MF3ICD(H)Q1
MIFARE DESFire EV1 256B contactless smartcard IC
Rev. 3.0 — 5 November 2015
351330
Product short data sheet
COMPANY PUBLIC
1. General description
MIFARE DESFire EV1 256B (MF3ICD(H)Q1), is the future proof entry level product of the
well-established MIFARE DESFire family and is addressing applications with low memory
but high security and data integrity needs.
The MIFARE DESFire EV1 256B offers the same security and file creation features as the
higher memory family members (Ref. 1), but the number of applications and related files
on this product is limited due to its small memory plot.
This addresses the needs of account based systems and environments requiring only a
limited set of applications.
These applications include but are not limited to access management, public transport
ticketing, loyalty schemes and closed-loop payment.
It is fully compatible to all other members of the MIFARE DESFire EV1 family, offering the
same fast and highly secure data transmission, and is fully interoperable with existing
MIFARE DESFire infrastructure.
All MIFARE DESFire products are based on open global standards for both air interface
and implemented cryptographic methods. It is compliant to all 4 levels of ISO/IEC 14443A
and uses optional ISO/IEC 7816-4 commands, features an on-chip backup management
system and mutual three-pass authentication as well as encrypted communication.
The size of each file is defined at the moment of its creation, provides an automatic
anti-tear mechanism for all file types, guaranteeing transaction-oriented data integrity.
Data transfer rates from up to 848 Kbit/s can be achieved, allowing for fast data
transmission.
The main characteristics of the MIFARE DESFire family are denoted by the name
“DESFire”: “DES” indicates the high level of security using a hardware crypto
co-processor for either 3DES or AES-based data processing. “Fire” indicates its
outstanding position as a fast, innovative and highly reliable IC ideally suited to enable a
wide variety of different applications.
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
2. Features and benefits
2.1 RF interface: ISO/IEC 14443 Type A
Contactless transmission of data and powered by the RF-field (no battery needed)
Operating distance: up to 100 mm (depending on power provided by the PCD and
antenna geometry)
Operating frequency: 13.56 MHz
Fast data transfer: 106 kbit/s, 212 kbit/s, 424 kbit/s, 848 kbit/s
High data integrity: 16/32 bit CRC, parity, bit coding, bit counting
True deterministic anticollision
7 bytes unique identifier (cascade level 2 according to ISO/IEC 14443-3 and option for
random ID)
Uses ISO/IEC 14443-4 protocol
2.2 ISO/IEC 7816 compatibility
Supports ISO/IEC 7816-3 APDU message structure
Supports ISO/IEC 7816-4 INS code ‘A4’ for SELECT FILE
Supports ISO/IEC 7816-4 INS code ‘B0’ for READ BINARY
Supports ISO/IEC 7816-4 INS code ‘D6’ for UPDATE BINARY
Supports ISO/IEC 7816-4 INS code ‘B2’ for READ RECORDS
Supports ISO/IEC 7816-4 INS code ‘E2’ for APPEND RECORD
Supports ISO/IEC 7816-4 INS code ‘84’ for GET CHALLENGE
Supports ISO/IEC 7816-4 INS code ‘88’ for INTERNAL AUTHENTICATE
Supports ISO/IEC 7816-4 INS code ‘82’ for EXTERNAL AUTHENTICATE
2.3 Non-volatile memory
256 bytes application memory1, 2
Data retention of 10 years
Write endurance typical 500 000 cycles
2.4 NV-memory organization
Flexible file system
Number of applications and files per application depending on available memory
File types supported: standard data file, back-up data file, value file, linear record file
and cyclic record file
File size is determined during creation
1.
User application example: 1 Application, 2 AES keys, 1 Data file (256 bytes)
2.
Also available in 2 KB, 4 KB and 8 KB. Refer to Ref. 1.
