NXP MIFARE® DESFire® Light
Description
NXP MIFARE® DESFire® Light is a versatile contactless smart card platform serving the requirements of applications managed by one single entity. Offering a powerful mix between performance, security, privacy and flexibility. It addresses the needs of limited use and simple extended use applications. Based on these parameters MIFARE DESFire Light is a trusted platform targeting the secure authentication of people with an intuitive convenient user experience.
MIFARE DESFire Light is fully compliant with the contactless proximity smart card protocol according to ISO/IEC 14443-4 and ISO/IEC 7816-4 communication frames making it compatible with the majority of existing contactless infrastructure devices and with NFC devices, such as NFC enabled mobile handsets. Its contactless performance supports superior user convenience and reading distances up to 10 cm.
MIFARE DESFire Light has a file-based memory structure compliant to ISO/IEC 7816-4 with a fixed, pre-defined configuration of six individual files (EF). The pre-defined configuration enables various use cases and allows the management of data according to best practice. Organized in one single directory (DF) and configurable access rights per file it enables different use cases of one issuing instance. MIFARE DESFire Light offers three individual standard data files with totally 544 bytes of memory for storage of application-specific data. The value file with a stored signed integer value and an upper and lower limit enables fast, flexible and secure implementation of monetary transactions, e.g. for micropayment applications. The cyclic record file with 4 entries of 16 bytes each enables an on-card logging of transactions.
As a contactless platform, MIFARE DESFire Light includes a powerful transaction management. This transaction management ensures data and transaction consistency supporting applications with the avoidance of disrupted or incomplete transactions. The optional Transaction Message Authentication (TMAC) further enables operators of, e.g., payment applications with a cryptographic checksum over the complete transaction enabling the verification of a transaction by a clearing entity.
MIFARE DESFire Light offers AES-based security features for authentication and data transfer over the contactless interface. The required level of security is defined by the needs of the application and can be done on a file basis. With 5 customer defined keys, MIFARE DESFire Light supports a key management addressing the organizational and security needs of the issuing entity.
Beside the standard AES implementation, MIFARE DESFire Light offers an alternative AES-based protocol for authentication and secure messaging using a Leakage Resilient Primitive, LRP. The LRP works as a wrapper around the AES cryptography and enhances side-channel and fault resistance.
MIFARE DESFire Light contains features like the fully encrypted communication mode enabling contactless applications to address privacy sensitive applications. With its optional support of Random ID, it enables compliance with latest user data protection regulations.
Users of MIFARE DESFire Light can change the application identifier (AID) and the file identifiers (FID) according to their needs enabling compatibility with existing data models. This further enables users to complement their use cases with an NFC forum-compliant Type 4 Tag in order to enable additional, end-user centric services, such as business card sharing or pairing with a network.
MIFARE DESFire Light is compatible with MIFARE DESFire EV2, a secure multiapplication platform. Through this compatibility single application running on MIFARE DESFire Light can become part of a multi-application solution, combining applications from different entities, with minimal system impact.
MIFARE DESFire Light is designed to support standards Class 1 smart cards antenna designs with a 17 pF input capacitance as well as smaller form factors, i.e. key fobs, wristbands, by providing 50 pF input capacitance delivery forms. This ensures high user convenience throughout different form factors.
DESFire’s are available in PVC and Composite PET/PVC card construction, the MIFARE DESFire Light card is exceptionally durable and can accept an embeddable SAM card for logical access and biometric ID systems.
