Receiving and Decoding NFC with an RTL-SDR and GNURadio

Having been inspired by an NFC activated coffee machine at his work, back in 2017 Jean Christophe Rona uploaded a blog post showing how he used an RTL-SDR and GNU Radio to sniff and decode NFC (Near-Field Communication) tags. His post first goes into detail showing how NFC works and goes on to create a GNU Radio flow graph with custom GNU Radio block for decoding the NFC Miller code. The final result was him being able to demodulate the coffee machine to tag communication. We note that in Jeans experiments he used a standard RTL-SDR dongle with the HF driver hack in order to receive the NFC frequency of 13.56 MHz, but these days it should also be possible to simply use direct sampling on an RTL-SDR Blog V3 unit.

More recently Martin Schaumburg (5ch4um1 on YouTube), wrote in and wanted to share his video showing his replication of Jean's experiments. Martin's video shows him using a simple coiled up wire antenna on his RTL-SDR to receive NFC communication from an NFC reader to NFC tag, and he shares a few tips on getting the software to work.

RTLSDR NFC decoding reader to tag communication with a rtl-sdr and gnuradio.

Update 13 January 2020: Martin has added a second video with some additional information and tests.

RTLSDR decoding NFC, or: how to get two signals for the price of one.

One comment

Post a comment

You may use the following HTML:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.