After writing your Java Card application (we call it applet) in your IDE (Such as Eclipse or Netbeans), you have the following steps to communicate with it on a real smart card : Convert the .java file to .class file Convert the .class file to .cap file using converter tool...
java,memory-management,bytearray,javacard
In case the pinSig value is always 64 bytes long you should use the following implementation: public void setpinSig( byte[] sig){ javacard.framework.Util.arrayCopy(sig, (short) 0, pinSig, (short) 0, (short) 64); } ...
As you may notice, the returned values are not all zeros. The first 3 bytes of the response contains the exponent. What's wrong is your usage of getSize() method. This method actually returns the key size KeyBuilder.LENGTH_RSA_512 and not the size of the key component. The size of the exponent...
security,smartcard,javacard,apdu,pin-code
For user authentication, the OwnerPIN is certainly one good way to go (there are alternatives ofcourse, but OwnerPIN provides security features (e.g. tearing protection) that you would otherwise have to implement manually). For terminal authentication, nothing should prevent you from using an approach based on an instance of the OwnerPIN....
java,algorithm,encryption,smartcard,javacard
you are totally mixing up things. FIRST there is Global Platform. Global Platform specifies how to interact with the card manager/security domain: e.g. how to authenticate with the card manager, how to upload a cap file, how to install a cap file, to lock the card to unlock the card...
java,exception,applet,javacard
As the smart cards haven't any battery inside, you can't have any try ... catch ... like this. Alternatively you can take advantages of Transactions. The Transaction APIs are provided just for your goal. The operations that are between beginTransation() and commitTransation() methods, apply only if the commitTransation() complete successfully....
java,cryptography,javacard,jcop
The problem is in these two methods getExponent() and getModulus(). You are storing exponent and modulus into buffer's index ISO7816.OFFSET_CDATA (index 5) but sent it outside from buffer's index 0. Compare the correct approachs with the wrong approach: Wrong: private void getExponent(APDU apdu) { byte[] buffer = apdu.getBuffer(); short length...
I think you are mixing two problems: 1. Algorithm support You can easily install your applet, which uses AES, on a card without AES. The absence of AES would cause runtime exceptions in the moment you try to create an instance of the cryptographic object: Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false); or KeyBuilder.buildKey(KeyBuilder.TYPE_AES, KeyBuilder.LENGTH_AES_128);...
Your file is a JCOP Shell script, you can open it in any text editor and have a look or make some changes. Using JCOP Shell script you can open SC readers, select javacard applets, send some APDUs to your applet, write your own testing scenarios etc. JCOP Shell script...
smartcard,javacard,globalplatform
A native method is a method written in another programming language (i.e. not in Java) that can be invoked by a Java program. For smartcards, a native method is typically written in C code or machine code and is directly executed on the underlying smartcard processor (whereas Java Card applications...
Yes, there is. 1- You can use GlobalPlatformPro.It's an opensource, well-documented and easy use tool for card's content management. Quoted from its website: Load and manage applets on compatible > JavaCards from command line or from your Java project with a Do What I Mean approach. 2- For sending APDU...
cryptography,certificate,rsa,javacard
Possible yes, but it would mean that you would have to implement a minimal Certificate Authority (CA) within your smart card. And if this certificate is not self signed then you need to generate or import the private key of the CA as well. Furthermore, smart cards are often pretty...
First problem: Put the extracted address of JavaCard bin directory in the PATH environment variable. i.e replace %JC_HOME%\bin with E:\JavaDevTools\java_card_kit-2_2_2\bin and it will works fine. Second problem: The origin of this problem is answered here : When installing a public JRE (used by the Java plugin), a java.exe file is...
Object deletion is typically performed during start up. So basically the system can sweep the memory just like a normal Java Garbage Collector at that time. If no references are found to a specific object, then the space occupied by that object can be collected. As the oldBuffer reference is...
smartcard,javacard,smartcard-reader,globalplatform,jcop
It's trying to connect to the 3rd reader of your system. So, If you have just one card reader connected to the system just use card_connect instead of card_connect -readerNumber 3 ...
java,cryptography,javacard,elliptic-curve
Your prime is not big enough. For curves over F(p) of 512 bit you should use 512 bit primes. Your first byte, (byte) 0x25, however starts with a hex digit 2. That means that the first byte first starts with 2 binary digits set to 0, meaning that you've defined...
