NXP MIFARE® DESFire® EV3 2K

NXP MIFARE® DESFire® EV3 2K

$2.25

In stock

  • Services running on MIFARE DESFire EV3 can be deployed to NFC mobile phones using MIFARE 2GO
  • Preloaded keys for delegated application management allow to add new services to already deployed cards
  • Functional backward compatibility to MIFARE DESFire EV2 and MIFARE DESFire EV1

In stock

Description

As the third evolution of NXP’s proven contactless MIFARE DESFire portfolio, the MIFARE DESFire EV3 2K is the latest addition to the MIFARE DESFire product family introducing new feature along with enhanced performance for best user experience. The MIFARE DESFire EV3 is Common Criteria EAL5+ security certified which is the same security certification level as demanded for smart card IC products used e.g. for banking cards or electronic passports. It fully complies with the requirements for fast and highly secure data transmission and flexible application management. This makes it the ideal product for service providers and service operators who want to offer an easy, convenient and secure access to a wide variety of different services.

The features of the MIFARE DESFire EV3 IC reflect NXP’s continued commitment to secure, connected and convenient contactless Smart City services. As part of the MIFARE DESFire family, the latest family member combines enhanced performance with a greater operating distance and improved transaction speed compared to its predecessors.

MIFARE DESFire EV3 offers best flexibility when creating multi-application schemes and feature such as MIsmartApp is supporting new business models. Using a MIFARE DESFire EV3 with NXP’s AppXpplorer cloud service, Smart Cities services for example could be utilized with only one card by combining services such as public transport, car or bike sharing, access to city attractions with citizen services, closed-loop e-payment applications and local loyalty programs.

MIFARE DESFire EV3 is based on global open standards for both air interface and cryptographic methods. It is compliant to all levels of ISO/IEC 14443A and supports optional ISO/IEC 7816-4 commands (APDU and file structure supported) and is fully interoperable with existing NFC reader for MIFARE infrastructure.

Featuring an on-chip backup management system and the mutual three-pass authentication, a MIFARE DESFire EV3 card can hold as many applications as the memory can accommodate. Each application can hold up to 32 files with various data configurations. The size of each file is defined at the moment of its creation, making MIFARE DESFire EV3 a truly flexible and convenient product. An automatic anti-tear mechanism is available for all file types, guaranteeing transaction-oriented data integrity.

The main characteristics of this device are denoted by its name “DESFire”: DES indicates the high level of security using a 3DES or AES hardware cryptographic engine for confidentiality and integrity protection of the transmission data. Fire indicates its outstanding position as a Fast, Innovative, Reliable and secure IC in the contactless proximity transaction market.

MIFARE DESFire EV3 delivers the perfect balance of speed, performance and cost efficiency. Its open concept allows seamless future integration of other ticketing media such as smart paper tickets and banking convergence card based on Near Field Communication (NFC) technology. MIFARE DESFire EV3 is your ticket to secure contactless systems worldwide.

Targeting a broad range of Smart City services, including public transport and access management, the MIFARE DESFire EV3 IC offers enhanced security and convenience, and delivers significant benefits to operators and end users alike.

Smart City services that run on a MIFARE DESFire EV3 IC can be deployed to NFC smartphones and wearables using NXP’s MIFARE 2GO cloud service, which manages digitized MIFARE product-based credentials and can enable contactless payments or access features using NFC-enabled devices

DESFire’s are available in PVC and Composite PET/PVC card construction, the MIFARE DESFire EV3 2K card is exceptionally durable and can accept an embeddable SAM card for logical access and biometric ID systems.

