Tagged: NFC

Receiving and Decoding NFC with an RTL-SDR and GNURadio

Having been inspired by an NFC activated coffee machine at his work, back in 2017 Jean Christophe Rona uploaded a blog post showing how he used an RTL-SDR and GNU Radio to sniff and decode NFC (Near-Field Communication) tags. His post first goes into detail showing how NFC works and goes on to create a GNU Radio flow graph with custom GNU Radio block for decoding the NFC Miller code. The final result was him being able to demodulate the coffee machine to tag communication. We note that in Jeans experiments he used a standard RTL-SDR dongle with the HF driver hack in order to receive the NFC frequency of 13.56 MHz, but these days it should also be possible to simply use direct sampling on an RTL-SDR Blog V3 unit.

More recently Martin Schaumburg (5ch4um1 on YouTube), wrote in and wanted to share his video showing his replication of Jean's experiments. Martin's video shows him using a simple coiled up wire antenna on his RTL-SDR to receive NFC communication from an NFC reader to NFC tag, and he shares a few tips on getting the software to work.

RTLSDR NFC decoding reader to tag communication with a rtl-sdr and gnuradio.

Update 13 January 2020: Martin has added a second video with some additional information and tests.

RTLSDR decoding NFC, or: how to get two signals for the price of one.

Listening to an NFC Polling Signal from a Nexus 7 with an RTL-SDR

Over on YouTube user 2e26tenW has uploaded a video showing reception of the second harmonic of an NFC polling signal with his RTL-SDR. NFC stands for “Near Field Communication” and is a technology that enables smartphones and other devices to communicate with one another and some smart cards simply by bringing the two devices together.

In his experiment he uses a Nexus 7 tablet to poll an NFC enabled transportation card. As the RTL-SDR cannot receive the NFC frequency of 13.56 MHz directly without an upconverter or hardware or software direct sampling modified dongle, 2e26tenW instead tunes to the second harmonic at 27.12 MHz which allows him to receive the signal.

Nexus 7 NFC polling signal (2nd harmonic)