java,random,javacard,random-seed
setSeed() supplements rather than replaces the seed for a Java Card RandomData object, just like SecureRandom on Java SE. This is however not made explicit in the API up to 3.0.4. However, if you read the text of the constant ALG_PSEUDO_RANDOM you'll get: Utility pseudo-random number generation algorithms. The random...
java,bouncycastle,javacard,apdu,elliptic-curve
The public key returned in JavaCard is formatted as follows: 04 x y. In the terminal side, first you must extract x and y coordinates. Then, KeyFactory kf = KeyFactory.getInstance("ECDSA", "BC"); ECPoint point = new ECPoint(x, y); ECParameterSpec domainparameters = new ECParameterSpec(...); // initialize your domain parameters ECPublicKeySpec spec =...
smartcard,javacard,globalplatform
yes it is an ISD (issues security domain), not App no One question per post please....
In method, private void getKey( APDU apdu , byte[] data) you need to call, apdu.setIncomingAndReceive(); Remember: This is the primary receive method. Calling this method indicates that this APDU has incoming data. This method gets as many bytes as will fit without buffer overflow in the APDU buffer following the...
smartcard,javacard,3des,parity,globalplatform
You are only flipping the parity bit which is not used nor checked by the card (or software). Which means the outcome of ciphers is the same, yes.
android,nfc,android-4.4-kitkat,javacard,hce
No, while the Android HCE documentation lists the possibility to use secure element-based card emulation, there are several problems hindering the use of a secure element in current devices: Nexus devices have a proprietary API for access to embedded secure elements only (no API for access to UICC/SIM card-based secure...
Although we cannot see intent of an author, the line: byte CLA = (byte) (buffer[ISO7816.OFFSET_CLA] & 0xFF); is 100% equivalent to: byte CLA = buffer[ISO7816.OFFSET_CLA]; Java does often use integers as result of operations, and because Java Card usually does not support int values, it is often needed to cast...
java,rsa,public-key-encryption,javacard
The issue is that BigInteger by default encodes to a signed big endian representation. If you decode the bytes using the constructor it does the opposite, i.e. it expects a signed value. Now most cryptography is performed on (large) unsigned integers. This is because the calculations are performed within a...
You won't be able to buy a chip without operating system, which might either be a native operating system or a javacard environment; this would also be somewhat useless, since you could not introduce the operating system later. (Recently situation became a little bit more complicated, since now there are...
smartcard,gsm,javacard,sim-card
Yes, both are smart cards. Surely there are some specific applications: the SIM and USIM application theyself, the Remote File Management, Remote Application Management, browser application ([email protected], WIB), etc. The SIM card specification is defined first. Later on, the USIM specification. The backward compatibility is required so that subscribers...
The general answer : Unfortunately no, currently there is no other way than using Java Card API to program a Java Card compatible card. The detailed answer: Some kind of cards have a mechanism named "Secure Box". As mentioned in the JCOP v2.4.2 r3 card Security target : The Secure...
The answer is simply because each array (and other objects as well) requires 'header' to indicate its type, its size, etc. You need to read carefully on JCRE and JCVM specification for this. I haven't check the precise size of the 'header', but you can imagine it as (100 +...
Basically with Java Card Classic you are limited to the APDU interface. This interface has been specified in the Java Card API and the ISO/IEC 7816-4 standard. It is of course possible to channel any kind of protocol through an APDU interface, but you would have to program it yourself....
Sometimes Eclipse fails to completely delete the .class files or .cap files on Windows machines, usually due to a program (e.g. McAfee or another virus scanner) locking files. In that case not all files will be deleted. In that case the right builders may not get triggered and you will...
getSize() returns the bit length of the key, not the byte length. You are probably running out of RAM. 2.((RSAPublicKey) thePrivateKey).getExponent(publicKey, (short) publicKeySize); This won't work! You are asking for the exponent to be stored at offset publicKeySize in array publicKey -- that is, at the very end of...
AID's are hierarchical. The Java Card runtime simply chooses the first one that matches against the bytes given, even if the AID contains more bytes. It may select the second one if you fire the SELECT again. To resolve this give the Applets AID's that are distinct even for the...
