MIFARE DESFire EV3

MIFARE DESFire EV3

MF3D(H)x3 is the latest addition to the MIFARE DESFire product family introducing new feature along with enhanced performance for best user experience. The MF3D(H)x3 is Common Criteria EAL5+ security certified which is the same security certification level as demanded for smart card IC products used e.g. for banking cards or electronic passports. It fully complies with the requirements for fast and highly secure data transmission and flexible application management. This makes it the ideal product for service providers and service operators who want to offer an easy, convenient and secure access to a wide variety of different services.

MIFARE DESFire EV3 Datasheet

Category: Tags: , , , , , , Brand:

Description

Overview:
MF3D(H)x3 is the latest addition to the MIFARE DESFire product family introducing new feature along with enhanced performance for best user experience. The MF3D(H)x3 is Common Criteria EAL5+ security certified which is the same security certification level as demanded for smart card IC products used e.g. for banking cards or electronic passports. It fully complies with the requirements for fast and highly secure data transmission and flexible application management. This makes it the ideal product for service providers and service operators who want to offer an easy, convenient and secure access to a wide variety of different services.

MF3D(H)x3 offers best flexibility when creating multi-application schemes and feature such as MIsmartApp is supporting new business models. Using MF3D(H)x3 with NXP’s AppXpplorer cloud service, Smart Cities services for example could be utilized with only one card by combining services such as public transport, car or bike sharing, access to city attractions with citizen services, closed-loop e-payment applications and local loyalty programs.

MF3D(H)x3 is based on global open standards for both air interface and cryptographic methods. It is compliant to all levels of ISO/IEC 14443A and supports optional ISO/IEC 7816-4 commands (APDU and file structure supported) and is fully interoperable with existing NFC reader for MIFARE infrastructure.

Featuring an on-chip backup management system and the mutual three-pass authentication, a MF3D(H)x3 card can hold as many applications as the memory can accommodate. Each application can hold up to 32 files with various data configurations. The size of each file is defined at the moment of its creation, making MF3D(H)x3 a truly flexible and convenient product. An automatic anti-tear mechanism is available for all file types, guaranteeing transaction-oriented data integrity.

The main characteristics of this device are denoted by its name “DESFire”: DES indicates the high level of security using a 3DES or AES hardware cryptographic engine for confidentiality and integrity protection of the transmission data. Fire indicates its outstanding position as a Fast, Innovative, Reliable and sEcure IC in the contactless proximity transaction market.

MF3D(H)x3 delivers the perfect balance of speed, performance and cost efficiency. Its open concept allows seamless future integration of other ticketing media such as smart paper tickets, banking convergence card, and MIFARE 2GO mobile ticketing service based on Near Field Communication (NFC) technology. MF3D(H)x3 is your ticket to secure contactless systems worldwide.

Features:

  • RF interface: ISO/IEC 14443 Type A
    • Contactless interface compliant with ISO/IEC 14443-2/3 A
    • Low Hmin enabling operating distance up to 100 mm (depending on power provided by the PCD and antenna geometry)
    • Fast data transfer: 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s
    • 7 bytes unique identifier (option for Random ID)
    • Uses ISO/IEC 14443-4 transmission protocol
    • Configurable FSCI to support up to 256 bytes frame size
  • Non-volatile memory
    • 2 kB, 4 kB, 8 kb or 16 kB EEPROM
    • Data retention of 25 years
    • Write endurance typical 1 000 000 cycles
    • Fast programming cycles
  • NV-memory organization
    • Flexible file system: user can freely define application structures on PICC
    • As many applications as the memory size supports per PICC
    • Up to 32 files in each application (6 file types available: Standard Data file, Back-up Data file, Value file, Linear Record file, Cyclic Record file and Transaction MAC file)
    • File size is determined during creation (not for Transaction MAC file)
    • MIsmartApp (Delegated Application Management)
    • Memory reuse in DAM applications (Format Application)
    • Factory loaded NXP’s DAM keys for AppXplorer service support
    • Accessing files from any two applications during a single transaction
  • Security
    • Common Criteria certification: EAL5+ (Hardware and Software)
    • Unique 7 bytes serial number for each device
    • Optional “RANDOM” ID for enhance security and privacy
    • Mutual three-pass authentication
    • Mutual authentication according to ISO/IEC 7816-4
    • Flexible key management: 1 card master key and up to 14 keys per application
    • Multiple key assignment for each file access rights (up to 8)
    • Multiple Key Sets per application with fast key rolling mechanism (up to 16 sets)
    • Hardware DES using 56/112/168 bit keys featuring key version
    • Hardware AES using 128-bit keys featuring key version
    • Data authenticity by 8 byte CMAC
    • MF3ICD40 compatible mode: 4 byte MAC, CRC 16
    • Data encryption on RF-channel
    • Authentication on application level
    • Hardware exception sensors
    • Self-securing file system
    • Transaction MAC signed with secret key per application
    • Virtual Card Architecture for enhanced card/application selection on multi-VC devices with privacy protection
    • Proximity Check for protection against Relay Attacks
    • Originality Check for proof of genuine NXP’s product
  • ISO/IEC 7816 compatibility
    • Supports ISO/IEC 7816-4 file structure (selection by File ID or DF name)
    • Supports ISO/IEC 7816-4 APDU message structure
    • Supports ISO/IEC 7816-4 APDU wrapper for MIFARE DESFire native commands
    • Supports ISO/IEC 7816-4 INS code ‘A4’ for SELECT FILE
    • Supports ISO/IEC 7816-4 INS code ‘B0’ for READ BINARY
    • Supports ISO/IEC 7816-4 INS code ‘D6’ for UPDATE BINARY
    • Supports ISO/IEC 7816-4 INS code ‘B2’ for READ RECORDS
    • Supports ISO/IEC 7816-4 INS code ‘E2’ for APPEND RECORD
    • Supports ISO/IEC 7816-4 INS code ‘84’ for GET CHALLENGE
    • Supports ISO/IEC 7816-4 INS code ‘88’ for INTERNAL AUTHENTICATE
    • Supports ISO/IEC 7816-4 INS code ‘82’ for EXTERNAL AUTHENTICATE
  • Special features
    • Transaction-oriented automatic anti-tear mechanism with new transaction timer support
    • Configurable ATS information for card personalization
    • Backward compatibility mode to MIFARE DESFire EV2, EV1 and D40 (MF3ICD40)
    • Secure Unique NFC (SUN) enabled by Secure Dynamic Messaging (SDM) which is mirrored as text into the NDEF message (compatible with NTAG DNA)
    • NFC Forum Type 4 Tag certified (Certificate ID. 58652)
    • Optional high input capacitance (70pF) for small form factor designs (MF3DHx3)
  • Target applications
    • Secure public transport ticketing
    • Multi-application smart city and mobility card
    • Secure access management
    • Micro-payment and Loyalty
    • Student ID
    • Road tolling and parking
    • Hospitality
    • Event ticketing