Python client for the $20 Colmi R02 smart ring

Is there a similar ring with NFC?

I have no use for the smart health thingies, which really look like a data driven health gimmicks to me.

NFC on the other hand I could find hundreds of applications, from payment to access and transport cards.

I think you're onto something.

I would be ok with a watch too.

They do exist, I believe. I don't have one but came across many for sale on AliExpress when looking for a writer to clone my RFID apartment door entry thingy. Seems like they even have some that are dual NFC/RFID that would work as regular NFC as well as for my apartment door (125khz).

The problem with that idea is that all secure implementations of RFID lock the user out, meaning you can't just buy an NFC ring/fob/implant and copy your bank card or transit card onto it. The only implementations where the user can do that are terribly insecure and, while still commonly used, are slowly getting phased out.

So for anything other than systems you control or are good friends with the IT guy for, you're out of luck.

Yes. I have the Z1 Ring.

Getting secure tokens (like payment, door unlock, etc) is possible but can be complicated. The ring is a small target, so not always easy to find the received if you're using it with a phone.

Oh, and the software is low level and finickity. I managed to accidentally set mine to read only mode permanently.

Review at https://shkspr.mobi/blog/2024/02/giving-the-finger-to-mfa-a-...

Right I agree with you on theory. But in practice, I already do clone most of my smart cards on small NFC stickers on the back of my phone case.

The things is 99.9% of access cards (where I leave at least) are default-encrypted mifare classic, making cloning trivial. Transport cards are an other beast since they have their own backlog and proper encryption, but there are ways.

So all in all, dumping the card is not the issue for me, it's the medium on which to put the clones that is still a question mark.

The "NFC sticker on the back of the phone" is cool because it's almost as if your phone opens the door (stock android won't let me easily swap NFC SC ID), but NFC is fidgety when multiple chips are in close proximity, leading to frequent misses.

I have found multi-chips NFC cards on Ali Express. These are basically a single antenna wired to an array of chips directed by a keypad. That seems viable on paper but you still get to carry the card and press the right switch.

The ideal solution would be a smart ring with a reflashable NFC chip, along with a programmable MCU to implement the rolling logic between cards.

A friend of a friend mods Casio watches[0] to have NFC, and sells them on his website.

[0] https://delaveris.com/collections/nfc

Dangerous Things (popular RFID/NFC implant makers) sell dual 125khz+13.56mhz clonable rings, but they're way overpriced ($130). I bought my "V1" back when they were still $60, and FWIW, if you know what you're doing, it does work.

I've also seen some rings on Aliexpress that purport to support the same capabilites, but havent personally tried them out yet.

I have a suspicion this is a whitelabeled NFC ring I got from AliExpress for $12. That one includes a T5577 chip and a Mifare tag. You can read and write the Mifare tag with your phone, as normal, and the T5577 with a Flipper Zero or a Proxmark (also from Ali, $40).

The NFC tag is a small target, probably because of the size of the antenna, but the RFID one has pretty good range. I got five of those rings, very much recommended if you have stuff to auth to.

Reflashing the NFC chip on the ring is a bit of a pain (it takes a second, but if I have to spend a second doing it every day, I might as well get my keys out). Since every phone has an NFC chip nowadays, though, can't we use that to emulate all our Mifare cards?

I've tried the Aliexpress ones, they work fine. I have like five of them.

> can't we use that to emulate all our Mifare cards?

Unfortunately, no.

From my experience at least, most access cards are simple mifare classic cards, and they have no payload: the reader just got a list of allowed card IDs, maintained by the building IT.

While you can freely rewrite mifare data from Android, it won't let you change your ID unless you root your phone. I guess this is similar to the old days where you weren't supposed to change your MAC addresses.

I think your suspicions are wrong. Those $12 rings will allow you to serve NDEF messages or similar. They won't do U2F, payment, car unlock etc.

Sounds interesting, which sticker are you using?

It doesn't look like the Z1 does payment either, though. I don't know how they do U2F, but it looks like it comes with a custom reader, which is non-standard. I don't know how Tesla unlock works, so I can't say there.

There is no custom reader. It works with standard NFC readers on Linux and Android.

Ahh interesting, thank you.

I have no use for the smart health thingies too, but instead of NFC I want to use it as a controller and display.

Is there a ring with touch or physical buttons. A clicky wheel would even be better. As display I image multiple discreet RGB-leds, but other option could work as well.

Which vendor did you buy from?

When aquiantances ask me for recommendations I always tell them to look into Aliexpress over Dangerous Things as they're significantly cheaper, but I've also heard really mixed things about the various offerings on the site.

The only time I've been scammed was when I bought a 16 TB USB drive for $3, or a $10 mosquito bite thing that didn't work. Basically, if the thing sells for much cheaper than anywhere else, it's a scam, otherwise you're OK.

I've bought from Ali hundreds of times, maybe thousands of items. The quality isn't always great (what can you expect for the price?), but it's very rarely scams.

Stay away from microSD cards, though.

I'm still disappointed the Samsung ring didn't come with nfc payments, therefore I didn't buy it.

What an oversight by their executives, are they even doing their jobs, do they even know their market. And the price? Absurd.