Features

Key Benefits

  • Services running on MIFARE DESFire EV3 can be deployed to NFC mobile phones using MIFARE 2GO
  • Preloaded keys for delegated application management allow to add new services to already deployed cards
  • Functional backward compatibility to MIFARE DESFire EV2, MIFARE DESFire EV1 and D40 (MF3ICD40) offers a seamless upgrade path
  • Improved operating range and higher transaction speeds compared to its predecessors enhance both user experience and security
  • Optional high input capacitance (70 pF) for small form factor designs (MF3DHx3)

Key Features

  • Common Criteria EAL5+ certified for IC hardware and software
  • NFC Forum Tag Type 4 certified
  • SUN (Secure Unique NFC) message authentication for advanced data protection within standard NDEF read operation
  • Flexible file structure for true multi-application operation
  • Non-volatile memory
    • 2 kB
    • Data retention of 25 years
    • Write endurance typical 1 000 000 cycles
    • Fast programming cycles
  • Inter-application file sharing enables multiple applications with a common purse
  • Wide choice of open DES/2K3DES/3K3DES/AES crypto algorithms
  • Optional “RANDOM” ID for enhanced security and privacy
  • Mutual three-pass authentication
  • Flexible key management: 1 card leader key and up to 14 keys per application
  • Multiple key assignment for each file access rights (up to 8)
  • Multiple key sets per application for post-issuance rolling application keys
  • MF3ICD40 compatible mode: 4 byte MAC, CRC 16
  • NV-memory organization and multi-application support
    • Flexible file system: user can freely define application structures on PICC
    • As many applications as memory size supports
    • Up to 32 files in each application (6 file types available: Standard Data file, Back-up
    • Data file, Value file, Linear Record file, Cyclic Record file and Transaction MAC file)
    • File size is determined during creation (not for Transaction MAC file)
    • MlsmartApp (Delegated Application Management)
    • Memory reuse in DAM applications (Format Application)
    • Factory loaded NXP’s DAM keys for AppXplorer service support
    • Accessing files from any two applications during a single transaction
  • Proof of transaction with card generated MAC
  • Transaction Timer defends against man-in-the-middle attacks
  • Virtual Card Architecture for enhanced card/application selection on multi-VC devices with privacy protection
  • Proximity check to detect relay attacks
  • Originality Check for proof of genuine NXP’s product
  • Configurable ATS information for card personalization
  • RF interface: ISO/IEC 14443 Type A
    • Contactless interface compliant with ISO/IEC 14443-2/3 A
    • Low Hmin enabling operating distance up to 100 mm (depending on power provided by the PCD and antenna geometry)
    • Fast data transfer: 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s
    • 7 bytes unique identifier (option for Random ID)
    • Uses ISO/IEC 14443-4 transmission protocol
    • Configurable FSCI to support up to 256 bytes frame size
  • ISO/IEC 7816-4 compliant
    • Supports ISO/IEC 7816-4 file structure (selection by File ID or DF name)
    • Supports ISO/IEC 7816-4 APDU message structure
    • Supports ISO/IEC 7816-4 APDU wrapper for MIFARE DESFire native commands
    • Supports ISO/IEC 7816-4 INS code ‘A4’ for SELECT FILE
    • Supports ISO/IEC 7816-4 INS code ‘BO’ for READ BINARY
    • Supports ISO/IEC 7816-4 INS code ‘D6’ for UPDATE BINARY
    • Supports ISO/IEC 7816-4 INS code ’62’ for READ RECORDS
    • Supports ISO/IEC 7816-4 INS code ‘E2’ for APPEND RECORD
    • Supports ISO/IEC 7816-4 INS code ’88’ for INTERNAL AUTHENTICATE
    • Supports ISO/IEC 7816-4 INS code ’82’ for EXTERNAL AUTHENTICATE

Applications

Targeted Applications

 

