MIFARE Plus® EV2

As the next generation of NXP’s MIFARE Plus product family, the MIFARE Plus EV2 IC is designed to be both a gateway for new Smart City applications and a compelling upgrade, in terms of security and connectivity, for existing deployments. Its expanded feature set makes it a great choice for contactless Smart City services:

  • Security-level concept for seamless migration from legacy infrastructures to high-level SL3 security
  • Transaction MAC on Data and Value Blocks to prove genuineness of transaction towards backend system
  • AES 128-bit cryptography for authentication and secure messaging
  • Transaction Timer to mitigate man-in-the-middle attacks
  • IC hardware and software certification according to Common Criteria EAL 5+

Product Details

Block Diagram

MIFARE Plus EV2 block diagram

GET DIAGRAM PDF

Features

RF interface: ISO/IEC 14443 Type A

  • Contactless interface compliant with ISO/IEC 14443-2/3 A
  • Low Hmin enabling operating distance up to 100 mm (depending on power provided by the PCD and antenna geometry)
  • Fast data transfer: 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s
  • 7 bytes unique identifier (option for Random ID), 4-byte NUID
  • Uses ISO/IEC 14443-4 transmission protocol
  • Configurable FSCI to support up to 256 bytes frame size

Non-volatile memory

  • 2 kB, 4 kB
  • Data retention of 25 years
  • Write endurance typical 1 000 000 cycles
  • Fast programming cycles

NV-memory organization

  • Organized in sectors and blocks, backwards compatible to MIFARE Classic and MIFARE Plus memory organization
    • MF1P(H)22 is organized in 32 sectors of 4 blocks
    • MF1P(H)42 is organized in 32 sectors of 4 blocks and in addition 8 sectors of 16 blocks
  • Block 0 of sector 0 stores the write protected NXP manufacturer data of the IC
  • Each sector has a sector trailer that stores the access conditions and keys of the blocks within the sector
  • Blocks can be used to store data or values

Security and Privacy

  • Common Criteria certification: EAL5+ (Hardware and Software)
  • Unique 7 bytes serial number for each device
  • Optional “RANDOM” ID for enhanced security and privacy
  • Mutual three-pass authentication
  • Mutual authentication according to ISO/IEC 7816-4
  • Hardware AES using 128-bit keys
  • Data authenticity by 8 byte CMAC
  • Data encryption on RF-channel
  • Authentication on sector level
  • Hardware exception sensors
  • Transaction MAC to proof a transaction is genuine towards the backend system
  • Virtual Card Architecture for enhanced card/application selection on multi-VC devices with privacy protection
  • Proximity Check for protection against Relay Attacks
  • Originality Check for proof of genuine NXP’s product

ISO/IEC 7816 compatibility

  • Supports ISO/IEC 7816-4 APDU message structure
  • Supports ISO/IEC 7816-4 APDU wrapper for MIFARE Plus native commands
  • Supports ISO/IEC 7816-4 INS code ‘A4’ for SELECT FILE
  • Supports ISO/IEC 7816-4 INS code ’82’ for EXTERNAL AUTHENTICATE

Special features

  • Flexible migration to secure AES-128 authentication and messaging at sector or chip level in SL1SL3MixMode
  • Secure end-to-end communication channel for over-the-air services such as mobile top-up of smart cards and deployment of MIFARE 2GO (mobile services) in SL3
  • Access rights division between SL1 and SL3 to restrict update operations
  • Transaction-oriented automatic anti-tear mechanism with new transaction timer support
  • Configurable ATS information for card personalization
  • Backward compatibility mode to MIFARE Plus EV1, X, S and SE as well MIFARE Classic
  • User-programmable activation parameters (SAK and ATQA) for preliminary migration of all security levels (SL0, SL1 and SL3) in MIFARE Classic product-based infrastructures
  • Optional high input capacitance (70 pF) for small form factor designs (MF1PHx2)

More 

Part numbers include: MF1P2200DA4, MF1P2200DA8, MF1P2201DUD, MF1P2230DA4, MF1P2230DA8, MF1P2231DUD, MF1P4200DA4, MF1P4200DA8, MF1P4201DUD, MF1P4230DA4, MF1P4230DA8, MF1P4231DUD, MF1PH2200DA4, MF1PH2200DA8, MF1PH2201DUD, MF1PH2230DA4, MF1PH2230DA8, MF1PH2231DUD, MF1PH4200DA4, MF1PH4200DA8, MF1PH4201DUD, MF1PH4230DA4, MF1PH4230DA8, MF1PH4231DUD.

Less 

Comparison Table

MemoryMIFARE Plus EV2MIFARE Plus X
Memory configurationBlock/sector structureBlock/sector structure
Memory size2 kB / 4 kB2 kB / 4 kB
ISO/IECISO/IEC 14443 A 1-4
ISO/IEC 7816
ISO/IEC 14443 A 1-4
ISO/IEC 7816
UID/ONUID7B UID or 4 B ONUID7B UID or 4 B ONUID
Data ratesUp to 848 kbps according to ISO/IEC 14443-4Up to 848 kbps according to ISO/IEC 14443-4
AlgorithmAES 128-bit, secure messaging, legacy Crypto1AES 128-bit, secure messaging, legacy Crypto1
Security Level conceptSector-by-Sector or cardCard only
SL1SL3MixModeSecure backend connection into SL1 sectors
Transaction MAC (TMAC)Secure validation of back-end transaction
Transaction TimerMitigate man-in-the-middle attacks
Common Criteria certificationEAL5+ for IC HW and SWEAL4+ for IC HW and SW

Applications

Smart City

  1. Access Management
  2. Closed loop payments
  3. Loyalty
  4. Smart Lock
  5. Transport Ticketing

Download MIFARE Plus® EV2 Product Data Sheet

Leave a Comment

Your email address will not be published. Required fields are marked *