diff --git a/aleksis/apps/kort/models/sdm.py b/aleksis/apps/kort/models/sdm.py
index 19de0e74e382e933202ae76ed595ca01dd80dd18..55aed0f10433d7cd404bdb2bfed8be0faca131df 100644
--- a/aleksis/apps/kort/models/sdm.py
+++ b/aleksis/apps/kort/models/sdm.py
@@ -1,10 +1,10 @@
 from binascii import unhexlify
 
 from django.core.exceptions import BadRequest
-from django.core.http import Request
+from django.http import HttpRequest
 
 from libsdm import EncMode, InvalidMessage, decrypt_sun_message
-from libsdm.derive import derive_undiversified_key, derive_tag_key
+from libsdm.derive import derive_tag_key, derive_undiversified_key
 from libsdm.util import parse_parameters
 
 from aleksis.core.mixins import ExtensibleModel, ObjectAuthenticator
@@ -15,13 +15,18 @@ from .cards import Card
 
 class NfcSdmAuthenticator(ObjectAuthenticator):
     """Object authenticator using NFC SDM."""
+
     name = "nfc_sdm"
     require_lrp = False
 
-    def authenticate(self, request: Request, obj: ExtensibleModel):
+    def authenticate(self, request: HttpRequest, obj: ExtensibleModel):
         """SUN decrypting authenticator"""
-        master_key = unhexlify(get_site_preferences()["nfc__sdm_master_key"])
-        param_mode, picc_enc_data, enc_file_data, sdmmac = parse_parameters(request.GET)
+        master_key = unhexlify(get_site_preferences()["kort__sdm_master_key"])
+        try:
+            param_mode, picc_enc_data, enc_file_data, sdmmac = parse_parameters(request.GET)
+        except ValueError as e:
+            raise BadRequest(**e.args)
+
         try:
             res = decrypt_sun_message(
                 param_mode=param_mode,
@@ -40,13 +45,13 @@ class NfcSdmAuthenticator(ObjectAuthenticator):
 
         try:
             card = Card.objects.get(chip_number__iexact=res["uid"].hex())
-        except Card.DoesNotExact:
+        except Card.DoesNotExist:
             return False
 
         if card.person != obj:
             raise BadRequest("Card is not linked to identified object")
 
-        if card.last_read_counter <= res["read_ctr"]:
+        if card.last_read_counter >= res["read_ctr"]:
             raise BadRequest("Read counter went backwards, possible replay attack")
         card.last_read_counter = res["read_ctr"]
         card.save()