Search

MIFARE DESFire

NXP MIFARE DESFire

Based on open global standards for both RF interface ISO/IEC 14443 Type A and cryptographic methods, our MIFARE DESFire product family provides highly secure microcontroller-based ICs. Its name DESFire references the use of DES, 2K3DES, 3K3DES, and AES hardware cryptographic engines for securing transmission data. This family is ideally suited for solution developers and system operators building reliable, interoperable, and scalable contactless solutions. MIFARE DESFire products can be seamlessly integrated into mobile schemes and support multi-application smart card solutions in identity, access control, loyalty, and micropayment applications, as well as in transport ticketing installations.

MIFARE DESFire EV3 - High-Security Contactless IC

The features of the MIFARE DESFire EV3 IC reflect NXP’s continued commitment to secure, connected and convenient contactless Smart City services. As part of the MIFARE DESFire family, the latest family member combines enhanced performance with a greater operating distance and improved transaction speed compared to its predecessors, including:     
  • IC hardware and software certification according to Common Criteria EAL 5+
  • Broad choice of open crypto algorithms based on DES, 2K3DES, 3K3DES, or AES
  • SUN message authentication for advanced data protection
  • Transaction Timer to mitigate man-in-the-middle attacks
  • Seamless integration of mobile services in combination with MIFARE 2GO
Features
RF interface: ISO/IEC 14443 Type A
  • Contactless interface compliant with ISO/IEC 14443-2/3 A
  • Low Hmin enabling operating distance up to 100 mm (depending on power provided by the PCD and antenna geometry)
  • Fast data transfer: 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s
  • 7 bytes unique identifier (option for Random ID)
  • Uses ISO/IEC 14443-4 transmission protocol
  • Configurable FSCI to support up to 256 bytes frame size
Non-volatile memory
  • 2 kB, 4 kB, 8 kB
  • Data retention of 25 years
  • Write endurance typical 1 000 000 cycles
  • Fast programming cycles
Security and Privacy
  • Common Criteria certification: EAL5+ (Hardware and Software)
  • Unique 7 bytes serial number for each device
  • Optional "RANDOM" ID for enhanced security and privacy
  • Mutual three-pass authentication
  • Mutual authentication according to ISO/IEC 7816-4
  • Flexible key management: 1 card leader key and up to 14 keys per application
  • Multiple key assignment for each file access rights (up to 8)
  • Multiple Key Sets per application with fast key rolling mechanism (up to 16 sets)
  • Hardware DES using 56/112/168 bit keys featuring key version
  • Hardware AES using 128-bit keys featuring key version
  • Data authenticity by 8 byte CMAC
  • MF3ICD40 compatible mode: 4 byte MAC, CRC 16
  • Data encryption on RF-channel
  • Authentication on application level
  • Hardware exception sensors
  • Self-securing file system
  • Transaction MAC signed with secret key per application
  • Virtual Card Architecture for enhanced card/application selection on multi-VC devices with privacy protection
  • Proximity Check for protection against Relay Attacks
  • Originality Check for proof of genuine NXP's product

MIFARE DESFire Light

NXP’s MIFARE DESFire Light is a contactless IC designed for easy integration into new and existing systems. Its predefined file system and total available memory of 640 Bytes (equivalent to MIFARE Classic® with 1 kB) make it an excellent choice for single-application designs in a wide variety of use cases. MIFARE DESFire Light is compatible with MIFARE® DESFire® EV2, so designers can easily expand their systems to support new applications. Compatibility with MIFARE DESFire EV2 also lets developers promote their services on NXP´s AppXplorer, a collaboration platform that creates an App Store-like experience on smart cards.

MIFARE DESFire Light can also be configured as an NFC Forum NFC Type Tag 4, so it’s ready to use with the broadest range of mobile devices equipped with contactless reading capabilities.

Designed for limited-and extended-use applications, MIFARE DESFire Light includes the appropriate protection mechanisms to power trusted services. Depending on the use case, up to five AES 128-bit keys can be used to manage access rights, while the secure messaging option enhances the protection of data and privacy. All of the chip’s hardware and software security features have been externally reviewed, tested, and certified according to Common Criteria EAL4.

Features
RF Interface & Communication Protocol
  • Contactless interface compliant to ISO/IEC 14443A-2/ -3/ -4
  • Support of ISO/IEC 7816-4 communication frames for highest interoperability with mobile and wearables
  • Low power consumption (Hmin) enabling operating distances of up to 10 cm
  • Support of fast data rates: 106 kbit/s, 212 kbit/s, 424 kbit/s, and 848 kbit/s
  • Support of double size (7-byte) Unique Identifiers (UID) and optionally Random ID (RID) according to ISO 14443-3
  • Configurable communication frame size to support up to 128 bytes
  • Fast start-up time for reliable and robust detection of MIFARE DESFire Light in legacy terminals
  • Support of ISO 7816-4 wrapped commands compliant to a subset of MIFARE DESFire EV2 commands
Memory Organization
  • 640 bytes user memory, equivalent to available user memory on legacy MIFARE Classic 1kB product
  • Data retention of 10 years and write endurance of minimum 200.000 cycles
  • File system compliant to ISO/IEC 7816-4 with one predefined Directory File (DF) and a set of Elementary Files (EF)
  • File system compliant with MIFARE DESFire EV2 file system
User-configurable file naming enabling compatibility to legacy systems and NFC Type 4 Tag compliant configurations