SmartCard America Blog

The newest chips in the market in 2020!

21 Jul
DESFire EV3 Card, SmartCard America

Contact Us

NXP MIFARE® DESFire® EV3 Chip

The newest chips in the market in 2020!

Based on open global standards for both RF interface and cryptographic methods, our MIFARE DESFire product family provides highly secure microcontroller-based ICs. Its name DESFire references the use of DES, 2K3DES, 3K3DES, and AES hardware cryptographic engines for securing transmission data.

This family is ideally suited for solution developers and system operators building reliable, interoperable, and scalable contactless solutions. MIFARE DESFire products can be seamlessly integrated into mobile schemes and support multi-application smart card solutions in identity, access control, loyalty, and micropayment applications, as well as in transport ticketing installations.Featured Products

The features of the MIFARE DESFire EV3 IC reflect NXP’s continued commitment to secure, connected and convenient contactless Smart City services. As part of the MIFARE DESFire family, the latest family member combines enhanced performance with a greater operating distance and improved transaction speed compared to its predecessors, including:

  • IC hardware and software certification according to Common Criteria EAL 5+
  • Broad choice of open crypto algorithms based on DES, 2K3DES, 3K3DES, or AES
  • SUN message authentication for advanced data protection
  • Transaction Timer to mitigate man-in-the-middle attacks
  • Seamless integration of mobile services in combination with MIFARE 2GO

MIFARE DESFire EV3 block diagram

MIFARE DESFire EV3 DATASHEET

Features

RF interface: ISO/IEC 14443 Type A

  • Contactless interface compliant with ISO/IEC 14443-2/3 A
  • Low Hmin enabling operating distance up to 100 mm (depending on power provided by the PCD and antenna geometry)
  • Fast data transfer: 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s
  • 7 bytes unique identifier (option for Random ID)
  • Uses ISO/IEC 14443-4 transmission protocol
  • Configurable FSCI to support up to 256 bytes frame size

Non-volatile memory

  • 2 kB, 4 kB, 8 kB
  • Data retention of 25 years
  • Write endurance typical 1 000 000 cycles
  • Fast programming cycles

NV-memory organization and multi-application support

  • Flexible file system: user can freely define application structures on PICC
  • As many applications as memory size supports
  • Up to 32 files in each application (6 file types available: Standard Data file, Back-up Data file, Value file, Linear Record file, Cyclic Record file and Transaction MAC file)
  • File size is determined during creation (not for Transaction MAC file)
  • MlsmartApp (Delegated Application Management)
  • Memory reuse in DAM applications (Format Application)
  • Factory loaded NXP’s DAM keys for AppXplorer service support
  • Accessing files from any two applications during a single transaction

Security and Privacy

  • Common Criteria certification: EAL5+ (Hardware and Software)
  • Unique 7 bytes serial number for each device
  • Optional “RANDOM” ID for enhanced security and privacy
  • Mutual three-pass authentication
  • Mutual authentication according to ISO/IEC 7816-4
  • Flexible key management: 1 card master key and up to 14 keys per application
  • Multiple key assignment for each file access rights (up to 8)
  • Multiple Key Sets per application with fast key rolling mechanism (up to 16 sets)
  • Hardware DES using 56/112/168 bit keys featuring key version
  • Hardware AES using 128-bit keys featuring key version
  • Data authenticity by 8 byte CMAC
  • MF3ICD40 compatible mode: 4 byte MAC, CRC 16
  • Data encryption on RF-channel
  • Authentication on application level
  • Hardware exception sensors
  • Self-securing file system
  • Transaction MAC signed with secret key per application
  • Virtual Card Architecture for enhanced card/application selection on multi-VC devices with privacy protection
  • Proximity Check for protection against Relay Attacks
  • Originality Check for proof of genuine NXP’s product

ISO/IEC 7816 compatibility

  • Supports ISO/IEC 7816-4 file structure (selection by File ID or DF name)
  • Supports ISO/IEC 7816-4 APDU message structure
  • Supports ISO/IEC 7816-4 APDU wrapper for MIFARE DESFire native commands
  • Supports ISO/IEC 7816-4 INS code ‘A4’ for SELECT FILE
  • Supports ISO/IEC 7816-4 INS code ‘BO’ for READ BINARY
  • Supports ISO/IEC 7816-4 INS code ‘D6’ for UPDATE BINARY
  • Supports ISO/IEC 7816-4 INS code ’62’ for READ RECORDS
  • Supports ISO/IEC 7816-4 INS code ‘E2’ for APPEND RECORD
  • Supports ISO/IEC 7816-4 INS code ’88’ for INTERNAL AUTHENTICATE
  • Supports ISO/IEC 7816-4 INS code ’82’ for EXTERNAL AUTHENTICATE

Special features

  • Transaction-oriented automatic anti-tear mechanism with new transaction timer support
  • Configurable ATS information for card personalization
  • Backward compatibility mode to MIFARE DESFire EV2, EV1 and D40 (MF3ICD40)
  • Secure Unique NFC (SUN) enabled by Secure Dynamic Messaging (SDM) which is mirrored as text into the NDEF message (compatible with NTAG DNA)
  • Optional high input capacitance (70 pF) for small form factor designs (MF3DHx3)

MIFARE® DESFire® EV3: High-Security IC for Contactless Smart City Services

  • FOLLOW
  •  
  •  
  •  

Comparison Table

  MIFARE DESFire EV3 MIFARE DESFire EV2 MIFARE DESFire EV1
ISO/IEC 14443 A 1-4 Yes Yes Yes
ISO/IEC 7816-4 support Extended Extended Extended
EEPROM data memory 2/4/8KB 2/4/8/16/32KB 2/4/8KB
Flexible file structure Yes Yes Yes
NFC Forum Tag Type 4 Yes Yes Yes
Unique ID 7B UID or 4B RID 7B UID or 4B RID 7B UID or 4B RID
Number of applications As many as memory size supports As many as memory size supports 28
Number of files per app 32 32 32
Data rates supported Up to 848 Kbit/s Up to 848 Kbit/s Up to 848 Kbit/s
Crypto algorithms supported DES/2K3DES/
3K3DES/
AES128		 DES/2K3DES/
3K3DES/
AES128		 DES/2K3DES/
3K3DES/
AES128
CC certification (HW+SW) EAL 5+ EAL 5+ EAL 4+
Delegated Application Management (Multi-Application) Yes, preloaded keys Yes
SUN (Secure Unique NFC Message) Yes, compatible with NTAG DNA
Transaction MAC per app Yes Yes
Multiple keysets per app Up to 16 keysets Up to 16 keysets
Multiple file access rights Up to 8 keys Up to 8 keys
Inter-app file sharing Yes Yes  
Transaction Timer Yes
Virtual Card Architecture Yes Yes
Proximity Check Yes Yes
Delivery types Wafer, MOA4 & MOA8 Wafer, MOA4 & MOB6 Wafer, MOA4 & MOA8

Source: NXP MIFARE 2020

Tags:
Newer What is Smart Card?
Back to list
Older MIFARE Plus EV2 Chips gateway for new Smart City applications and a compelling upgrade, in terms of security and connectivity, for existing deployments.