Is it possible to read the iPhone's NFC chip as if it were an RFID tag?
I know it's not possible for the iPhone 6 to read RFID tags, and I know that the iPhone API only allows use of NFC for Apple Pay, but is it possible to read an iPhone's NFC chip as if it were an RFID tag?
That is, would an RFID reader be able to retrieve any sort of passive information like a chip's unique ID or something of that nature, by using an RFID reader with something like an Arduino or Raspberry Pi?
Answer
As Michael Gillett already wrote, the anti-collision identifier (frequently used as the ID in RFID), is dynamic and changes on each activation of the secure element in the iPhone. What you could try to do is to access the EMV payment card ("tokenized" credit card) on the secure element. This credit card contains at least a PAN (tokenized primary account number) and possibly also public keys for signature verification. That information should be static (even in the tokenzation case) and, hence, could be used to identify the device.
Take a look at the EMV specifications for contactless payment systems (http://emvco.com) to find out how to access the payment application. Basically you would do something like the following:
- SELECT PPSE
- Find AID of payment application in select response
- SELECT payment application (by AID)
- READ RECORD (file + record number) for the record that contains the PAN/ICC public key
You would need some contactless smartcard reader to send the necessary APDU commands though. An RFID reader that only performs anti-collision to get an ID is not sufficient. However, for both, the Arduino and the RPI, there are such readers (e.g. NFC shield).