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
2 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
2.5 Security
Based on the same Common Criteria EAL4+ certified MIFARE DESFire EV1 platform
Unique 7 bytes serial number for each device
Optional “RANDOM” ID for enhance security and privacy
Mutual three-pass authentication
Mutual authentication according to ISO/IEC 7816-4
1 card master key and up to 14 keys per application
Hardware DES using 56/112/168 bit keys featuring key version, data authenticity by
8 byte CMAC
Hardware AES using 128-bit keys featuring key version, data authenticity by 8 byte
CMAC
Data encryption on RF-channel
Authentication on application level
Hardware exception sensors
Self-securing file system
Backward compatibility to MF3ICD40: 4 byte MAC, CRC 16
2.6 Special features
Transaction-oriented automatic anti-tear mechanism
Configurable ATS information for card personalization
Backward compatibility mode to MF3ICD40
Optional high input capacitance (70 pF) for small form factor design (MF3ICDHQ1)
3. Applications
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
Public transport ticketing: Account based or Single Journey ticketing
High secure access management
Hospitality
Event ticketing
Loyalty
Gift cards
Smart Visitor Badges (SVB)
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
3 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
4. Quick reference data
Table 1.
Quick reference data [1][2]
Symbol
Parameter
Conditions
fi
input frequency
input capacitance
Ci
Min
Typ
Max
Unit
-
13.56
-
MHz
MF3ICDQ1
[3][4]
14.96
17.0
19.04
pF
MF3ICDHQ1
[3][4]
64.00
69.0
74.00
pF
EEPROM characteristics
tret
retention time
Tamb = 22 C
10
-
-
year
Nendu(W)
write endurance
Tamb = 22 C
200000
500000
-
cycle
tcy(W)
write cycle time
Tamb = 22 C
-
2.9
-
ms
[1]
Stresses above one or more of the values may cause permanent damage to the device.
[2]
Exposure to limiting values for extended periods may affect device reliability.
[3]
Measured with LCR meter.
[4]
Tamb = 22 C; fi = 13.56 MHz; 2.8 V RMS
5. Ordering information
Table 2.
Ordering information
Type number
MF3ICDQ101DUD/06
Package
Name
Description
Version
FFC
8 inch wafer (sawn; 120 m thickness, on film
-
frame carrier; electronic fail die marking
according to SECSII format); see Ref. 4, 256B EEPROM, 17 pF
MF3ICDHQ101DUD/06
FFC
8 inch wafer (sawn; 120 m thickness, on film
-
frame carrier; electronic fail die marking
according to SECSII format); see Ref. 4, 256B EEPROM, 70 pF
MF3ICDQ101DUF/06
FFC
8 inch wafer (sawn; 75 m thickness, on film
-
frame carrier; electronic fail die marking
according to SECSII format); see Ref. 4, 256B EEPROM, 17 pF
MF3ICDHQ101DUF/06
FFC
8 inch wafer (sawn; 75 m thickness, on film
-
frame carrier; electronic fail die marking
according to SECSII format); see Ref. 4, 256B EEPROM, 70 pF
MF3MODQ101DA8/06
PLLMC[1]
plastic leadless module carrier package; 35 mm
SOT500-4
wide tape; see Ref. 5, 256B EEPROM, 17 pF
MF3MODHQ101DA8/06 PLLMC[1]
plastic leadless module carrier package; 35 mm
SOT500-4
wide tape; see Ref. 5, 256B EEPROM, 70 pF
[1]
This package is also known as MOA8.
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
4 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
6. Block diagram
RF
INTERFACE
UART
ISO/IEC
14443A
TRUE RANDOM
NUMBER
GENERATOR
CRYPTO
CO-PROCESSOR
SECURITY
SENSORS
POWER ON
RESET
CPU
CRC
VOLTAGE
REGULATOR
CLOCK
INPUT FILTER
ROM
RESET
GENERATOR
RAM
EEPROM
001aah878
Fig 1.
Block diagram of MF3ICD(H)Q1
7. Limiting values
Table 3.
Limiting values [1][2]
In accordance with the Absolute Maximum Rating System (IEC 60134).
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
Symbol
Parameter
II
Min
Max
Unit
input current
-
30
mA
Ptot/pack
total power dissipation per
package
-
200
mW
Tstg
storage temperature
55
125
C
Tamb
ambient temperature
25
70
C
2
-
kV
100
-
mA
VESD
electrostatic discharge voltage
Ilu
latch-up current
Conditions
[3]
[1]
Stresses above one or more of the limiting values may cause permanent damage to the device.
[2]
Exposure to limiting values for extended periods may affect device reliability.
[3]
MIL Standard 883-C method 3015; human body model: C = 100 pF, R = 1.5 k.
