MIFARE Plus® EV2: Secure IC for Contactless Smart City Services
2023-11-2 View:
MIFARE Plus EV2 (MF1P(H)x2) is the latest addition to the MIFARE Plus product family with enhanced performance at best in class security and flexibility. MIFARE Plus EV2 is Common Criteria EAL5+ security certified product serving the same security certification level as demanded for banking and electronic passport contactless IC products. It is the new benchmark to the mainstream contactless smart card applications with the possibility to upgrade existing infrastructure and services in a seamless way and with minimum effort. Based on these parameters MIFARE Plus EV2 is a trusted platform targeting the
secure authentication of people with an intuitive convenient user experience.
MIFARE Plus EV2 is fully backward compatible to its predecessor as well as to the MIFARE Classic EV1 products. After the card personalization MIFARE Plus EV2 allows AES (Advanced Encryption Standard) for authentication, data integrity and encryption.
MIFARE Plus is based on open global standards for both air interface and cryptographic methods at the highest security level. MIFARE Plus EV2 contains features like the fully encrypted communication mode enabling contactless applications to address privacy sensitive applications. With its optional support of Random ID, it enables compliance with latest user data protection
regulations.
MIFARE Plus EV2 is fully compliant with the contactless proximity smart card protocol according to ISO/IEC 14443-4. ISO/IEC 7816-4 is supported in security level 3 based on AES protocol to making it compatible with the majority of existing contactless infrastructure devices and with NFC devices, such as NFC enabled mobile handsets. Its contactless performance supports superior user convenience and reading distances up to 10 cm.
The non-volatile memory of the MIFARE Plus EV2 is organized in sectors of blocks with either 2k or 4k byte memory to allow a seamless migration from legacy to more advanced products by a step-by-step upgrade of existing infrastructures to higher security, where needed. That is served with the possibility of sector-wise security upgrades of the card.
MIFARE Plus EV2 allows in the MIFARE Classic EV1 backward compatible mode to restrict data and value blocks as well SectorTrailers without the need to permanently lock these blocks and related SectorTrailer(s). That is enabled by restriction of an update operation to blocks configured as restricted configuration block independent of the access condition configuration of the SectorTrailer.
MIFARE Plus EV2 offers a Transaction Timer feature to allow the card issuer to configure a maximum time a transaction can take. Furthermore, a Transaction Message Authentication (TMAC) is supported that allows operators of, e.g., payment applications to calculate a cryptographic checksum over the complete transaction enabling the verification of a transaction by a clearing entity.
MIFARE Plus EV2 is designed to support standards Class 1 smart cards antenna designs with a 17 pF input capacitance as well as smaller form factors, i.e. key fobs,wristbands, by providing 70 pF input capacitance delivery forms. This ensures high user convenience throughout different form factors. This ensures high user convenience throughout different form factors.
Furthermore, MIFARE Plus EV2 offers two ways to check the originality of the product. Either based on a symmetric AES authentication with the 128-bit AES originality key or an asymmetric ECC-based NXP Originality Signature to verify the origin of a ticket with a certain confidence.
Features
RF interface: ISO/IEC 14443 Type A
- Contactless interface compliant with ISO/IEC 14443-2/3 A
- Low Hmin enabling operating distance up to 100 mm (depending on power provided by the PCD and antenna geometry)
- Fast data transfer: 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s
- 7 bytes unique identifier (option for Random ID), 4-byte NUID
- Uses ISO/IEC 14443-4 transmission protocol
- Configurable FSCI to support up to 256 bytes frame size
Non-volatile memory
- 2 kB, 4 kB
- Data retention of 25 years
- Write endurance typical 1 000 000 cycles
- Fast programming cycles
NV-memory organization
- Organized in sectors and blocks, backwards compatible to MIFARE Classic and MIFARE Plus memory organization
MF1P(H)22 is organized in 32 sectors of 4 blocks
MF1P(H)42 is organized in 32 sectors of 4 blocks and in addition 8 sectors of 16 blocks
- Block 0 of sector 0 stores the write protected NXP manufacturer data of the IC
- Each sector has a sector trailer that stores the access conditions and keys of the blocks within the sector
- Blocks can be used to store data or values
Security and Privacy
- Common Criteria certification: EAL5+ (Hardware and Software)
- Unique 7 bytes serial number for each device
- Optional "RANDOM" ID for enhanced security and privacy
- Mutual three-pass authentication
- Mutual authentication according to ISO/IEC 7816-4
- Hardware AES using 128-bit keys
- Data authenticity by 8 byte CMAC
- Data encryption on RF-channel
- Authentication on sector level
- Hardware exception sensors
- Transaction MAC to proof a transaction is genuine towards the backend system
- Virtual Card Architecture for enhanced card/application selection on multi-VC devices with privacy protection
- Proximity Check for protection against Relay Attacks
- Originality Check for proof of genuine NXP's product
ISO/IEC 7816 compatibility
- Supports ISO/IEC 7816-4 APDU message structure
- Supports ISO/IEC 7816-4 APDU wrapper for MIFARE Plus native commands
- Supports ISO/IEC 7816-4 INS code 'A4' for SELECT FILE
- Supports ISO/IEC 7816-4 INS code '82' for EXTERNAL AUTHENTICATE
Special features
- Flexible migration to secure AES-128 authentication and messaging at sector or chip level in SL1SL3MixMode
- Secure end-to-end communication channel for over-the-air services such as mobile top-up of smart cards and deployment of MIFARE 2GO (mobile services) in SL3
- Access rights division between SL1 and SL3 to restrict update operations
- Transaction-oriented automatic anti-tear mechanism with new transaction timer support
- Configurable ATS information for card personalization
- Backward compatibility mode to MIFARE Plus EV1, X, S and SE as well MIFARE Classic
- User-programmable activation parameters (SAK and ATQA) for preliminary migration of all security levels (SL0, SL1 and SL3) in MIFARE Classic product-based infrastructures
- Optional high input capacitance (70 pF) for small form factor designs (MF1PHx2)
Comparison Table
| Memory | MIFARE Plus EV2 | MIFARE Plus X |
| Memory configuration | Block/sector structure | Block/sector structure |
| Memory size | 2 kB / 4 kB | 2 kB / 4 kB |
| ISO/IEC |
ISO/IEC 14443 A 1-4 ISO/IEC 7816 |
ISO/IEC 14443 A 1-4 ISO/IEC 7816 |
| UID/ONUID | 7B UID or 4 B ONUID | 7B UID or 4 B ONUID |
| Data rates | Up to 848 kbps according to ISO/IEC 14443-4 | Up to 848 kbps according to ISO/IEC 14443-4 |
| Algorithm | AES 128-bit, secure messaging, legacy Crypto1 | AES 128-bit, secure messaging, legacy Crypto1 |
| Security Level concept | Sector-by-Sector or card | Card only |
| SL1SL3MixMode | Secure backend connection into SL1 sectors | - |
| Transaction MAC (TMAC) | Secure validation of back-end transaction | - |
| Transaction Timer | Mitigate man-in-the-middle attacks | - |
| Common Criteria certification | EAL5+ for IC HW and SW | EAL4+ for IC HW and SW |
