iCLASS SEOS Credentials

PACSprobe now supports iCLASS SEOS physical access control credentials. It extracts PACS bit data from the access control card and applies the appropriate card format to decode facility code and card number

 

Note that this requires a card reader with on-board SAM (SIO processor). The following readers are supported:

OMNIKEY 5127/5427CK (gen1 and gen 2)

OMNIKEY 5023

 

 

OMNIKEY 5022 iCLASS

OMNIKEY 5022 iCLASS

PACSprobe now also supports legacy iCLASS cards on HID OMNIKEY 5022 and 5422 readers.

This means that now CardWerk’s SmartCardAPI(professional) can be used to access iCLASS cards on any OMNIKEY reader that supports iCLASS cards.

Mutual authentication between host and reader, session key generation and data exchange over a secure channel, are all hidden within PACSprobe.

There is no programming necessary. Just place an iCLASS card on the card reader, select your HID card format, data type and output mode (dialog, clip board or keyboard buffer) and you are set.

Ready to test? Then go to our download page at SmartCard API It contains a download link for PACSprobe.  Installation is simple: unzip the downloaded file and run PACSprobe.exe

Note that PACSprobe requires the reader to be configured with its default keys. Please contact us if you need a version of PACSprobe with custom keys. We’ll be happy to assist with this or similar program customization.

If PACSprobe can get an answer to reset (ATR) and  card serial  number (CSN, UID) with OMNIKEY 5022 or OMNIKEY 5422 when presenting your card, there is a good chance that we can add additional features that are not yet exposed via PACSprobe.

An optional beeper signals card presence and removal via PC speaker. If need be, you can use this setup just like a keyboard wedge which would allow you to drop an iCLASS card number right into a Microsoft Word document or Excel spreadsheet.

We tested this with iCLASS 2KS and 16KS cards on HID OMNIKEY 5022 with default manufacturer settings. Further info about HID OMNIKEY 5022 is available at HID Global’s website 

 
OMNIKEY 5022
iCLASS cards on OMNIKEY 5022 now supported

You might also have a look at SmartCardAPI with its many HelloWorld-like C# samples. That code and SmartCardAPI libraries is the foundation for PACSprobe and it is available to anyone interested in iCLASS storage card integration in a Visual Studio/.NET development environment on readers such as HID OMNIKEY 5022 or OMNIKEY 5422.

We also assist with any reader and card integration tasks beyond PACSprobe customization.  OMNIKEY 5022/5422 and iCLASS is just one of countless reader and card combos.  OMNIKEY 5022 can also read/write PIV/CAC/Mifare cards to name a few, whereas OMNIKEY 5422 also supports IS7816 contact cards

Keyboard Wedge Output

Keyboard Wedge Output

PACSprobe now comes with built-in keyboard emulation. Card data appear as if they were typed in using a standard keyboard. The new keyboard wedge software populates Excel, Word, Notepad or any editable data entry field with card data. PACSprobe’s keyboard buffer output makes it very easy to capture card numbers from HID PROX, iCLASS and many other cards.
Many of you are familiar with so-called “wedge barcode scanners”. These are devices that are originally known as wedges because they sit between a PC keyboard and the PC effectively serving as an additional virtual keyboard. This means every time a barcode is scanned, the PC received barcode data as if it had been typed in. Data can be entered into a field in focus this way.
With the advent of chip cards and RFID tags, there has been growing demand of entering a card number into existing software, similar to a barcode entry. We are making this approach available via a “software wedge”, using CardWerk’s SmartCardAPI(professional) to send data items such as HID Prox card number to the PC’s clipboard or keyboard buffer. This makes it very easy to enter card credentials into any software application without any software developing skills. It also allows import of card IDs into Excel, Word, Access and many more programs. PACSprobe’s new keyboard wedge software feature  eliminates data collection error and makes this utility a quite powerful tool for system integrators and end users alike.
Even though data input via keyboard wedge (software wedge) is somewhat limited and the user must carefully place the cursor to the exact field field where card data needs to go, this approach makes it very easy to integrate smart card technology into existing applications without a steep learning curve.
And remember, if you need to modify card data, add business logic or card tracking features, or if you need to integrate third-party readers and cards into your software, CardWerk can always assist with customization services to implement any custom keyboard wedge functionality you need .
Examples:
– compatibility with existing physical access control panels may require a certain output format – leading zeroes for example
– extracting data from any contact or contactless card and make it available via software edge, clipboard or API
– No need of keyboard wedge reader hardware with on-board keyboard emulation – a standard PC/SC compliant reader does the trick and keyboard wedge functionality is emulated on software level.