Features
KEY FEATURES
- Pre-defined file structure
- 640-byte user memory, equivalent to MIFARE Classic® with 1 kB
- Works with MIFARE® DESFire® EV2, MIFARE 2GO, and AppXplorer
- AES 128-bit and LRP authentication and secure messaging
- Configurable secure messaging communication mode: Plain, CMAC and full encryption
- Low power consumption (Hmin) enabling operating distances of up to 10 cm
- Support of fast data rates: 106 kbit/s, 212 kbit/s, 424 kbit/s, and 848 kbit/s
- Five AES keys with flexible assignment of access rights
- Transaction MAC for secure offline validation of transactions in the back-end system
- Support of double size (7-byte) Unique Identifiers (UID) and optionally Random ID (RID) according to ISO 14443-3
- Fast start-up time for reliable and robust detection of MIFARE DESFire Light in legacy terminals
- Support of ISO 7816-4 wrapped commands compliant to a subset of MIFARE DESFire EV2 commands
- Common Criteria certification: EAL4 for IC HW and SW
- Optional random ID
- Superior transaction performance
- ECC based NXP Originality Signature
- ISO/IEC 14443 A 1-4 and ISO/IEC 7816 compliant for highest interoperability with mobiles and wearables
- NFC Type Tag 4 compliant
KEY BENEFITS
- Cost-effective, secure contactless transaction, designed for use in a single application
- Upward scalability to MIFARE DESFire EV2 and AppXplorer for integration into Smart City environments
- Full scalability with mobiles and wearables, with support for Bring Your Own Device (BYOD)
Applications
Targeted Applications
- Smart City
- Amusement Parks
- Corporate buildings
- Festivals and Events
- Hotels
- Retail
- Stadiums
- Smart Home
- Access Management
- Transport Ticketing
- Public transportation
- Campus and student ID cards
- Loyalty Programs
- ePurse
- Vending
- Event Tickets
- Gaming and Hospitality
Specifications
| Memory | |
| EEPROM size | 640-byte user memory – equivalent to MIFARE Classic with 1 kB |
| Write endurance [cycles] | 200,000 |
| Data retention [yrs] | 10 |
| Programming cycles (erase/write) | 1 ms |
| Organization | Flexible file system |
| Security | |
| Unique serial number [byte] | Double size (7-byte) |
| Random number generator | Optionally Random ID (RID) according to ISO 14443-3 |
| Algorithm | AES 128-bit and LRP authentication and secure messaging |
| Keys | Five keys with flexible assignment of access rights |
| Transaction MAC (TMAC) | TMAC for secure validation of transaction in back-end |
| Anti-tear supported by chip | Yes |
| Common Criteria certification (HW+SW) | EAL4 |
| Special Features | |
| Applications | Single applications, MIsmartApp |
| Number fo files per app | 6 |
| Application management | Easy onboarding to AppXplorer collaboration platform |
| Transaction MAC | Per application |
| RF-Interface | |
| Frequency [MHz] | 13.56 |
| Baud rate [kbit/s] | 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s |
| Anti-collision | According to ISO/IEC 14443-3 |
| Operating distance [mm] | Up to 100 |
About MIFARE
MIFARE is NXP‘s well-known brand for a wide range of contactless IC products used in more than 40 different applications worldwide. With more than 150 million reader core components and 5 billion smart card ICs sold, MIFARE products are more proven and more reliable than any other interface technology on the market. MIFARE products comply with the international standard ISO/IEC 14443 and are backward-compatible within the product families. This ensures that the existing infrastructure can be smoothly upgraded to higher security and feature levels, such as payment systems, ticketing solutions, loyalty programs, access management, and parking. To further extend the reach of MIFARE products, the MIFARE4Mobile Industry Group brings MIFARE applications into NFC-enabled mobile devices.
Support & Downloads
MIFARE DESFire Light LeafletSoftware and Utilities
Smart Toolz® MIFARE – Contactless Card Configuration Kit
MIFARE Card Configuration Kit by CardLogix features the MIFARE Card Configuration Utility software program to configure a MIFARE or DESFire card’s file structure with Application IDs (AIDs), to set permissions and keys, and to load data to the card.
RFIDDiscover
Our well known, widely deployed powerful MIFARE®Discover tool is commonly used by the MIFARE development community as it allows to access and handle any MIFARE family chip and data processing feature. This expert tool has been further enhanced to support the latest MIFARE family members of the MIFARE Plus® and the MIFARE DESFire® EV2 platform including the corresponding MIFARE SAM (Secure Access Module) solutions.
Furthermore, ICODE® and NTAG® platform support has been added to the feature set, covering NXP’s entire 13.56 MHz product portfolio now. To reflect these additions the MIFAREDiscover tool has been rebranded to RFIDDiscover.
The tool RFIDDiscover Lite can also be downloaded from MIFARE.net. The full version of the RFIDDiscover tool can be requested in the NXP DocStore – please search for “sw1866”.
TagXplorer PC-Based NFC Tag Reader-Writer Tool
NDEF reader/writer tool for Windows, Mac and Linux Desktop PCs for NXP NFC ICs
Similar to NXP’s TagWriter App for Android the new TagXplorer tool for PCs allows to read, analyze and write NDEF messages to NXP’s NFC tag and smart sensor ICs. The tool is designed using NXP’s TapLinx open Java API and it allows the user to perform NDEF Operations defined by NFC Forum on NFC Forum type 2 and 4 tags for NXP NFC Tag ICs.
