NTAG213F/216F
NXP Semiconductors
NFC Forum T2T IC with 144/888 bytes user memory and field detection
10.6 READ_CNT
The READ_CNT command is used to read out the current value of the NFC one-way
counter of the NTAG213F, NTAG216F. The command has a single argument specifying
the counter number and returns the 24-bit counter value of the corresponding counter. If
the NFC_CNT_PWD_PROT bit is set to 1b the counter is password protected and can
only be read with the READ_CNT command after a previous valid password
authentication (see Section 10.7). The command structure is shown in Figure 20 and
Table 35.
Table 36 shows the required timing.
NFC Device
Cmd
Addr
CRC
Data
CRC
NTAG ,,ACK''
T
T
ACK
NAK
368 µs
444 µs
NTAG ,,NAK''
NAK
57 µs
T
TimeOut
Time out
aaa-007869
Fig 20. READ_CNT command
Table 35. READ_CNT command
Name
Cmd
Addr
CRC
Data
NAK
Code
Description
read counter
Length
1 byte
1 byte
2 bytes
3 bytes
4-bit
39h
02h
NFC counter address
CRC according to Ref. 1
counter value
-
-
see Table 21
see Section 9.3
Table 36. READ_CNT timing
These times exclude the end of communication of the NFC device.
TACK/NAK min
n=9[1]
TACK/NAK max
TTimeOut
5 ms
READ_CNT
TTimeOut
[1] Refer to Section 9.2 “Timings”.
The following conditions apply if the NFC counter is password protected:
• if NTAG21xF is in the ACTIVE state
– Response to the READ_CNT command results in a NAK response
• if NTAG21xF is in the AUTHENTICATED state
– Response to the READ_CNT command is the current counter value plus CRC
NTAG213F_216F
All information provided in this document is subject to legal disclaimers.
© NXP B.V. 2013. All rights reserved.
Product data sheet
COMPANY PUBLIC
Rev. 3.1 — 28 August 2013
262231
45 of 56
NXP [ NXP ]