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
5 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
8. Functional description
8.1 Contactless energy and data transfer
In the MIFARE system, the MIFARE DESFire EV1 is connected to a coil consisting of a
few turns embedded in a standard ISO/IEC smart card (see Ref. 7). A battery is not
needed. When the card is positioned in the proximity of the PCD antenna, the high-speed
RF communication interface allows data to be transmitted up to 848 kbit/s.
8.2 Anti-collision
An intelligent anti-collision mechanism allows more than one MIFARE DESFire EV1 in the
field to be handled simultaneously. The anti-collision algorithm selects each MIFARE
DESFire EV1 individually and ensures that the execution of a transaction with a selected
MIFARE DESFire EV1 is performed correctly without data corruption resulting from other
MIFARE DESFire EV1s in the field.
8.3 UID/serial number
The unique 7 byte (UID) is programmed into a locked part of the NV memory which is
reserved for the manufacturer. Due to security and system requirements these bytes are
write-protected after being programmed by the IC manufacturer at production time.
According to ISO/IEC 14443-3 (see Ref. 11) during the first anti-collision loop the cascade
tag returns a value of 88h and also the first 3 bytes of the UID, UID0 to UID2 and BCC.
The second anti-collision loop returns bytes UID3 to UID6 and BCC.
UID0 holds the manufacturer ID for NXP (04h) according to ISO/IEC 14443-3 and
ISO/IEC 7816-6 AMD 1.
MIFARE DESFire EV1 also allows Random ID to be used. In this case MIFARE DESFire
EV1 only uses a single anti-collision loop. The 3 byte random number is generated after
RF reset of the MIFARE DESFire EV1.
8.4 Memory organization
MF3ICD(H)Q1 has 480 bytes of physical NV memory. The NV memory is organized using
a flexible file system. This file system allows a limited number of different applications on
one MIFARE DESFire EV1. Each application can have multiple files. Every application is
represented by its 3 bytes Application IDentifier (AID).
Five different file types are supported; see Section 8.5.
A guideline to assign DESFire AIDs can be found in the application note MIFARE
Application Directory (MAD); see Ref. 8.
Each file can be created either at MIFARE DESFire EV1 initialization (card
production/card printing), at MIFARE DESFire EV1 personalization (vending machine) or
in the field.
If a file or application becomes obsolete in operation, it can be permanently invalidated.
Commands which have impact on the file structure itself (e.g. creation or deletion of
applications, change of keys) activate an automatic rollback mechanism, which protects
the file structure from being corrupted.
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
6 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
If this rollback is necessary, it is done without user interaction before carrying out further
commands. To ensure data integrity on application level, a transaction-oriented backup is
implemented for all file types with backup. It is possible to mix file types with and without
backup within one application.
As the commands are the same with MF3ICD81, the command details are available in
Ref. 1. Only the memory size is different between the devices.
8.5 Available file types
The files within an application can be any of the following types:
•
•
•
•
•
Standard data files
Backup data files
Value files with backup
Linear record files with backup
Cyclic record files with backup
8.6 Security
The 7 byte UID is fixed, programmed into each device during production. It cannot be
altered and ensures the uniqueness of each device.
The UID may be used to derive diversified keys for each ticket. Diversified MIFARE
DESFire EV1 keys contribute to gain an effective anti-cloning mechanism and increase
the security of the original key; see Ref. 6.
Prior to data transmission a mutual three-pass authentication can be done between
MIFARE DESFire EV1 and PCD depending on the configuration employing either 56-bit
DES (single DES, DES), 112-bit DES (triple DES, 3DES), 168-bit DES (3 key triple DES,
3K3DES) or AES. During the authentication, the level of security of all further commands
during the session is set. In addition, the communication settings of the file/application
result in the following options of secure communication between MIFARE DESFire EV1
and PCD:
• Plain data transfer (only possible within the backwards-compatible mode to
MF3ICD40)
• Plain data transfer with cryptographic checksum (MAC): Authentication with
backwards-compatible mode to MF3ICD40: 4 byte MAC, all other authentications
based on DES/3DES/AES: 8 byte CMAC
• Encrypted data transfer (secured by CRC before encryption): Authentication with
backwards-compatible mode to MF3ICD40: A 16-bit CRC is calculated over the
stream and attached. The resulting stream is encrypted using the chosen
cryptographic method. All other authentications-based DES/3DES/AES: A 32-bit CRC
is calculated over the stream and attached. The resulting stream is encrypted using
the chosen cryptographic method.
