How to copy the video intercom RFID tag to a mobile phone and use the phone to open an access control card?

Important Notice: Please ensure this operation is performed legally and with authorization. Copying another person's access card without permission is illegal. This article is for informational and legitimate self-help purposes only.

Core Principle: Why do some phones work while others don't?

Traditional access control cards and most video intercom cards use low-frequency (125kHz) or high-frequency (13.56MHz) RFID technology. The most common types are:

ID Cards: Mostly 125kHz, typically read-only, containing only a globally unique physical ID number. These cards are easily copied, but most phones cannot emulate them.

IC Cards: Mostly 13.56MHz, conforming to the ISO14443 standard. Commonly used bus cards, access control cards, and bank cards are of this type. These cards can read and write data, offering higher security than ID cards.

MIFARE Classic: Such as the M1 card, with lower security, can be cracked and copied. It's the primary target for phone emulation.

MIFARE DESFire: High security, complex encryption, currently unemulated by phones.

The key to emulating access control cards with a phone is:

Your phone needs a full-featured NFC module. This module not only supports card reading but also card emulation. However, for security reasons, mobile phone manufacturers (such as Apple, Xiaomi, and Huawei) usually limit this function to their own "Wallet" or "Public Transport Card" services.

In short:

Items that can be copied to a phone: Mostly unencrypted or encrypted IC cards that can be cracked.

Items that cannot be copied to a phone:

Almost all ID cards.

High-security IC cards.

Some CPU cards with special protocols.

Preparation: Determine Your Card Type

Before starting, determine your card type.

Use a mobile app to detect it (the simplest method)

Search for "NFC card emulator" or "MIFARE Classic Tool" in your app store.

Open the app and place your access card against the NFC area of your phone (usually near the camera).

If the app can read the card information (such as the UID) and displays it as MIFARE Classic, congratulations, this card has a high probability of being copied to your phone.

If it cannot read anything, it is likely an ID card.

If it can read the card but displays another type (such as DESFire, Ultralight, etc.), or indicates encryption, copying will be very difficult.

Physical Appearance Assessment

ID Cards: Usually thinner, the card number is printed on the surface and is a 10-digit number (e.g., 123 456 7890).

IC Cards: Usually slightly thicker, the card number may not be printed or may be printed on the built-in chip.

Method 1: Using your phone's built-in "Wallet" or "Access Card" function (most convenient, but with the most limitations)

This is the most official and convenient method, but its success depends on your phone brand and access control system type.

Supported Models: Most Huawei, Xiaomi, OPPO, vivo, and other Android phones.

Unsupported Models: Apple iPhones do not support simulating third-party access cards (only some partnered campus cards and transportation cards are supported).

Steps (using Xiaomi phones as an example):

Open the "Xiaomi Wallet" app on your phone.

Find and tap "Access Card" or "Access Key".

Tap "Add Access Card".

Place your physical access card against the NFC area on the back of your phone and wait for the phone to read and simulate it.

After successful simulation, you need to name your virtual access card.

Done. To use it, unlock your phone and bring the top back of your phone close to the access control card reader.

Limitations of this method:

Only simulates UID: This method usually only simulates the card's core UID (Unique Identification Number). If your access control system only verifies the UID, then it will succeed.

It does not copy data: It will not copy the sector data and decryption key on the card. If the access control system verifies other encrypted data on the card besides the UID, then this method will fail.

Manufacturer restrictions: Some mobile phone manufacturers restrict the emulation of unofficial cards.

Method 2: Using a Third-Party App + Rooting Your Phone (Powerful, but High Barrier to Entry)

If your phone's built-in access card function fails, or your card is an encrypted M1 card, you can try this method. This requires some technical skills.

Prerequisites:

An Android phone that supports NFC.

The phone must be rooted. (This is a risky operation and may void your phone's warranty).

Install "MIFARE Classic Tool" or other similar professional NFC tools.

Steps:

Crack the Card:

Open MIFARE Classic Tool.

Place the access card against the back of your phone and use the app's "Read Tag" function.

If the card is encrypted, you will need to use the app's "Key Scan" or "Dictionary Attack" functions to crack the card's PIN. This may take anywhere from a few minutes to several hours.

Back Up Card Data:

After successful cracking, the app will read the data from all sectors of the card.

Save this data as a .mfd file. This file is a complete copy of your physical card.

Write the data to your phone's NFC module:

This is the most crucial step. You need to ensure your phone uses the data you just backed up when simulating a card.

In the settings of MIFARE Classic Tool, find the "Simulate" or "Host Card Simulation" option.

You need to set the previously saved .mfd file as the source file for the simulation.

Note: The success rate of this step is highly dependent on the phone's hardware and system. Not all rooted phones can perfectly implement HCE.

