diff --git a/client/src/cmdlfem4x50.c b/client/src/cmdlfem4x50.c
index 45874c7a5..0e610298f 100644
--- a/client/src/cmdlfem4x50.c
+++ b/client/src/cmdlfem4x50.c
@@ -63,10 +63,10 @@ static void em4x50_print_result(const em4x50_word_t *words, int fwr, int lwr) {
                 s = _YELLOW_("control cfg ( locked )");
                 break;
             case EM4X50_DEVICE_SERIAL:
-                s = _YELLOW_("device serial number ( RO )");
+                s = _YELLOW_("serial number ( RO )");
                 break;
             case EM4X50_DEVICE_ID:
-                s = _YELLOW_("device identification ( RO )");
+                s = _YELLOW_("device id ( RO )");
                 break;
             default:
                 s = "user data";
@@ -602,8 +602,11 @@ int read_em4x50_uid(void) {
     };
     em4x50_word_t words[EM4X50_NO_WORDS];
     int res = em4x50_read(&etd, words);
-    if (res == PM3_SUCCESS)
+    if (res == PM3_SUCCESS) {
         PrintAndLogEx(INFO, " Serial: " _GREEN_("%s"), sprint_hex(words[EM4X50_DEVICE_SERIAL].byte, 4));
+    } else {
+        SendCommandNG(CMD_BREAK_LOOP, NULL, 0);
+    }
     return res;
 }
 
@@ -612,7 +615,10 @@ int read_em4x50_uid(void) {
 //   read protected) -> selective read mode
 int em4x50_read(em4x50_data_t *etd, em4x50_word_t *out) {
 
-    em4x50_data_t edata = { .pwd_given = false, .addr_given = false };
+    em4x50_data_t edata = {
+        .pwd_given = false,
+        .addr_given = false,
+    };
 
     if (etd != NULL) {
         edata = *etd;
@@ -630,9 +636,10 @@ int em4x50_read(em4x50_data_t *etd, em4x50_word_t *out) {
         return PM3_ESOFT;
     }
 
-    uint8_t *data = resp.data.asBytes;
+    em4x50_read_data_response_t *o = (em4x50_read_data_response_t *)resp.data.asBytes;
+
     em4x50_word_t words[EM4X50_NO_WORDS] = {0};
-    em4x50_prepare_result(data, etd->addresses & 0xFF, (etd->addresses >> 8) & 0xFF, words);
+    em4x50_prepare_result((uint8_t *)o->words, etd->addresses & 0xFF, (etd->addresses >> 8) & 0xFF, words);
 
     if (out != NULL) {
         memcpy(out, &words, sizeof(em4x50_word_t) * EM4X50_NO_WORDS);
@@ -1331,7 +1338,7 @@ static command_t CommandTable[] = {
     {"help",   CmdHelp,              AlwaysAvailable, "This help"},
     {"-----------", CmdHelp,         AlwaysAvailable, "--------------------- " _CYAN_("operations") " ---------------------"},
     {"brute",   CmdEM4x50Brute,      IfPm3EM4x50,     "Bruteforce attack to find password"},
-    {"chk",     CmdEM4x50Chk,        IfPm3EM4x50,     "Check passwords from dictionary"},
+    {"chk",     CmdEM4x50Chk,        IfPm3EM4x50,     "Check passwords"},
     {"dump",    CmdEM4x50Dump,       IfPm3EM4x50,     "Dump EM4x50 tag"},
     {"info",    CmdEM4x50Info,       IfPm3EM4x50,     "Tag information"},
     {"login",   CmdEM4x50Login,      IfPm3EM4x50,     "Login into EM4x50 tag"},
diff --git a/include/em4x50.h b/include/em4x50.h
index 69f5d8dce..1b4d7fa7f 100644
--- a/include/em4x50.h
+++ b/include/em4x50.h
@@ -23,6 +23,7 @@
 #include "bruteforce.h"
 
 #define EM4X50_NO_WORDS             34
+#define EM4X50_SIZE_WORD            4
 
 // special words
 #define EM4X50_DEVICE_PASSWORD      0
@@ -71,6 +72,12 @@ typedef struct {
     uint8_t byte[4];
 } PACKED em4x50_word_t;
 
+typedef struct {
+    uint8_t count;
+    uint32_t *words;
+} PACKED em4x50_read_data_response_t;
+
+// Global variables...
 extern bool g_Login;
 extern bool g_WritePasswordProcess;
 extern uint32_t g_Password;