Find more information on the security concept of the product in Ref. 1. Be aware not all
levels of security are recommended. The recommended secure handling of the product
can be seen in Ref. 2 and in Ref. 10.
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
7 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
8.7 Product identification
The MF3ICD(H)Q1 can be identified by using the Get Version command and observing
the response frames as following:
The first frame: contains hardware-related information:
byte 1: 0x04
byte 2: 0x01
byte 3: 0x01 for 17 pF or 0x02 for 70 pF
byte 4: 0x01
byte 5: 0x00
byte 6: 0x10
byte 7: 0x05
The second frame contains software-related information:
byte 1: 0x04
byte 2: 0x01
byte 3: 0x01
byte 4: 0x01
byte 5: 0x05
byte 6: 0x10
byte 7: 0x05
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
8 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
9. DESFire command set
A detailed description of all commands is provided in Ref. 1.
9.1 ISO/IEC 14443-3
Table 4.
ISO/IEC 14443-3
Command
Description
REQA
REQA and ATQA are implemented fully
according to ISO/IEC 14443-3
WUPA
WUPA is implemented fully according to ISO/IEC
14443-3
ANTICOLLISION/SELECT Cascade Level 1
ANTICOLLISION and SELECT commands are
implemented fully according to ISO/IEC 14443-3;
the response is part 1 of the UID
ANTICOLLISION/SELECT Cascade Level 2
ANTICOLLISION and SELECT commands are
implemented fully according to ISO/IEC 14443-3;
the response is part 2 of the UID
HALT
brings MIFARE DESFire EV1 to the HALT state
9.2 ISO/IEC 14443-4
Table 5.
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
ISO/IEC 14443-4
Command
Description
RATS
identifies the MIFARE DESFire EV1 type to the PCD
PPS
allows individual selection of the communication baud rate between PCD and
MIFARE DESFire EV1; for DESFire it is possible to set different
communication baud rates for each direction i.e. DESFire allows a
non-symmetrical information interchange speed.
WTX
if the MIFARE DESFire EV1 needs more time than the defined FWT to
respond to a PCD command it requests a Waiting Time eXtension (WTX)
DESELECT
allows MIFARE DESFire EV1 to be brought to the HALT state
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
9 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
9.3 MIFARE DESFire EV1 command set overview – security related
commands
Table 6.
Security related commands
Command
Description
Authenticate
MIFARE DESFire EV1 and the reader device show in an encrypted way
that they possess the same secret which especially means the same key;
this not only confirms that both entities are permitted to perform
operations on each other but also creates a session key which can be
used to keep the further communication path secure; as the name
“session key” implicitly indicates, each time a new authentication
procedure is successfully completed a new key for further cryptographic
operations is generated
Change KeySettings
changes the master key settings on MIFARE DESFire EV1 and
application level
Set Configuration
configures the card and pre-personalizes the card with a key, defines if
the UID or the random ID is sent back during communication setup and
configures the ATS string
Change Key
changes any key stored on the MIFARE DESFire EV1
Get Key Version
reads out the current key version of any key stored on the MIFARE
DESFire EV1
Remark: All command and data frames are exchanged between MIFARE DESFire EV1
and PCD by using block format as defined in ISO/IEC 14443-4.
9.4 MIFARE DESFire EV1 command set overview – MIFARE DESFire EV1
level commands
Table 7.
Level commands
Command
Description
Create Application
creates new applications on the MIFARE DESFire EV1
Delete Application
permanently deactivates applications on the MIFARE DESFire EV1
Get Applications IDs
returns the Application IDentifiers of all applications on a MIFARE
DESFire EV1
Free Memory
returns the free memory available on the card
GetDFNames
returns the DF names
Get KeySettings
gets information on the MIFARE DESFire EV1 and application master
key settings; in addition it returns the maximum number of keys which
are configured for the selected application
Select Application
selects one specific application for further access
FormatPICC
releases the MF3ICD(H)Q1 user memory
Get Version
returns manufacturing related data of the MIFARE DESFire EV1
GetCardUID
returns the UID
Remark: All command and data frames are exchanged between MIFARE DESFire EV1
and PCD by using block format as defined in ISO/IEC 14443-4.