There is no build in command for this as the card does not expose this information so the answer is no. That said, this is not the first time this has come up, and the solution space is not empty. Check this page which uses an Applet + tool to...
I found in ISO7816-3 , "Sw1 =60 is a NULL Byte, it request no action on data transfer" . this was the cause of communication error.. when i tried for 9000 , same code works good in simulator and real card...thanks for all
You must declare checked exceptions only. You may declare unchecked exceptions, to indicate they are likely to be thrown. For example parseInt(String s) declares it throws a NumberFormatException, even though it is unchecked, because it is likely to do it (passing it not a number is a common scenario). From...
smartcard,javacard,globalplatform
1-What is the origin of first error? Is it illegal to upload two .cap file that are different in AID and have an equal PkgAID in two step? Yes. You have uploaded that package. Therefore, it is forbidden to upload the same package again. Here, you have two options: Directly...
smartcard,javacard,globalplatform
Security domain with AM privilege can perform all the Card Content Management operations without an authorization, However SD with a DM priviledge requires a Authorization of the Card Content MAnagement Operation from a SD with AM privilege via Token verification. Please go through Table 6-3 of GP2.2.1 for Privilege Assignment...
for-loop,memory-leaks,javacard
The x variable does not really exist in byte code. There are operations on a location in the Java stack that represents x (be it Java byte code or the code after conversion by the Java Card converter). Now the Java stack is a virtual stack. This stack is implemented...
performance,memory,smartcard,javacard
Of course, memory gets loaded on a page by page basis. If your array ends up in two or more pages, and only the first page gets loaded by the JIT (because reasons, it's very hard to track memory once the JIT and GC touch it) but the last one...
You have a single applet installed: AID: 0102030405060708090002 (|...........|) App SELECTABLE: (none) And you have a package with 3 applets loaded: AID: 01020304050607080900 (|..........|) ExM LOADED: (none) 0102030405060708090002 (|...........|) 0102030405060708090001 (|...........|) 0102030405060708090000 (|...........|) You can only delete one existing applet 0102030405060708090002 and you can't delete the package 01020304050607080900 without either...
java,performance,time,smartcard,javacard
You run the algorithm is in two different platform, so the final machine language is not the same.
You didn't searched good enough! If you do a quick look at status words table you will see SW1=6CXX means Wrong Le field; SW2 encodes the exact number of available data bytes So you must send the below command: 80|00|00|00|0B! Table of Status Words : ...
Version 1: Buffer stored in EEPROM as an instance variable. This is OK. Version 2: Buffer stored in EEPROM as a class variable. This is OK. However, there might be some security issues with static fields as mentioned here https://community.oracle.com/thread/1752580: The JCRE creates a context shared by any instance of...
There is a little bug in your code. You want Util.arrayCopyNonAtomic(generatedRandom, (short) 0, buffer, (short) 0, (short) buffer[ISO7816.OFFSET_P2]); instead of Util.arrayCopyNonAtomic(generatedRandom, (short) 0, buffer, (short) 0, (short) ISO7816.OFFSET_P2); General rule: ALWAYS surround the content of your process method with a try-catch block and set status words according to the type...
applet,smartcard,javacard,apdu
I guess you do the "good practice" of "if selectingApplet() then return" in process? You need to process the incoming APDU instead of simple return. You can return data to select the normal way, but be careful to return 0x9000 if the select was successful....
smartcard,javacard,globalplatform,jcop
I'll answer in order: see the JCOP admin or user manual (this is information that is usually protected by non-disclosure agreements) to identify the product no ...
Q1 StackOverflow is not meant to be a site for peer code reviews. Just a few obvious observations nevertheless: Follow the Java code conventions: myCipher instead of MyCipher, KEY_IN_NOT_SET_GOOD instead of KeyInNotSetGood etc. (see https://google-styleguide.googlecode.com/svn/trunk/javaguide.html). These rules can improve the readability of your code a lot. Never use static method...
eclipse,eclipse-plugin,smartcard,javacard
I set eclipse with java kit 2.2.2 then I close eclipse window and replace the contents of java kit 2.2.2 with contents if java kit 2.2.1 and the problem solved.
smartcard,javacard,globalplatform
With gpshell, you can use the put_sc_key command: put_sc_key -keyver <current key version> -newkeyver <new key version> -mac_key <mac key> -enc_key <enc key> -kek_key <kek key> [-current_kek <kek key>] I don't think that changing keys is possible with GPJ. The GUI of jcManager has nice self-explanatory text-fields and buttons that...
