MIFARE DESFire EV2 Secures Data With Multiple Layers of Security
NXP’s MIFARE DESFire is one of the most secure radio-frequency chips on the market. It uses DES, 2K3DES, 3K3DES and AES hardware encryption to protect card data.
The chip offers on-chip backup management and mutual three pass authentication. It also enables rolling key sets in case of an attack.
Gallagher’s cards are encoded with EV2 and can be used on readers that support EV2. This includes advanced public transit, closed loop micropayment and Student ID applications.
Enhanced security
With data breaches becoming commonplace and older magnetic stripe and proximity cards no longer secure enough, new credentials must offer more advanced security features. DESFire EV2 provides multiple layers of security including multi-application support, protection against cloning and tampering, and a range of communication protocols.
Featuring a variety of encryption algorithms, DESFire cards are protected against unauthorized reading of the card data and its transmission between the chip and reader. Moreover, proximity checks are implemented to prevent cyber attacks by ensuring that the contactless smart card reader is within close range and that no other devices are interfering with its operation.
Furthermore, a DESFire card is configured with a unique 128-bit key for each application, making the entire chip highly secure. An on-chip backup management system and mutual three pass authentication ensure that all files on a card are secure. In addition, a built-in anti-tear mechanism protects transaction oriented data and guarantees the integrity of the information on the chip.
DESFire EV2 offers a complete set of communication protocols for flexible integration with a wide range of contactless readers and systems. It also supports a number of different applications such as transportation, closed-loop payment, access control management and loyalty programs. With the innovative MIsmartApp feature, a DESFire EV2 card can have its application space allocated to different parties without sharing the master key. This allows for new business models and makes it easy to deploy additional services to already issued cards over the air.
Increased transfer rates
MIFARE DESFire 4K EV2 offers enhanced consumer-friendly system design, in combination with heightened security and reliability. It uses a high speed triple DES data encryption co-processor to protect the transmission of application data, and a flexible memory organisation structure allows the integration of various applications. An on-chip backup management system and a mutual three pass authentication technique together with an anti-tear mechanism guarantees data integrity during contactless transactions.
The IC supports the MIFARE ® MIsmartApp feature which allows systems providers to offer or sell application space on a card and enable new business models. A card-based EV2 product can hold as many different applications as its memory size will support and after the product has been deployed into the market, new applications can be loaded remotely. A purse can even be shared between applications, offering enhanced interoperability.
MIFARE DESFire EV2 offers the same performance as EV1 but with additional functionality for more convenience, state of the art security and desfire ev2 enhanced multi-application support to enable new business models. It also benefits from the increased read/write cycle capability of 1 million cycles which exceeds previous ICs by more than a factor of two.
MIFARE DESFire EV2 is Common Criteria EAL5+ certified, the same level of security as demanded by chip products used in e-passports and banking cards. It complies with global open standards for air interfaces and cryptographic methods, its Proximity Check feature helps to protect against relay attacks and its Virtual Smart Card architecture anticipates future demands on privacy protection.
Convenient touch-and-go experience
MIFARE DESFire is an ideal solution for institutions looking to offer a more integrated and streamlined touch-and-go experience for their students, staff or customers. It provides an open standard contactless platform with a custom key credential, that is supported by many readers and systems without the need to upgrade existing hardware.
DESFire offers increased operating distance and transaction speeds compared to previous versions of the chip and uses a DES, 2K3DES, 3K3DES or AES hardware crypto engine to secure transmission data. This makes it one of the fastest contactless ICs on the market and enables users to access various applications with a single card or ticket, for example access control, transportation and cash purse.
The second evolution of our industry-leading MIFARE DESFire open architecture platform combines superior performance, state-of-the-art security, privacy and enhanced multi-application support to enable new business models. It is also compatible with the MIFARE 2GO cloud service that manages digitised MIFARE product-based credentials to enable a truly integrated end user experience when using NFC enabled mobile devices such as smart phones.
MIFARE DESFire EV2 provides even more flexibility to create multi-application schemes thanks to its MIsmartApp with multiple key sets and transaction MAC feature. In addition, the EV2 chip can also be updated with delegated management keys to support over-the-air updates for added functionality and interoperability.
Open concept
The MIFARE DESFire family is built with open technology that ensures interoperability and allows a variety of applications. Its IC’s can hold as many applications as the memory size can support and new applications can be loaded onto a card even after it has been deployed into the field. The purse can also be shared between applications, enabling enhanced interoperability.
The EV2 is fully complaint with ISO 14443A 1-4 and has received Common Criteria EAL 4+ for card security, making it an excellent choice for secure multi application cards. Its advanced feature set includes a proximity identification function that eliminates the need for a reader to communicate with the card and thus makes it resistant to relay attacks. It also has an on-chip backup management system and provides mutual three pass authentication.
Moreover, the EV2 features a 70pF option that enables read range optimization for small form factor antennas which is perfect for key fobs and mobile ticketing applications. Its open concept design also allows it to be seamlessly integrated with other media like smart paper tickets or IDs using NFC.
Gallagher MIFARE DESFire EV2 cards are available in PVC and composite PET/PVC card construction with an ISO format. They are programmable, printable and punchable to meet your specific requirements. To find out more about our MIFARE DESFire EV2 products, contact us today.