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
10 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
9.5 MIFARE DESFire EV1 command set overview – application level
commands
Table 8.
Application level commands
Command
Description
Get FileIDs
returns the File IDentifiers of all active files within the currently selected
application
Get FileSettings
gets information on the properties of a specific file
Change FileSettings
changes the access parameters of an existing file
Create StdDataFile
creates files for the storage of plain unformatted user data within an
existing application on the MIFARE DESFire EV1
Create
BackupDataFile
creates files for the storage of plain unformatted user data within an
existing application on the MIFARE DESFire EV1, additionally supporting
the feature of an integrated backup mechanism
Create ValueFile
creates files for the storage and manipulation of 32-bit signed integer
values within an existing application on the MIFARE DESFire EV1
Create
LinearRecordFile
creates files for multiple storage of similar structural data, for example,
loyalty programs within an existing application on the MIFARE DESFire
EV1; once the file is filled completely with data records, further writing to
the file is not possible unless it is cleared
Create
CyclicRecordFile
creates files for multiple storage of similar structural data, for example,
logging transactions within an existing application on the MIFARE DESFire
EV1; once the file is filled completely with data records, the MIFARE
DESFire EV1 automatically overwrites the oldest record with the latest
written one (this wrap is fully transparent for the PCD)
DeleteFile
permanently deactivates a file within the file directory of the currently
selected application
Remark: All command and data frames are exchanged between MIFARE DESFire EV1
and PCD by using block format as defined in ISO/IEC 14443-4.
9.6 MIFARE DESFire EV1 command set overview – data manipulation
commands
Table 9.
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
Data manipulation commands
Command
Description
Read Data
reads data from Standard Data files or Backup Data files
Write Data
writes data to Standard Data files or Backup Data files
Get Value
reads the currently stored value from Value files
Credit
increases a value stored in a Value file
Debit
decreases a value stored in a Value file
Limited Credit
allows a limited increase of a value stored in a Value file without
having full Credit permissions to the file
Write Record
writes data to a record in a Cyclic or Linear Record file
Read Records
reads out a set of complete records from a Cyclic or Linear Record
file
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
11 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
Table 9.
Data manipulation commands …continued
Command
Description
Clear RecordFile
resets a Cyclic or Linear Record file to empty state
Commit Transaction
validates all previous write accesses on Backup Data files, Value
files and Record files within one application
Abort Transaction
invalidates all previous write accesses on Backup Data files, Value
files and Record files within one application
Remark: All command and data frames are exchanged between MIFARE DESFire EV1
and PCD by using block format as defined in ISO/IEC 14443-4.
9.7 MIFARE DESFire EV1 command set - ISO/IEC 7816 APDU commands
The MIFARE DESFire EV1 provides the following commands according to
ISO/IEC 7816-4:
– INS code ‘A4’ SELECT
– INS code ‘B0’ READ BINARY
– INS code ‘D6’ UPDATE BINARY
– INS code ‘B2’ READ RECORDS
– INS code ‘E2’ APPEND RECORD
– INS code ‘84’ GET CHALLENGE
– INS code ‘88’ INTERNAL AUTHENTICATE
– INS code ‘82’ EXTERNAL AUTHENTICATE
9.7.1 ISO/IEC 7816-4 APDU message structure
DESFire supports the APDU message structure according to ISO/IEC 7816-4 for:
– an optional wrapping of the native DESFire APDU format
– additionally implemented ISO/IEC 7816-4 commands
Find more information on the ISO/IEC 7816-4 commands in Ref. 1.
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
12 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
10. Abbreviations
Table 10.