android,smartcard,at-command,javacard,sim-card
There can be two different types of applets present on your SIM card. Common applets Common applets written in plain JavaCard. This is the type of applet you are used to from the world of common smart cards. It has the process method and smart card is the passive subject...
smartcard,javacard,globalplatform,jcop
Q1: What/where is the historical byte of my card? How I can analyse them? A1: You can enter an ATR in this site and it will parse it for you. Based on that the historical byte of your card is 4A 43 4F 50 32 34 32 52 33. Q2:...
smartcard,javacard,globalplatform,jcop,nxp-microcontroller
No they are native modules that need to implement a rather generic Java Card defined - byte array oriented - method interface (it's in the JCOP extensions, look for it). Normally you would need to program in C, e.g. using the Keil dev. kit and then send the resulting code...
The .jar is actually just an installer. You'll have to run it to get the real runtime using java -jar <file.jar>. Then you should get the SDK.
It slipped my mind that you could do: if (num < 256) { return (byte) num; } That should have settled it for now considering the num which is the amount to pad is less than 256 for PKCS 5 and 7 padding as per RFC-1423, RFC-2898 and RFC-5652....
smartcard,javacard,smartcard-reader,globalplatform,pyscard
Q1: Changing Protocol is possible. Information which protocols are supported by hte card is transceived via ATR/ATS. The terminal then can decide which one to use. So it is dependend from your Terminal shell if protocols are selectable or not. For JCOP Shell this is /change-protocol. However is do not...
A1: Please read this: http://www.oracle.com/technetwork/java/javame/javacard/download/releasenotes-jsp-1440109.html The Java Card 3 platform consists of versions 3.0, 3.0.1 and 3.0.4 of the specifications and versions 3.0.1, 3.0.2, 3.0.3 and 3.0.4 of the development kit. SDK 3.0.3 targets specification 3.0.1. A2: (also applies to A1) you can use ant-javacard: open source, cross-platform, all JavaCard...
smartcard,javacard,globalplatform
From the INITIALIZE UPDATE command you send, you get host_challenge = 00 00 00 00 00 00 00 00 In response to the INITIALIZE UPDATE command, you get diversification_data = 00 00 11 60 01 00 8A 79 0A F9 key_information = FF 02 sequence_counter = 00 11 card_challenge =...
You can't apparently interpret the output from the tools and gpj does not really make it easy either. Applet AID and package AID are different things and only selectable applets can be selected. Not to mention the issuer security domain, which is a different thing in the first place. Also,...
smartcard,javacard,globalplatform
ExM means "Executable module" which means "package". N/A Yes. Have a look here for example: https://github.com/martinpaljak/AppletPlayground/blob/master/build.xml#L53 You really have to go and read some documentation before asking. This is a programming forum....
Maybe that's simulator limitation problem to support ALG_SECURE_RANDOM. Please try ALG_PSEUDO_RANDOM instead. From Class RandomData: ALG_PSEUDO_RANDOM Utility pseudo-random number generation algorithms. The random number sequence generated by this algorithm need not be the same even if seeded with the same seed data. Even if a transaction is in progress, the...
digital-signature,smartcard,javacard,apdu,ecdsa
It's probably that signLen is larger than the Ne value (incorrectly called Le in the JavaCard specifications). You are also abusing the Le value to mean (short) MESSAGE.length by the way. Ne indicates the maximum number of bytes that are expected to be send back.
transactions,smartcard,javacard
Although we cannot look into the card, it seems a higher chance that there is protection against this attack and that a countermeasure has been triggered. A useful countermeasure is to "mute" the card, so no information is leaked back to a possible attacker. This may mean that the card...
smartcard,javacard,globalplatform
You should require about the Global Platform state of the card. 6982 is a general status word that means "Security status not satisfied", so your card may be in the wrong state (e.g. the Global Platform LOCKED or TERMINATED state). It could also be that you are using an invalid...
Smart card specifications: Global Platform Card Specification (This is v 2.2.0.7, your card may was compatible a lower version) ISO/IEC 7816 (Regularly you need part 3 and 4) Java Card applet development kit (including API Specifications + RE and VM Specification): Java Card Development Kit 3.0.2 (Download the version that...
