diff --git a/firmware/targets/f7/furi_hal/furi_hal_nfc.c b/firmware/targets/f7/furi_hal/furi_hal_nfc.c
index 7b7d5f27..2d6db8fb 100644
--- a/firmware/targets/f7/furi_hal/furi_hal_nfc.c
+++ b/firmware/targets/f7/furi_hal/furi_hal_nfc.c
@@ -341,13 +341,13 @@ void furi_hal_nfc_listen_start(FuriHalNfcDevData* nfc_data) {
     if(nfc_data->uid_len == 4) {
         pt_memory[12] = nfc_data->sak & ~FURI_HAL_NFC_UID_INCOMPLETE;
     } else {
-        pt_memory[12] = nfc_data->sak | FURI_HAL_NFC_UID_INCOMPLETE;
+        pt_memory[12] = FURI_HAL_NFC_UID_INCOMPLETE;
     }
     pt_memory[13] = nfc_data->sak & ~FURI_HAL_NFC_UID_INCOMPLETE;
     pt_memory[14] = nfc_data->sak & ~FURI_HAL_NFC_UID_INCOMPLETE;
 
     st25r3916WritePTMem(pt_memory, sizeof(pt_memory));
-    // Go to sence
+    // Go to sense
     st25r3916ExecuteCommand(ST25R3916_CMD_GOTO_SENSE);
 }
 
@@ -507,6 +507,9 @@ static bool furi_hal_nfc_transparent_tx_rx(FuriHalNfcTxRxContext* tx_rx, uint16_
     uint8_t rxe = 0;
     uint32_t start = DWT->CYCCNT;
     while(true) {
+        if(!rfalIsExtFieldOn()) {
+            return false;
+        }
         if(furi_hal_gpio_read(&gpio_nfc_irq_rfid_pull) == true) {
             st25r3916ReadRegister(ST25R3916_REG_IRQ_MAIN, &rxe);
             if(rxe & (1 << 4)) {
diff --git a/lib/nfc/protocols/mifare_classic.c b/lib/nfc/protocols/mifare_classic.c
index 44b783d6..3b534393 100644
--- a/lib/nfc/protocols/mifare_classic.c
+++ b/lib/nfc/protocols/mifare_classic.c
@@ -771,6 +771,7 @@ bool mf_classic_emulator(MfClassicEmulator* emulator, FuriHalNfcTxRxContext* tx_
     // Read command
     while(!command_processed) {
         if(!is_encrypted) {
+            crypto1_reset(&emulator->crypto);
             memcpy(plain_data, tx_rx->rx_data, tx_rx->rx_bits / 8);
         } else {
             if(!furi_hal_nfc_tx_rx(tx_rx, 300)) {
@@ -803,7 +804,7 @@ bool mf_classic_emulator(MfClassicEmulator* emulator, FuriHalNfcTxRxContext* tx_
                 access_key = MfClassicKeyB;
             }
 
-            uint32_t nonce = prng_successor(DWT->CYCCNT, 32);
+            uint32_t nonce = prng_successor(DWT->CYCCNT, 32) ^ 0xAA;
             uint8_t nt[4];
             uint8_t nt_keystream[4];
             nfc_util_num2bytes(nonce, 4, nt);
@@ -858,7 +859,7 @@ bool mf_classic_emulator(MfClassicEmulator* emulator, FuriHalNfcTxRxContext* tx_
             uint32_t cardRr = ar ^ crypto1_word(&emulator->crypto, 0, 0);
             if(cardRr != prng_successor(nonce, 64)) {
                 FURI_LOG_T(TAG, "Wrong AUTH! %08X != %08X", cardRr, prng_successor(nonce, 64));
-                // Don't send NACK, as tag don't send it
+                // Don't send NACK, as the tag doesn't send it
                 command_processed = true;
                 break;
             }
@@ -897,7 +898,18 @@ bool mf_classic_emulator(MfClassicEmulator* emulator, FuriHalNfcTxRxContext* tx_
             } else {
                 if(!mf_classic_is_allowed_access(
                        emulator, block, access_key, MfClassicActionDataRead)) {
-                    memset(block_data, 0, 16);
+                    // Send NACK
+                    uint8_t nack = 0x04;
+                    if(is_encrypted) {
+                        mf_crypto1_encrypt(
+                            &emulator->crypto, NULL, &nack, 4, tx_rx->tx_data, tx_rx->tx_parity);
+                    } else {
+                        tx_rx->tx_data[0] = nack;
+                    }
+                    tx_rx->tx_rx_type = FuriHalNfcTxRxTransparent;
+                    tx_rx->tx_bits = 4;
+                    furi_hal_nfc_tx_rx(tx_rx, 300);
+                    break;
                 }
             }
             nfca_append_crc16(block_data, 16);