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
Abbreviations
Acronym
Description
AES
Advanced Encryption Standard
AID
Application IDentifier
APDU
Application Protocol Data Unit
ATS
Answer to Select
CC
Common Criteria
CMAC
Cryptic Message Authentication Code
CRC
Cyclic Redundancy Check
DES
Digital Encryption Standard
DF
Dedicated File
EAL
Evaluation Assurance Level
EEPROM
Electrically Erasable Programmable Read-Only Memory
FWT
Frame Waiting Time
ID
IDentifier
INS
Instructions
LCR
inductance, Capacitance, Resistance
MAC
Message Authentication Code
MAD
MIFARE Application Directory
NV
Non-Volatile Memory
PCD
Proximity Coupling Device
PPS
Protocol Parameter Selection
RATS
Request Answer To Select
REQA
Request Answer
RF
Radio Frequency
UID
Unique IDentifier
WTX
Waiting Time eXtension
WUPA
Wake Up Protocol A
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
13 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
11. References
[1]
Data sheet — MF3ICD81 MIFARE DESFire EV1 Functional Specification,
document number: 13403**3.
[2]
Data sheet — MF3ICD81 Guidance, Delivery and Operation Manual, document
number: 1469**.
[3]
Data sheet — Specification addendum MF3ICD81, document number: 1673**.
[4]
Data sheet — MF3ICD8101 Sawn bumped 120 m wafer addendum, document
number: 1318**.
[5]
Data sheet — MF3MOD81 Contactless chip card module, document number:
1439**.
[6]
Application note — MIFARE DESFire - Implementation hints and examples,
document number: 0945**.
[7]
Application note — Card Coil Design Notes for MIFARE DESFire EV1, document
number: 1713**.
[8]
Application note — MIFARE Application Directory, document number: 0018**.
[9]
Application note — MIFARE ISO/IEC 14443 PICC Selection, document number:
1308**.
[10] Application note — End to end system security risk considerations for
implementing contactless cards, document number: 1550**.
[11] ISO/IEC Standard — ISO/IEC 14443 Identification cards - Contactless integrated
circuit cards - Proximity cards.
3.
** ... BU-ID document version number
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
14 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
12. Revision history
Table 11.
Revision history
Document ID
Release date
MF3ICDQ1_MF3ICDHQ1_ 20151105
SDS
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
Data sheet status
Change notice
Supersedes
Product short data sheet
-
-
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
15 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
13. Legal information
13.1 Data sheet status
Document status[1][2]
Product status[3]
Definition
Objective [short] data sheet
Development
This document contains data from the objective specification for product development.
Preliminary [short] data sheet
Qualification
This document contains data from the preliminary specification.
Product [short] data sheet
Production
This document contains the product specification.
[1]
Please consult the most recently issued document before initiating or completing a design.
[2]
The term ‘short data sheet’ is explained in section “Definitions”.
[3]
The product status of device(s) described in this document may have changed since this document was published and may differ in case of multiple devices. The latest product status
information is available on the Internet at URL http://www.nxp.com.
13.2 Definitions
Draft — The document is a draft version only. The content is still under
internal review and subject to formal approval, which may result in
modifications or additions. NXP Semiconductors does not give any
representations or warranties as to the accuracy or completeness of
information included herein and shall have no liability for the consequences of
use of such information.
Short data sheet — A short data sheet is an extract from a full data sheet
with the same product type number(s) and title. A short data sheet is intended
for quick reference only and should not be relied upon to contain detailed and
full information. For detailed and full information see the relevant full data
sheet, which is available on request via the local NXP Semiconductors sales
office. In case of any inconsistency or conflict with the short data sheet, the
full data sheet shall prevail.
Product specification — The information and data provided in a Product
data sheet shall define the specification of the product as agreed between
NXP Semiconductors and its customer, unless NXP Semiconductors and
customer have explicitly agreed otherwise in writing. In no event however,
shall an agreement be valid in which the NXP Semiconductors product is
deemed to offer functions and qualities beyond those described in the
Product data sheet.
13.3 Disclaimers
Limited warranty and liability — Information in this document is believed to
be accurate and reliable. However, NXP Semiconductors does not give any
representations or warranties, expressed or implied, as to the accuracy or
completeness of such information and shall have no liability for the
consequences of use of such information. NXP Semiconductors takes no
responsibility for the content in this document if provided by an information
source outside of NXP Semiconductors.
In no event shall NXP Semiconductors be liable for any indirect, incidental,
punitive, special or consequential damages (including - without limitation - lost
profits, lost savings, business interruption, costs related to the removal or
replacement of any products or rework charges) whether or not such
damages are based on tort (including negligence), warranty, breach of
contract or any other legal theory.