iCLASS on OMNIKEY 5427

iCLASS on OMNIKEY 5427

PACSprobe now also supports HID OMNIKEY 5427 CK amd 5127 CK readers with iCLASS SIO processor. The reader has an on-board crypto controller for secure key storage and processing cryptographic protocols in a secure environment. This means that now CardWerk’s SmartCardAPI(professional) can be used to access iCLASS cards on OMNIKEY 5127 CK and 5427 CK readers. PACSprobe accesses data such as card number and facility code through a secure, encrypted USB channel. Session keys are negotiated using state-of-the-art, NIST-approved AES 128-bit algorithm. Mutual authentication between host and reader, session key generation and data exchange over a secure channel, are all hidden. PACSprobe handles all this under the hood. The user interface stays the same. All you’ll notice is support for more card readers. We tested this with OMNIKEY 5427 CK SP 3.1.

HID iCLASS card number support

HID iCLASS card number

I uploaded a new version of PACSprobe today that also supports iCLASS cards on HID OMNIKEY 5×21 card readers. Just like with PROX cards you can select from HID H10301, H10302, H10304, H10320 and HID Corporate 1000 formats to read your card number and facility or site code. Reading raw Wiegand (a/k/a PACS bits) from an iCLASS card can be tricky, because this can only be done via a secure communication channel between host software and card reader. This is to protect USB I/O from recording and replay attacks. Wiegand data must therefore be encrypted under a session key before transferring it from reader to host effectively making implementations with this type of card and matching OMNIKEY reader a much more secure card application than an implementation with PROX  (125 KHz) cards. I tested iCLASS support with HID OMNIKEY 5421, 5021, 5121 and 5321 readers using key fobs and  card form factors. OMNIKEY 5427 CK is not yet supported. It uses a different secure channel protocol that hasn’t been ported from C++ to  C#/SmartCardAPI yet.  

Mifare card serial number (CSN)

Mifare card serial number (CSN)

Thank you for all your feedback and suggestions. It is quite motivating. Here is an example:
“It is great to be able check functionality and UID without getting up and going to an exterior door to try them. Plus the fobs (H10301) loose their printed number pretty quick and I can check the owner of found fob quite quickly now.” Todd G.
I am very excited to publish a new version of PACSprobe today. It now supports all standard HID Prox card formats via simple drop down select box. No more need to know anything about your card format as you long as you know that the card is actually formatted that way. Select from HID H10301, H10302, H10304, H10320 and HID Corporate 1000 formats to read your card number and facility or site code. HID iCLASS card serial numbers are also supported now. Not only that, any contactless storage cards will produce a card serial number based on its unique identifier (UID), a 4 to 7 byte value that is often used to identify cards whenever card keys are not known. You can use this mechanism for popular cards such as Mifare Classic, and Ultralight.

New PACS probe site

New PACS probe site

Welcome to the PACSprobe software blog – a blog about probing physical access control cards via desktop card readers. I will publish notes about new releases, interesting features and many other things with regard to physical access control cards commonly used to access buildings and spaces. I am sure many of you are already familiar with physical access control cards a/k/a prox cards or fobs. They are widely used used  to get access buildings secured with physical access control systems (PACS). PACSprobe checks such access cards electronically, using commercial desktop readers in the 125KHz (prox) or 13.56MHz range. So far we have integrated HID OMNIKEY 5025, 5125, 5325, 5326, and 5427 readers. I’ll write about details down the road. You might also check our website at cardwerk.com for software development services or check out smartcard-api.com, a site offering the libraries used to develop PACSprobe.