Advantages and disadvantages of this method:

Advantages: Can copy complete card information, including encrypted data; success rate is much higher than method one.

Disadvantages: Complex process, requires root access, carries security risks, and requires high technical skills from the user.

What if the above methods fail?

1.Contact property management/manager. This is the most direct and effective method. Ask them if they support writing access cards to your phone's NFC function. Many new access control systems now support this official method.

2.Use a "blank card" or "card sticker." Purchase a writable blank IC card or an ultra-thin NFC card sticker (like a sticker). Then, using method two above, write the cracked data into this blank card or card sticker, and then stick the card sticker inside your phone case. This way, your phone is essentially "carrying" a copied card.

Unlike Android phones, Apple phones cannot directly copy a regular, third-party video intercom RFID access card to the iPhone and open the door with the phone.

Core Reason: Apple's NFC Policy

Apple employs a strict, "walled garden" approach to controlling the NFC function of iPhones, primarily for security and business ecosystem considerations.

1. NFC Functionality Locked:

On Android, apps can access NFC's "read," "write," and "emulation" functions relatively freely.

On iPhones, third-party apps only have permission to read NFC tags (such as posters and product information), completely lacking "card emulation" permissions.

2. Card Emulation Permissions Exclusively Reserved for "Apple Wallet":

The sole "card emulation" function is firmly controlled by Apple within its own Apple Wallet. When your iPhone swipes a card, it emulates a virtual card managed by Apple's Secure Element, not directly emulating the access card data you provide.

3. No Direct Cloning of Third-Party Access Cards Supported:

iPhones do not provide any official entry point for you to directly "tap" and copy a physical access card, like with Xiaomi/Huawei Wallets.

Alternatives for Apple Users

While direct copying isn't possible, Apple provides two official methods, but both require property management cooperation.

**Option 1:** Using the "Home Key"

This is achieved through Apple's HomeKit smart home ecosystem.

**Requirements:**

Your door lock or access control system must support Apple HomeKit.

And the lock must support the "Home Key" feature.

**How to Use:**

In the "Home" app on your iPhone, add and set up your smart lock.

Once configured, the lock's virtual key will be automatically added to your "Wallet" app.

To use, simply bring your iPhone or Apple Watch close to the lock to unlock it.

**Current Status:** This only works for some newer, high-end smart locks. It's not applicable to most traditional video intercom RFID access control systems.

**Option 2:** Using "ID Card" or "Hotel Key" Access (Requires Property Management Support)

This is currently the most feasible, but uncertain, official method for traditional access control systems. Its essence is not "copying," but rather "issuing a new credential."

How it works: The property manager uses a specific partner platform to generate a virtual credential for your access control privileges and distributes it to your Apple Wallet. This is similar to a hotel issuing an electronic room key to your phone after check-in.

Requirements:

The most crucial point: Your community's access control system provider/property management must support and enable this service. They need to integrate their system with Apple-authorized partners (such as HID, etc.).

The property manager needs to operate the backend to bind your Apple ID's associated phone number or email address to the access control privileges.

How to do it:

Contact the property management: Inquire if they support adding access cards to the iPhone's "Wallet" app.

Receive an invitation: If supported, the property management will send you a link or notification.

Add to Wallet: Click the link and follow the prompts to add the virtual access card to your Apple Wallet.

Practical Advice for Apple Users

If the official solutions above don't work, here are some alternatives you can consider:

1. First Choice: Strongly Recommend Contacting Property Management

This is the most direct and effective method. Simply ask, "Does our building's access control system support opening doors with an iPhone?" If they plan to upgrade their system, your inquiry will expedite the process.

2. Use an NFC Card Sticker (The Most Practical Physical Solution)

Purchase an ultra-thin, writable NFC card sticker (like a sticker).

Find an Android phone with NFC functionality and use an app like "MIFARE Classic Tool" to crack and read your access card data, then write it to this blank card sticker.

Peel off this sticker and stick it inside your iPhone case.

This way, your iPhone is essentially "carrying" a copied access card. Simply swipe it while your phone is in the case to open the door.

Advantages: Low cost, no requirements for the iPhone.

Disadvantages: You need to carry an extra item inside your phone case; if the access card is encrypted, the cracking and writing process requires some technical skills.

3. Using the Apple Watch's "Camera" function (indirect solution)

If the access control system supports both card swiping and QR code scanning, you can take a screenshot of the access code and import it to the Apple Watch's "Camera" screen. You can then scan the code by simply raising your wrist, which is more convenient than taking out your phone. However, this is completely different from NFC copying.

Following these guidelines will allow you to add RFID to your phone. If the problem persists after following the steps above, please contact Anjielo Smart Support for accurate guidance specific to your model.