Make sure that you extract contents of JCDK. Normally in this folder, there are 4 ZIP files, and you must extract them. More over, the Eclipse-JCDE plugin is compatible with JCDK 2.2.2 only (You can use JCDK 2.2.1 with it also, but it is a little tricky) For the JCDK...
javacard,apdu,sim-card,globalplatform
Security Status Not Satisfied error code occurs only when some pre-requisite authentication conditions are not satisfied before sending the APDU command. Updating APDU access rules (i.e. Access rules stored in ARA) required proper authentication, without doing proper authentication you can not update the AR in ARA applet, so only...
java,encoding,javacard,ecdsa,pkcs#8
You can implement this function like this: Card side: 1 KeyPair.getPublicKey() --> publicKey; 2 publicKey.getW() --> W; 3 Send W to outside; Standard java application side: 1 get W data bytes; 2 W data bytes --> ECPoint; 3 Build PublicKey with the ECPoint generated in step 2 use the class...
I am going to answer my own question after some research. My problem was an old ISO7816-3 standard as Guidot mentioned in his comment. According to current ISO7816-3 and ISO7816-4 odd INS codes are valid. The only invalid INS values according to current ISO are 6X and 9X. The reason...
java,applet,smartcard,javacard
There is a development kits called JCIDE, is free. After installation, can be used directly, no configuration parameters. Unfortunately, when debugging, only set one breakpoint, but normal use is enough. I feel very good, recommended to you.
smartcard,javacard,globalplatform
The card uses SCP02 as indicated in the key information returned for the INITIALIZE UPDATE command. Thus the card challenge has 6 bytes and key derivation data based on a key-specific constant (01 82 for S_ENC) and the sequence counter (00 16 as sent by the card in the INITIALIZE...
android,nfc,smartcard,javacard,sim-card
Receiving status code 6999 in response to the SELECT (by AID) command is a clear indication that the applet was not found/not selectable. If the applet has been installed and is selectable (using the same AID) over the contact interface of the UICC/SIM card, then it is likely not made...
bouncycastle,javacard,elliptic-curve,diffie-hellman
There is a problem in your implementation of KeyAgreement.ALG_EC_SVDP_DH in the terminal side. The correct length of output of the this method of key agreement should always be 20 bytes since SHA-1 is being performed on the derived output. So in your terminal side, you should perform SHA-1 after generating...
That depends on where you allocate the array (persistent memory, transient memory) and on the available memory on your specific card. The technical limit for an array's size in Java Card is 32767 elements, because array indices are of type short and can only be non-negative values. You can get...
smartcard,javacard,mifare,emulation
The open source project you already found is indeed unfinished, incomplete, incorrect. NXP features an emulation that is avaiable by activation during prepersonalization (not on all cards i suppose) I have implemented an almost complete and tested DESFire applet(only supports transparent files and does not support native mode but...
After all I have found a solution. I didn't find an elegant solution though. Netbeans uses jc-pack Ant task to convert files into .cap. This task is defined in Packager class which is included into src folder of the jcdk installation folder. The convertation process is in Packager.java line ~205....
smartcard,javacard,globalplatform,jcop
Before a smart card can be used, it needs to be "pre-personalized": some basic settings need to be written, ISD keys initialized, etc. If a card is not pre-personalized, it will not respond to normal APDUs. The pre-personalization process is vendor-specific and there is a chain of trust involved, so...
performance,cryptography,bit-manipulation,bit-shift,javacard
When it comes for speed, known length, hard-coded version is the fastest (but ugly). If you need to shift more than one bit, ensure to update the code accordingly. output[0] = (byte)((byte)(input[0] << 1) | (byte)((input[1] >> 7) & 1)); output[1] = (byte)((byte)(input[1] << 1) | (byte)((input[2] >> 7) &...
There is a bug in your code. Your doHash method does the hashing as from a twice as long input (it computes the hash from "XX" instead of "X"): HashObj.update(buffer, ISO7816.OFFSET_CDATA, buffer[ISO7816.OFFSET_LC]); HashObj.doFinal(buffer, ISO7816.OFFSET_CDATA, buffer[ISO7816.OFFSET_LC], hashedValue, (short) 0); The update method is for long inputs only - it does all...