Notwithstanding any damages that customer might incur for any reason
whatsoever, NXP Semiconductors’ aggregate and cumulative liability towards
customer for the products described herein shall be limited in accordance
with the Terms and conditions of commercial sale of NXP Semiconductors.
Right to make changes — NXP Semiconductors reserves the right to make
changes to information published in this document, including without
limitation specifications and product descriptions, at any time and without
notice. This document supersedes and replaces all information supplied prior
to the publication hereof.
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
Suitability for use — NXP Semiconductors products are not designed,
authorized or warranted to be suitable for use in life support, life-critical or
safety-critical systems or equipment, nor in applications where failure or
malfunction of an NXP Semiconductors product can reasonably be expected
to result in personal injury, death or severe property or environmental
damage. NXP Semiconductors and its suppliers accept no liability for
inclusion and/or use of NXP Semiconductors products in such equipment or
applications and therefore such inclusion and/or use is at the customer’s own
risk.
Applications — Applications that are described herein for any of these
products are for illustrative purposes only. NXP Semiconductors makes no
representation or warranty that such applications will be suitable for the
specified use without further testing or modification.
Customers are responsible for the design and operation of their applications
and products using NXP Semiconductors products, and NXP Semiconductors
accepts no liability for any assistance with applications or customer product
design. It is customer’s sole responsibility to determine whether the NXP
Semiconductors product is suitable and fit for the customer’s applications and
products planned, as well as for the planned application and use of
customer’s third party customer(s). Customers should provide appropriate
design and operating safeguards to minimize the risks associated with their
applications and products.
NXP Semiconductors does not accept any liability related to any default,
damage, costs or problem which is based on any weakness or default in the
customer’s applications or products, or the application or use by customer’s
third party customer(s). Customer is responsible for doing all necessary
testing for the customer’s applications and products using NXP
Semiconductors products in order to avoid a default of the applications and
the products or of the application or use by customer’s third party
customer(s). NXP does not accept any liability in this respect.
Limiting values — Stress above one or more limiting values (as defined in
the Absolute Maximum Ratings System of IEC 60134) will cause permanent
damage to the device. Limiting values are stress ratings only and (proper)
operation of the device at these or any other conditions above those given in
the Recommended operating conditions section (if present) or the
Characteristics sections of this document is not warranted. Constant or
repeated exposure to limiting values will permanently and irreversibly affect
the quality and reliability of the device.
Terms and conditions of commercial sale — NXP Semiconductors
products are sold subject to the general terms and conditions of commercial
sale, as published at http://www.nxp.com/profile/terms, unless otherwise
agreed in a valid written individual agreement. In case an individual
agreement is concluded only the terms and conditions of the respective
agreement shall apply. NXP Semiconductors hereby expressly objects to
applying the customer’s general terms and conditions with regard to the
purchase of NXP Semiconductors products by customer.
No offer to sell or license — Nothing in this document may be interpreted or
construed as an offer to sell products that is open for acceptance or the grant,
conveyance or implication of any license under any copyrights, patents or
other industrial or intellectual property rights.
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
16 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
Export control — This document as well as the item(s) described herein
may be subject to export control regulations. Export might require a prior
authorization from competent authorities.
Translations — A non-English (translated) version of a document is for
reference only. The English version shall prevail in case of any discrepancy
between the translated and English versions.
Quick reference data — The Quick reference data is an extract of the
product data given in the Limiting values and Characteristics sections of this
document, and as such is not complete, exhaustive or legally binding.
13.4 Licenses
Non-automotive qualified products — Unless this data sheet expressly
states that this specific NXP Semiconductors product is automotive qualified,
the product is not suitable for automotive use. It is neither qualified nor tested
in accordance with automotive testing or application requirements. NXP
Semiconductors accepts no liability for inclusion and/or use of
non-automotive qualified products in automotive equipment or applications.
In the event that customer uses the product for design-in and use in
automotive applications to automotive specifications and standards, customer
(a) shall use the product without NXP Semiconductors’ warranty of the
product for such automotive applications, use and specifications, and (b)
whenever customer uses the product for automotive applications beyond
NXP Semiconductors’ specifications such use shall be solely at customer’s
own risk, and (c) customer fully indemnifies NXP Semiconductors for any
liability, damages or failed product claims resulting from customer design and
use of the product for automotive applications beyond NXP Semiconductors’
standard warranty and NXP Semiconductors’ product specifications.