Comparison Table

MIFARE DESFire EV3 MIFARE DESFire EV2 MIFARE DESFire EV1
ISO/IEC 14443 A 1-4 Yes Yes Yes
ISO/IEC 7816-4 support Extended Extended Extended
EEPROM data memory 2/4/8KB 2/4/8/16/32KB 2/4/8KB
Flexible file structure Yes Yes Yes
NFC Forum Tag Type 4 Yes Yes Yes
Unique ID 7B UID or 4B RID 7B UID or 4B RID 7B UID or 4B RID
Number of applications As many as memory size supports As many as memory size supports 28
Number of files per app 32 32 32
Data rates supported Up to 848 Kbit/s Up to 848 Kbit/s Up to 848 Kbit/s
Crypto algorithms supported DES/2K3DES/
3K3DES/
AES128
DES/2K3DES/
3K3DES/
AES128
DES/2K3DES/
3K3DES/
AES128
CC certification (HW+SW) EAL 5+ EAL 5+ EAL 4+
Delegated Application Management (Multi-Application) Yes, preloaded keys Yes
SUN (Secure Unique NFC Message) Yes, compatible with NTAG DNA
Transaction MAC per app Yes Yes
Multiple keysets per app Up to 16 keysets Up to 16 keysets
Multiple file access rights Up to 8 keys Up to 8 keys
Inter-app file sharing Yes Yes
Transaction Timer Yes
Virtual Card Architecture Yes Yes
Proximity Check Yes Yes
Delivery types Wafer, MOA4, MOA8,  1FF (ID-1) & 2FF (SIM) Wafer, MOA4, MOA8,  1FF (ID-1) & 2FF (SIM) Wafer, MOA4, MOA8,  1FF (ID-1) & 2FF (SIM)

Specifications

MIFARE DESFire has evolved over time, enhancing its security properties to protect against current and future security threats, and adding new features to better suit into new user requirements.

MIFARE DESFire EV3 is the fourth generation of the MIFARE DESFire products family succeeding MIFARE DESFire EV2. It is functionally backward compatible with all previous MIFARE DESFire generations, namely MIFARE DESFire EV2, MIFARE DESFire EV1 and MIFARE DESFire D40 (MF3ICD40).

The relationship between the latest three generations of MIFARE DESFire products. The latest generation encompasses the features from the older generation(s). Therefore, allowing existing users of the older products to adopt the latest product with minimum or no changes to their infrastructures.

MIFARE DESFire EV3 can be used as a MIFARE DESFire EV2 or a MIFARE DESFire EV1 in its default delivery configuration. Every new feature would require an activation and/or the use of new commands which is described in their respective sections in this document.

MIFARE DESFire EV3 2K

Memory
EEPROM size 4KB
Write endurance [cycles] 1,000,000
Data retention [yrs] 25
Programming cycles (erase/write) 1 ms
Organization Flexible file system
Security
Unique serial number [byte] 7, cascaded
Random number generator Yes
Access keys 14 keys per application
Multiple key sets Up to 16 per application
Access conditions Per File
AES, 3DES & DES Security MACing/Encipherment
Anti-tear supported by chip Yes
Common Criteria certification (HW+SW) EAL5 +
Special Features
Multi-application Unlimited applications, MIsmartApp
Number of files per app 32
Purse functionality Value file
Inter-app file sharing Yes
Transaction MAC Per application
Virtual smart card architecture PICC and application level
Proximity check Yes
RF-Interface
Acc. to ISO 14443A Yes-up to layer 4
Frequency [MHz] 13.56
Baud rate [kbit/s] 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s
Anti-collision Bit-wise
Operating distance [mm] Up to 100

 

The Evolution of MIFARE DESFire EV1, EV2 and EV3 Features

Videos

MIFARE Explained | MIFARE DESFire EV3 IC

The MIFARE DESFire EV3 IC reflects NXP’s continued commitment to secure, connected and convenient Smart City services and combines enhanced performance with new security features. Its on board support for mobile devices and multiple applications on one card make it a great choice for both, consumers and service providers, in different applications such as transport ticketing, access control, loyalty programs and micropayments. In this 50 minutes training you’ll get an overview on technical and connectivity features of the chip, supported use cases, as well as mobile and multi-applications support.

 

MIFARE Explained | Security Level 3 (SL3) Capabilities

The Security Level (SL) concept of NXP’s MIFARE Plus EV2 IC allows for a step-by-step upgrade of the system’s security by switching only certain applications to a higher security level. The highest security level, SL3, offers support for AES-128 based secure messaging and thus helps to prove authenticity, confidentiality and integrity of transactions.

