MIFARE DESFire EV3 Chip

The MIFARE DESFire EV3 IC is at the heart of mass transit ticketing installations worldwide and delivers a range of enhanced features for solution providers to collaborate and scale services. It is Common Criteria EAL5+ security certified and compliant with the NFC Forum Type 4 tag IC specification.

HID’s credentials based on the MIFARE DESFire EV3 offer a seamless migration path from vulnerable 125 kHz systems, while enabling additional functionality for access control or mobile services via the MIFARE 2GO cloud service.

Enhanced performance

The DESFire EV3 chip is the latest evolution of NXP’s proven contactless MIFARE product family, offering NFC compatibility as well as advanced security features. The IC is fully backwards compatible with MIFARE EV1 and EV2 systems, making upgrades seamless. It provides enhanced performance, a greater operating distance and improved transaction speed. It also supports a new Secure Unique NFC message (SUN) feature to help mitigate man-in-the-middle attacks, with a tap-unique authentication message and crypto-secure URL generated by the IC every time the chip is accessed.

SUN is supported by a new on-chip backup management system that guarantees the integrity of application data. The MIFARE EV3 chip is also built with an automatic anti-tear mechanism, further safeguarding the integrity of its stored data. The IC is also built to be highly flexible with an on-chip configuration tool that supports up to 32 application files and a variety of data configurations, making it easy to add functionality to existing cards, tags or smartphones with minimal cost.

Smart City services that run on a MIFARE EV3 IC can be deployed to NFC smartphones and wearables using NXP’s MIFARE 2GO cloud service, which manages digitized MIFARE product-based credentials smart card manufacturer and allows for contactless payments or access to features in any device that has the right infrastructure and support. The MIFARE EV3 IC is a great choice for the next generation of 125 kHz contactless cards that combine security with convenience for mobile devices and digital credentials that can be used to pay for public transit, buy parking tickets or open doors- all touch free.

Multi-application support

A modern physical access control solution needs to be versatile and scalable for a wide range of applications. The DESFire EV3 IC offers many ways to help make the switch to multi-applications seamless, easy and cost effective for system operators and cardholders.

The IC features particular protective mechanisms to support trusted services, including five AES 128-bit keys to monitor access rights, a transaction timer feature to mitigate man-in-the-middle attacks and secure messaging options to boost data protection and privacy. It also includes an on-chip backup management system and a crypto-secure SUN message authentication that enables a high level of data integrity and security.

As the global standard for transit cards and ticketing systems, DESFire EV3 offers great flexibility and reliability. Combined with NXP’s MIsmartApp cloud service, the IC supports a large number of Smart City services such as closed-loop e-payment applications, public transport, ticketing and citizen services.

With 8 kBytes of memory, the DESFire EV3 is ideal for multi-application contactless solutions such as transit schemes, logical access control and loyalty cards. The IC is based on global open standards and uses an on-chip 3DES / AES hardware cryptographic engine for data transmission security. It is backward compatible with previous generations of MIFARE and provides a highly scalable contactless platform for solution developers. It also offers a Delegated Key Management system to reduce the need for costly changes to existing equipment.

Easy deployment

The new DESFire EV3 is backwards compatible, making it the ideal choice for upgrading existing low-frequency 125 kHz systems to modern contactless smart city services. It offers enhanced performance with a higher operating distance and faster transaction speed, along with a comprehensive set of security features to help protect privacy and data integrity. The IC is Common Criteria EAL 5+ certified and supports a broad selection of open crypto algorithms. The DESFire EV3 chip also has a new Transaction Timer feature that helps mitigate man-in-the-middle attacks by setting an absolute maximum transaction time.

The DESFire EV3 card can be used for many applications, including identity and logical access control, closed-loop e-payment, ticketing and local loyalty. It enables seamless integration with mobile phone services and other smart devices. For example, public transportation tickets can be stored on the same card as a library or parking card for ease of use and convenience.

With a customizable memory size and organizational structure, the DESFire EV3 can be configured to meet the specific needs of any system. It can be used to create a single-technology credential or it can be combined with NXP’s MIsmartApp platform to support a multi-application scheme. This flexibility makes the IC an ideal choice for a wide variety of applications, from traditional public transportation to innovative new business models such as mobile payments and unified access.

Secure connectivity

DESFire is one of the most secure radio-frequency chips available today, offering high levels of security and flexibility. The DESFire IC features 3DES and AES hardware cryptographic engines, and a high level of read/write cycles (up to 1 million). It is based on global open standards, compliant to all levels of ISO/IEC 14443A and supports optional ISO/IEC 7816-4 commands for seamless interoperability with existing contactless infrastructure.

The DESFire IC also includes on-chip backup management system with mutual three-pass authentication, making it ideal for multiapplication applications. In addition, a tap-unique desfire ev3 message that includes crypto-secure SUN code is generated each time the card or tag is tapped on NFC devices, providing a more secure method to maintain data confidentiality and integrity.

EV3 credentials from HID offer additional layers of protection with support for a secure channel-based file transfer protocol and proximity check for added security against attacks such as spoofing. These capabilities together with a scalable application framework, MIsmartApp, make the DESFire EV3 the most flexible solution to support a wide range of Smart City services such as public transport schemes, access control, closed loop e-payment and local loyalty programs. These solutions can be securely uploaded on cards, smartphones and tags using NXP’s cloud based service, MIFARE 2GO, to provide a new level of convenience for citizens. It also offers the possibility to support new business models by combining different services onto a single card enabling people to manage all of their daily activities and travel needs in a convenient way.