ICs with DPA Countermeasures functionality
NXP ICs containing functionality
implementing countermeasures to
Differential Power Analysis and Simple
Power Analysis are produced and sold
under applicable license from
Cryptography Research, Inc.
13.5 Trademarks
Notice: All referenced brands, product names, service names and trademarks
are the property of their respective owners.
MIFARE — is a trademark of NXP Semiconductors N.V.
DESFire — is a trademark of NXP Semiconductors N.V.
14. Contact information
For more information, please visit: http://www.nxp.com
For sales office addresses, please send an email to: salesaddresses@nxp.com
MF3ICD(H)Q1
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.0 — 5 November 2015
351330
© NXP Semiconductors N.V. 2015. All rights reserved.
17 of 18
MF3ICD(H)Q1
NXP Semiconductors
MIFARE DESFire EV1 256B contactless smartcard IC
15. Contents
1
2
2.1
2.2
2.3
2.4
2.5
2.6
3
4
5
6
7
8
8.1
8.2
8.3
8.4
8.5
8.6
8.7
9
9.1
9.2
9.3
9.4
9.5
9.6
9.7
9.7.1
10
11
12
13
13.1
13.2
13.3
13.4
13.5
14
General description . . . . . . . . . . . . . . . . . . . . . . 1
Features and benefits . . . . . . . . . . . . . . . . . . . . 2
RF interface: ISO/IEC 14443 Type A . . . . . . . . 2
ISO/IEC 7816 compatibility . . . . . . . . . . . . . . . 2
Non-volatile memory. . . . . . . . . . . . . . . . . . . . . 2
NV-memory organization . . . . . . . . . . . . . . . . . 2
Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Special features . . . . . . . . . . . . . . . . . . . . . . . . 3
Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Quick reference data . . . . . . . . . . . . . . . . . . . . . 4
Ordering information . . . . . . . . . . . . . . . . . . . . . 4
Block diagram . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Limiting values. . . . . . . . . . . . . . . . . . . . . . . . . . 5
Functional description . . . . . . . . . . . . . . . . . . . 6
Contactless energy and data transfer. . . . . . . . 6
Anti-collision . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
UID/serial number. . . . . . . . . . . . . . . . . . . . . . . 6
Memory organization . . . . . . . . . . . . . . . . . . . . 6
Available file types . . . . . . . . . . . . . . . . . . . . . . 7
Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Product identification . . . . . . . . . . . . . . . . . . . . 8
DESFire command set. . . . . . . . . . . . . . . . . . . . 9
ISO/IEC 14443-3 . . . . . . . . . . . . . . . . . . . . . . . 9
ISO/IEC 14443-4 . . . . . . . . . . . . . . . . . . . . . . . 9
MIFARE DESFire EV1 command set overview –
security related commands. . . . . . . . . . . . . . . 10
MIFARE DESFire EV1 command set overview –
MIFARE DESFire EV1 level commands . . . . . 10
MIFARE DESFire EV1 command set overview –
application level commands . . . . . . . . . . . . . . 11
MIFARE DESFire EV1 command set overview –
data manipulation commands. . . . . . . . . . . . . 11
MIFARE DESFire EV1 command set - ISO/IEC
7816 APDU commands . . . . . . . . . . . . . . . . . 12
ISO/IEC 7816-4 APDU message structure. . . 12
Abbreviations . . . . . . . . . . . . . . . . . . . . . . . . . . 13
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Revision history . . . . . . . . . . . . . . . . . . . . . . . . 15
Legal information. . . . . . . . . . . . . . . . . . . . . . . 16
Data sheet status . . . . . . . . . . . . . . . . . . . . . . 16
Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Disclaimers . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Trademarks. . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Contact information. . . . . . . . . . . . . . . . . . . . . 17
15
Contents. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Please be aware that important notices concerning this document and the product(s)
described herein, have been included in section ‘Legal information’.
© NXP Semiconductors N.V. 2015.
All rights reserved.
For more information, please visit: http://www.nxp.com
For sales office addresses, please send an email to: salesaddresses@nxp.com
Date of release: 5 November 2015
351330