 

MIFARE Explained | Secure Dynamic Messaging (SDM)

The Secure Dynamic Messaging (SDM) feature allows to program NXP’s MIFARE DESFire EV3 IC in a way to store NDEF messages as defined in the NFC Forum Tag Type 4 specification. A unique IC individual NDEF message is generated on each tap, whereas a backend server evaluates the data that was generated by the IC.

 

MIFARE Explained | Transaction MAC

The Transaction MAC feature of NXP’s MIFARE DESFire EV3 and MIFARE Plus EV2 ICs can help to prevent fraudulent merchant attacks. It allows to prove the authenticity of executed transactions between the reader terminal and an IC inside a smart card.

MIFARE Explained | Transaction Timer

The Transaction Timer feature of NXP’s MIFARE DESFire EV3 and MIFARE Plus EV2 ICs defends against Man-in-the-Middle attacks. The new feature makes it possible to set a minimum time per transaction, so it’s harder for an attacker to interfere with the transaction. Learn more about the technical details of the Transaction Timer feature and how it can be used to make access control, transport ticketing, and micropayment installations more secure.

 

MIFARE DESFire EV2 smart card IC includes the MIsmartApp

Are you planning to offer contactless smart life services? Smart cards can be a powerful tool to host various contactless services, such as micropayments, access solutions, transport services – and even ticketing on one smart contactless card. The MIFARE DESFire EV2 smart card IC includes the MIsmartApp which can hold as many different applications as the memory size supports and new applications can be loaded after the card has been deployed into the market.

 

MIFARE SDK

The MIFARE SDK is designed to provide access to all hardware features on Java level and enables Android apps to be created for MIFARE, ICODE and NTAG more easily than ever before. Leveraging the worldwide success of NXP´s product installations, the launch of MIFARE SDK opens up a world of new possibilities for creative Android application developers.

 

NXP AppXplorer

Have you ever counted how many cards per day you are using? In the end of the day why to use different card for every little thing you have to do? The MIFARE® DESFire® card is one single smart card where you can store all the other cards.

Support & Downloads

Software and Utilities

Smart Toolz® MIFARE – Contactless Card Configuration Kit

Smart Toolz - MIFare and memory smart card development kit (SDK)

MIFARE Card Configuration Kit by CardLogix features the MIFARE Card Configuration Utility software program to configure a MIFARE or DESFire card’s file structure with Application IDs (AIDs), to set permissions and keys, and  to load data to the card.

RFIDDiscover

Our well known, widely deployed powerful MIFARE®Discover tool is commonly used by the MIFARE development community as it allows to access and handle any MIFARE family chip and data processing feature. This expert tool has been further enhanced to support the latest MIFARE family members of the MIFARE Plus® and the MIFARE DESFire® EV2 platform including the corresponding MIFARE SAM (Secure Access Module) solutions.

Furthermore, ICODE® and NTAG® platform support has been added to the feature set, covering NXP’s entire 13.56 MHz product portfolio now. To reflect these additions the MIFAREDiscover tool has been rebranded to RFIDDiscover.

The tool RFIDDiscover Lite can also be downloaded from MIFARE.net. The full version of the RFIDDiscover tool can be requested in the NXP DocStore – please search for “sw1866”.

 

TagXplorer PC-Based NFC Tag Reader-Writer Tool

NDEF reader/writer tool for Windows, Mac and Linux Desktop PCs for NXP NFC ICs

Similar to NXP’s TagWriter App for Android the new TagXplorer tool for PCs allows to read, analyze and write NDEF messages to NXP’s NFC tag and smart sensor ICs. The tool is designed using NXP’s TapLinx open Java API and it allows the user to perform NDEF Operations defined by NFC Forum on NFC Forum type 2 and 4 tags for NXP NFC Tag ICs.

 

You may also like…

Go to Top