General Description
MIFARE DESFire EV2 (MF3D(H)x2) is the
latest addition to the MIFARE DESFire product family introducing new features
along with enhanced performance for best user experience. The MIFARE DESFire
EV2 is Common Criteria EAL5+ security certified which is the same security
certification level as demanded for smart card IC products used e.g. for
banking cards or electronic passports. It fully complies with the requirements for
fast and highly secure data transmission and flexible application management.
This makes it the ideal product for service providers and service operators who
want to offer aneasy, convenient and secure access to a wide variety of
different services.
MIFARE DESFire EV2 is the third generation
of the MIFARE DESFire products family succeeding MIFARE DESFire EV1. It is
functionally backward compatible with both MIFARE DESFire EV1 and MIFARE
DESFire D40 (MF3ICD40).
MIFARE DESFire EV2 can be used as a MIFARE
DESFire EV1 in its default delivery configuration. Every new features would
required an activation and/or the use of new commands.
Features overview
2.1.1 RF interface: ISO/IEC 14443 Type A
Contactless interface compliant with
ISO/IEC 14443-2/3 A
Low Hmin enabling operating distance up
to 100 mm (depending on power provided
by the PCD and antenna geometry)
Fast data transfer: 106 kbit/s, 212
kbit/s, 424 kbit/s, 848 kbit/s
7 bytes unique identifier (option for
Random ID)
Uses ISO/IEC 14443-4 transmission
protocol
Configurable FSCI to support up to 128
bytes frame size (new)
2.1.2 Non-volatile memory
2 kB, 4 kB or 8 kB EEPROM
Data retention of 25 years
Write endurance typical 500 000 cycles
Fast programming cycles (erase/write) 1
ms
2.1.3 NV-memory organization
Flexible file system: user can freely
define application structures on PICC
Virtually no limitation on number of
applications per PICC (new)
Up to 32 files in each application (6
file types available: Standard Data file, Back-up
Data file, Value file, Linear Record file,
Cyclic Record file and Transaction MAC file)
File size is determined during creation
(not for Transaction MAC file)
2.1.4 Security
Common Criteria certification: EAL5+
(Hardware and Software)
Unique 7 bytes serial number for each
device
Optional “RANDOM” ID for enhance security
and privacy
Mutual three pass authentication
Mutual authentication according to
ISO/IEC 7816-4
Flexible key management: 1 card master
key and up to 14 keys per application
Hardware DES using 56/112/168 bit keys
featuring key version
Hardware AES using 128-bit keys featuring
key version
Data authenticity by 8 byte CMAC
Data encryption on RF-channel
Authentication on application level
Hardware exception sensors
Self-securing file system
Backward compatibility to MF3ICD40: 4
byte MAC, CRC 16
Application
Advanced public transportation schema
Highly secure access management
Closed-loop e-payment scheme
Event ticketing
eGovernment applications