Hi there,

Is there anyone know how to retrieve JPN Info (Name,IC,Gender,etc),IC Photo, and Address from myKad?

I am too noob to do so, preferably using vb.net. :>

U need to buy SDK from IRIS, the SDK include of a MyKad reader, driver, installer and SDK. The price is around RM1.5k.

I thought the SDK at the very beginning is free?

First of all, I do not work for IRIS

The SDK should not be free, unless IRIS declare its, its protected by license agreements. But the software developed by the SDK can be free. But the software developed cannot be modify, if you need to use any programming languages, i think u will need the SDK.

Any1 else heard of any SDK that can read MyKad free ?

I'm not confident with this code, but you asked for it. Was having difficulty with VB without pointers. I don't like .NET either, makes program slow, and need more memory.
Please comment.

---
There is one minor edit you can do. The "Get Response" command (named Cmd2 in this code) is not strictly necessary. Therefore you can comment out

in Function SelectApp

This post has been edited by xenon: Aug 10 2007, 08:15 PM

Attached File(s)
 vbSCread.zip ( 31.23k ) Number of downloads: 992
 vbSCread__zipfile_.txt ( 31.74k ) Number of downloads: 295

Thanks a lot. U really fast. Just a day can write out the code. :>

Why u want? U wanna hack it?

no lar...hack it for wat... just wanna retrieve info.

The code u give can decode the MyKad encrypted data?

U must have installedn the MyKad SDK on your dev PC

Declare Function SCardEstablishContext Lib "winscard.dll" _
(ByVal dwScope As Int32, ByVal pvReserved1 As Int32, _
ByVal pvReserved2 As Int32, ByRef phContext As Int32) As Int32
.....

Since you have that Dll, why not share out let me test it, thanks...

(Last time I try regsvr IRIS some dll at other PC face problem, There're some digital cert thingy need to install, Am I right ?)



Even u try to get info from MyKad, but some of the old contain Not enough info for it.

There is no encryption for surface information.
And I do not use SDK. winscard.dll is part of Windows XP.

how to use it???where can I find the card reader??

Do you have a program or SDK that can read all the 8 applications on the card?

No. I need a sample of the device in order to reverse engineer.
Reading of JPN, Driving license and passport information is all we can get from a keychain reader or from SDK that we can possibly buy.
This thread gives the info on the 3 applications mentioned above.
http://forum.lowyat.net/topic/355950/+20

PKI application is possible to discover as well, but I don't have credit card to pay for a digital certificate. www.mykey.com.my

Health info is very much unknown and rarely used.
ATM (Bankcard), I don't think people like to use MyKad as Bankcard as doing so can cause increased wear and tear, as well as being worried for privacy intrusion.
Touch 'n Go, using wireless interface. I guess it's not different from normal dedicated TnG. If you need to reverse engineer TnG, consider using plain TnG instead of MyKad.
MEPS cash, I don't even know how easy/difficult to use this application.

This post has been edited by xenon: Jun 8 2008, 07:42 PM

but can we change the JPN, passport and Driving License application through reverse engg?

Logically thinking, updating of license and passport info requires security clearance. Some form of authentication is needed. I believe if the designer of MyKad do it correctly, it should be a cryptographic challenge-response authentication, or perhaps the updated data have to be digitally signed. On the other hand, if a fixed key is used to enable updating, then the fixed key will be easily leaked out. My guess is that challenge-response protocol is used and a Secure Access Module (which is installed to card reader) can prove to MyKad that it is authority now talking to MyKad. I currently do not have any info on the command used for updating. I believe that knowing the command is not a security threat because MyKad will give a different challenge each time, without the SAM, we don't know the correct response to prove to MyKad for the write access.

The card may or may not implement procedures to update JPN info. In practice, JPN info will never be updated. If you change home address, the whole card needs to be changed.

Oh, yes. Once ago, I heard that MyKAD is a one time burnt-on ROM, which means, it is not editable once data is written to that card. But if it is so, how the passport and the driving license details being updated, since they may expire unlike our personal data.

I believe some type of certificates/crytography they may be using to allow these cards to be able to 'write' again

thanks again, it that any different between read mykid and mykad? or it is same? how about the myPR?

Hi Xenon,

Thanks for your knowledge sharing. Do we need a SAM command/device to read mykad info or only IC command will do?

Thanks

Plz, this thread is like 2 years ago, start a new 1 with your own title, stop digging up history

Reading JPN info, driving licence info and passport info do not need SAM.