NXP MIFARE® DESFire® EV1 256B

NXP MIFARE® DESFire® EV1 256B

  • Hardware crypto co-processor
  • Common Criteria certification: EAL4+ (Hardware and Software)
  • Hardware DES using 56/112/168 bit keys
  • Hardware AES using 128-bit keys
  • Full NFC compliance

Description

This product is not recommended for new designs. Instead, we recommend to use NXP’s MIFARE DESFire Light.

The MIFARE® DESFire® EV1 256B card offers the same security and file creation features as the higher memory family members. This addresses the needs of account based systems and environments requiring only a limited set of applications, such as access control management, public transport ticketing, loyalty schemes, and closed-loop payment.

All MIFARE DESFire products are based on open global standards for both air interface and implemented cryptographic methods. It is compliant to all 4 levels of ISO/IEC 14443A and uses optional ISO/IEC 7816-4 commands, features an on-chip backup management system and mutual three-pass authentication as well as encrypted communication.

The DESFire EV1 256B is fully compatible to all other members of the MIFARE DESFire EV1 family, offering the same fast and highly secure data transmission, and is fully interoperable with existing MIFARE DESFire infrastructure.

Featuring an on-chip backup management system and the mutual three pass authentication, a MIFARE DESFire EV1 product-based smart card can hold up to 28 different applications and 32 files per application. The size of each file is defined at the moment of its creation, provides an automatic anti-tear mechanism for all file types, guaranteeing transaction-oriented data integrity, making MIFARE DESFire EV1 a truly flexible and convenient product.

Additionally, an automatic anti-tear mechanism is available for all file types, which guarantees transaction oriented data integrity. With MIFARE DESFire EV1, data transfer rates up to 848 Kbit/s can be achieved, making fast data processing possible.

The main characteristics of the MIFARE DESFire family are denoted by the name “DESFire”: “DES” indicates the high level of security using a hardware crypto coprocessor for either 3DES or AES-based data processing. “Fire” indicates its outstanding position as a fast, innovative, and highly reliable IC ideally suited to enable a wide variety of different applications.

MIFARE DESFire EV1 brings many benefits to end users. Card holders can experience convenient contactless ticketing while also having the possibility to use the same device for related applications such as payment at vending machines, access control or event ticketing.

In other words, the MIFARE DESFire EV1 IC solution offers enhanced consumer-friendly system design, in combination with security and reliability.

DESFire’s are available in PVC and Composite PET/PVC card construction. The DESFire 256B card is exceptionally durable and can accept an embeddable SAM card for logical access and biometric ID systems.

Features

Key Features

  • NFC Tag Type 4 compliant
  • Secure, high-speed command set
  • Transaction-oriented automatic anti-tear mechanism
  • Privacy protection
  • Optional high input capacitance (70pF) for small form factor design (MF3ICDH 21/41/81)
  • Configurable ATS information for card personalization

Memory

  • 256-byte EEPROM with fast programming
  • Data retention of 10 years
  • Write endurance typical 500 000 cycles

NV-memory organization

  • Flexible file system
  • File size is determined during creation

RF interface

  • Fully ISO/IEC 14443 A 1-4 compliant
  • Contactless transmission of data and powered by the RF-field (no battery needed)
  • Operating distance: up to 100 mm (depending on power provided by the PCD and antenna geometry)
  • Operating frequency: 13.56 MHz
  • Fast data transfer: 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s
  • High data integrity: 16/32 bit CRC, parity, bit coding, bit counting
  • True deterministic anti-collision
  • bytes unique identifier (cascade level 2 according to ISO/IEC 14443-3 and option for random ID)
  • Uses ISO/IEC 14443-4 protocol

Security

  • Crypto algorithm in hardware
  • Common Criteria Certification: EAL4+ (Hardware and Software)
  • Unique 7 bytes serial number for each device
  • Optional “RANDOM” ID to enhance security and privacy
  • Mutual three-pass authentication
  • Mutual authentication according to ISO/IEC 7816-4
  • 1 card leader key and up to 14 keys per application
  • Hardware DES using 56/112/168 bit keys featuring key version, data authenticity by 8-byte CMAC
  • Choice of open DES/2K3DES/3KDES/AES
  • Hardware AES using 128-bit keys featuring key version, data authenticity by 8-byte CMAC
  • Data encryption on RF-channel
  • Authentication on application level
  • Hardware exception sensors
  • Self-securing file system
  • Backward compatibility to MF3ICD40: 4 byte MAC, CRC 16

ISO/IEC 7816 compatibility

  • Supports ISO/IEC 7816-3 APDU message structure
  • Supports ISO/IEC 7816-4 INS code ‘A4’ for SELECT FILE
  • Supports ISO/IEC 7816-4 INS code ‘B0’ for READ BINARY
  • Supports ISO/IEC 7816-4 INS code ‘D6’ for UPDATE BINARY
  • Supports ISO/IEC 7816-4 INS code ‘B2’ for READ RECORDS
  • Supports ISO/IEC 7816-4 INS code ‘E2’ for APPEND RECORD
  • Supports ISO/IEC 7816-4 INS code ‘84’ for GET CHALLENGE
  • Supports ISO/IEC 7816-4 INS code ‘88’ for INTERNAL AUTHENTICATE
  • Supports ISO/IEC 7816-4 INS code ‘82’ for EXTERNAL AUTHENTICATE

Key Benefits

  • Proven, Reliable Technology – MIFARE DESFire EV1 is based on open global standards for security, and is interoperable with existing MIFARE infrastructures.
  • Fast Processing and Data Communication – Transaction times are less than 100 milliseconds for a typical secure ticketing transaction.
  • Flexible file system
  • Multiple crypto support on one single card
  • Standards Compliant – MIFARE DESFire EV1 is fully complaint with ISO 14443A 1-4, and has been awarded CC EAL 4+ for smart card security.

