MIFARE DESFire EV2 From NXP
NXP’s MIFARE DESFire EV2 contactless IC offers superior performance and state-of-the-art security. It’s a multi-application platform designed with system operators and solution providers in mind.
DESFire uses DES, 2K3DES, or AES hardware encryption for the privacy and secure transmission of data. It enables scalable contactless solutions such as identification, access control (even in military environments), loyalty and micro-payment applications.
The NXP MIFARE DESFire EV2 is the latest evolution of secure memory RFID chips delivering more features and improved performance for a better end user experience. Based on open global standards for RF interfaces and cryptographic methods, the chip is Common Criteria EAL 5+ security certified. This is the same level of security required for IC products used in banking cards or electronic passports.
The chip enables a secure contactless solution, offering state-of-the-art transaction security and privacy for your most sensitive data. Layered security features include key diversification, proximity check and authenticated signatures. Combined with crypto algorithms such as DES, 2K3DES, 3K3DES or AES, it protects against cloning and tampering, even in high-volume turnstile environments.
Moreover, the chips are highly resistant to environmental factors like temperature or moisture. This ensures reliable performance over long periods of time, even when the card is being handled frequently or in harsh conditions.
HID’s DESFire credentials support a number of different applications, including access control (even in military environments), loyalty, micropayments and public transport schemes. The chips can also store multiple applications on one card, reducing the number of different physical credentials that you need to carry with you. They can also work with mobile devices to enable a touchless and convenient way to interact with Smart City services, such as for parking or ticketing.
The MIFARE DESFire family of contactless chips offers a contactless smart card wide range of security features for multi-application cards used in access control, transportation, logical access and loyalty solutions. Its tamper-proof design ensures data is protected against cloning and unauthorized reading. Additionally, it uses a unique 128-bit encryption key for each application, preventing the theft of other applications even if a tampered or cloned card is used to perform transactions.
With a comprehensive list of security provisions and enhanced interoperability, the MIFARE DESFire EV2 (MF3D(H)x2) chip is suitable for smart city initiatives including public transport and smart ticketing. It is Common Criteria EAL5+ certified, the same level as demanded for the secure chips found in e-passports and banking cards. It supports a choice of open crypto algorithms and also features a transaction timer to help mitigate man-in-the-middle attacks.
EV3C adds Classic 1K support to the DESFire EV2 functionality providing a seamless migratory path for those who currently use Classic and want to migrate to DESFire in stages. DESFire EV3C supports all of the DESFire EV2 features with the added benefit of being able to read Classic 1K data, allowing users who have mixed DESFire and Classic functionality on their cards to easily move between the two, minimizing any disruption in services. It also offers a high input capacitance option of 70 pF to improve read range on small form factor antennas for optimum performance in key fobs and mobile tickets.
MIFARE DESFire EV2 (MF3D(H)x2) is the latest member of the MIFARE DESFire family introducing new functions along with enhanced performance to deliver an unrivalled user experience. It is Common Criteria EAL5+ security certified and meets the needs of system operators to build interoperable contactless solutions for a variety of applications like identity, access control, loyalty and micro-payment.
The EV2 chip offers the ability to store more than 28 different desfire ev2 applications and 32 files per application, which is up to 3 times as many as previous generations of MIFARE cards. It has a flexible memory organisation structure, high speed triple-DES data encryption co-processor and an automatic anti-tear mechanism, all of which are backed by NXP’s world-class security architecture.
Additionally, the EV2 has longer read range compared to EV1 and supports up to 1 million cycles (depending on reader antenna design) which enables institutions to migrate to DESFire on a cost-effective basis without having to change their existing readers. It also has backward compatibility with MIFARE DESFire EV1 to provide a migratory path for those who have existing Classic cards.
The EV2 is the first MIFARE product to incorporate Delegated Key Management, which allows new applications to be loaded to the card remotely after it has been issued, making it ideal for smart city services such as bus and train ticketing, mobile ID, access control and closed-loop payments. Furthermore, a new transaction timer function and configurable ATS information allow for more flexible and customisable functionality to meet specific application requirements.
Unlike previous generations of MIFARE contactless ICs, the new desfire ev2 supports an increased number of applications. This makes it an ideal solution for logical and physical access control, closed-loop e-payment applications as well as mobile ticketing solutions. The chip also includes a new secure unique NFC (SUN) message feature. When a card, ticket or mobile device is tapped with this enabled, a tap-unique authentication and crypto-secure ID is generated and sent to a server. This can be used to verify the authenticity of a given service or application, providing an additional level of security and privacy protection.
The EV2 ICs also feature an on-chip backup management system and mutual three pass authentication for enhanced security. This combined with an improved operating distance of 10cm and transaction speed up to 848Kbit/s, make it a good choice for use in contactless payment and public transport tickets, campus and office cards as well as in mobile ticketing applications.
NXP’s DESFire EV2 is fully compliant with ISO/IEC 14443A 1-4, has been Common Criteria EAL 5+ certified for card IC products and complies to the NFC Forum Type 4 Tag specification. In addition, the EV2 has been designed for easy integration into new and existing systems. This includes a predefined file system and the ability to store an unlimited amount of data, limited only by the chip memory size. A purse can be shared between applications for even greater interoperability.