipper and then trying to emulate it to pay for something won't work.
## References
- [https://blog.flipperzero.one/rfid/](https://blog.flipperzero.one/rfid/)
{{#include ../../../banners/hacktricks-training.md}}
.png)