Applications

Targeted Applications

Specifications

Memory
EEPROM size 256-Byte
Write endurance [cycles] 500,000
Data retention [yrs] 10
Programming cycles (erase/write) 1 ms
Organization Flexible file system
Security
Unique serial number [byte] 7, cascaded
Random number generator Yes
Access keys 14 keys per application
Random ID Optional “RANDOM” ID for enhance security and privacy
Access conditions Per File
AES, 3DES & DES Security MACing/Encipherment
Anti-tear supported by chip Yes
Master Key 1 card master key
Common Criteria certification (HW+SW) EAL4 +
Special Features
Multi-application Yes
Number of files per app Number of applications and files per application depending on available memory
Purse functionality Value file
Transaction logging capability Record file
Secure transport transaction example 512-byte read, 128-byte write
Proximity check Yes
Compatibility Backward compatibility to MF3ICD40: 4 byte MAC, CRC 16
RF-Interface
Acc. to ISO 14443A Yes-up to layer 4
Frequency [MHz] 13.56
Baud rate [kbit/s] 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s
Anti-collision Bit-wise
Operating distance [mm] Up to 100

Comparison Chart

MIFARE DESFire EV3 MIFARE DESFire EV2 MIFARE DESFire EV1
ISO/IEC 14443 A 1-4 Yes Yes Yes
ISO/IEC 7816-4 support Extended Extended Extended
EEPROM data memory 2/4/8KB 2/4/8/16/32KB 2/4/8KB
Flexible file structure Yes Yes Yes
NFC Forum Tag Type 4 Yes Yes Yes
Unique ID 7B UID or 4B RID 7B UID or 4B RID 7B UID or 4B RID
Number of applications As many as memory size supports As many as memory size supports 28
Number of files per app 32 32 32
Data rates supported Up to 848 Kbit/s Up to 848 Kbit/s Up to 848 Kbit/s
Crypto algorithms supported DES/2K3DES/
3K3DES/
AES128
DES/2K3DES/
3K3DES/
AES128
DES/2K3DES/
3K3DES/
AES128
CC certification (HW+SW) EAL 5+ EAL 5+ EAL 4+
Delegated Application Management (Multi-Application) Yes, preloaded keys Yes
SUN (Secure Unique NFC Message) Yes, compatible with NTAG DNA
Transaction MAC per app Yes Yes
Multiple keysets per app Up to 16 keysets Up to 16 keysets
Multiple file access rights Up to 8 keys Up to 8 keys
Inter-app file sharing Yes Yes
Transaction Timer Yes
Virtual Card Architecture Yes Yes
Proximity Check Yes Yes
Delivery types Wafer, MOA4, MOA8,  1FF (ID-1) & 2FF (SIM) Wafer, MOA4, MOA8,  1FF (ID-1) & 2FF (SIM) Wafer, MOA4, MOA8,  1FF (ID-1) & 2FF (SIM)

About MIFARE

MIFARE is NXP‘s well-known brand for a wide range of contactless IC products used in more than 40 different applications worldwide. With more than 150 million reader core components and 5 billion smart card ICs sold, MIFARE products are more proven and more reliable than any other interface technology on the market. MIFARE products comply with the international standard ISO/IEC 14443 and are backward-compatible within the product families. This ensures that the existing infrastructure can be smoothly upgraded to higher security and feature levels, such as payment systems, ticketing solutions, loyalty programsaccess management, and parking. To further extend the reach of MIFARE products, the MIFARE4Mobile Industry Group brings MIFARE applications into NFC-enabled mobile devices.

Support & Downloads

Videos

MIFARE Explained | Security Level 3 (SL3) Capabilities

The Security Level (SL) concept of NXP’s MIFARE Plus EV2 IC allows for a step-by-step upgrade of the system’s security by switching only certain applications to a higher security level. The highest security level, SL3, offers support for AES-128 based secure messaging and thus helps to prove authenticity, confidentiality and integrity of transactions.

 

MIFARE Explained | Transaction MAC

The Transaction MAC feature of NXP’s MIFARE DESFire EV3 and MIFARE Plus EV2 ICs can help to prevent fraudulent merchant attacks. It allows to prove the authenticity of executed transactions between the reader terminal and an IC inside a smart card.

MIFARE Explained | Transaction Timer

The Transaction Timer feature of NXP’s MIFARE DESFire EV3 and MIFARE Plus EV2 ICs defends against Man-in-the-Middle attacks. The new feature makes it possible to set a minimum time per transaction, so it’s harder for an attacker to interfere with the transaction. Learn more about the technical details of the Transaction Timer feature and how it can be used to make access control, transport ticketing, and micropayment installations more secure.

 

MIFARE DESFire EV2 smart card IC includes the MIsmartApp

Are you planning to offer contactless smart life services? Smart cards can be a powerful tool to host various contactless services, such as micropayments, access solutions, transport services – and even ticketing on one smart contactless card. The MIFARE DESFire EV2 smart card IC includes the MIsmartApp which can hold as many different applications as the memory size supports and new applications can be loaded after the card has been deployed into the market.

 

MIFARE SDK

The MIFARE SDK is designed to provide access to all hardware features on Java level and enables Android apps to be created for MIFARE, ICODE and NTAG more easily than ever before. Leveraging the worldwide success of NXP´s product installations, the launch of MIFARE SDK opens up a world of new possibilities for creative Android application developers.

 

NXP AppXplorer

Have you ever counted how many cards per day you are using? In the end of the day why to use different card for every little thing you have to do? The MIFARE® DESFire® card is one single smart card where you can store all the other cards.