Maybe this card is not supported by OpenSC Check the SupportedHardware list. Verify it with opensc-tool --name to see if some driver knows how to handle your card. The expected result of the command is a line with a card driver name. ...
smartcard,javacard,globalplatform
I'll provide two answers, as you've asked two questions. Please try and ask one question per question. The .cap file is different because the single .cap file is little more than a .zip archive. You can simply change the file extension to .zip to see the contents. A .zip can...
security,cryptography,smartcard,javacard
Smart cards that are able to perform asymmetric cryptography always do this using a co-processor (that usually contains a Montgomery multiplier). Most smart cards (e.g. the initial NXP SmartMX processors) still operate using an 8 bit or 16 bit CPU. Those CPU's are not designed to perform operations on large...
Initialize update and ext auth commands are to establish secure channel between off card and on card entity. While 00 20 .... apdu is for verify card manager pin. So all cards which are GP compliance will support both. There is card manager which is the owner of card so...
applet,smartcard,channel,javacard
Yes it's possible. You need a card that supports additional logical channels.In that case, you can select more than one applet simultaneously.(One applet per each channel) Fortunately current cards support some additional logical channels. But remember that if you want to select (at least) two applets of a single package...
java,applet,javacard,apdu,pcsc
Previously Global Platform borrowed the RID (the first 5 bytes of the AID) from VISA. This is because of historical reasons. Global Platform is now a separate entity but Open Platform - as it was once called - was started by (at least) VISA. There are many RID's registered. However...
transactions,garbage-collection,smartcard,javacard
Well I think it might be an implementation bug. In general, garbage collection is usually never needed and never used on smartcards. You should avoided it under any circumstances by good applet design. Because that way you never run into memory problems, which are bad for a smartcard thats installed...
smartcard,javacard,smartcard-reader
6982 on INITIALIZE UPDATE typically means card locked. This is irreversible, at least without further knowledge of the card operating system.
As I didn't know which one of DES_ECB_PKCS5, DES_ECB_NOPAD, DES_ECB_ISO9797_M2 or DES_ECB_ISO9797_M1 being used by the online tool That´s the problem. Blockmode, padding and other things are very important (and there are so much more than 4 combinations). And in case of online tools, charset stuff (input interpretation in...
java,cryptography,javacard,apdu,elliptic-curve
The problem is likely: pubKey.setW(apduBuffer, ISO7816.OFFSET_CDATA, ISO7816.OFFSET_LC); First of all, you should not use ISO7816.OFFSET_CDATA and ISO7816.OFFSET_LC directly. Use APDU.getOffsetCData for the location of the command data and use APDU.setIncomingAndReceive to get the Nc value (Lc is the encoding of the Nc value). Currently your code is failing as you...
smartcard,javacard,globalplatform
As suggested before: you can get detailed information from the GP specification. Consider -i a "dump data from card useful for debugging and other purposes". It dumps card data, CPLC and key template of the ISD. If you don't know what that means, read the specification.
The install method gets called when you install te applet. The process method gets called when you (select first and)send a command to an instantiated/installed applet. This means that the install method will get called first and thus: your first error is tat you want to write to an uninitialized...
Answer to your questions : I want the Card Manager to do a DAP verification during uploading my file. What shall I do? There are following two scenarios, if any one of the scenario will occur then DAP block will necessary in the Load block : 1.If any Security Domain...
Where are these applets in the card? (in the MF or in a DF?) Consider each Java Card application to be a DF directly below the MF. Though, be aware that Java Cards only make use of parts of the ISO 7816-4 file system concept and that the MF itself...
java,eclipse,rsa,javacard,apdu
According to the JCDK User's Guide (for JC 2.2.2) the CREF (C-language RE) implementation supports the following alogirthms: 112-, 128-, 160-, 192-bit ECC 512-bit RSA Therefore, the line rsa_KeyPair = new KeyPair(KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_2048); should throw a CryptoException.NO_SUCH_ALGORITHM when executed in CREF (as CREF does not support 2048-bit RSA). Besides that...
android,nfc,javacard,ndef,contactless-smartcard
The only way to trigger specific actions through NFC on an Android system (e.g. open URL, transfer a contact, etc.) without the need for a custom app is to use NDEF formatted data. You would therefore need to create an applet on the card that implements the NFC Forum Type...