Products

HID® MIFARE® DESFire® EV3 + iCLASS®

A powerful multi-purpose credential that leverages the latest security techniques to secure personal data and includes iCLASS for migration
HID MIFARE DESFire EV3 + iCLASS
Overview
Credential Profile Options

Secure credentials are a critical component of a modern physical access control program. Not only do new credential technologies, including DESFire EV3, offer a higher level of protection against threats like spoofing and hacking, they also deliver support for a range of applications beyond physical access control.

DESFire EV3 is the latest addition to the MIFARE DESFire family of smart card chipsets from NXP. This latest evolution introduces the option of even more features for implementation, and HID has taken full advantage.

DESFire EV3 + iCLASS multi-technology credentials maintain interoperability with legacy iCLASS and are designed to enable security system owners with a smooth migration path from legacy iCLASS  to a modern and secure credential technology.  All readers do not immediately need to be upgraded when starting a migration. For enterprise clients with a wide mix of technologies, this allows for a smooth implementation of the reader upgrade as costs can be budgeted over an ideal timeframe.

HID DESFire EV3 cards leverage security features including AES128 encryption, secure channel-based file transfer and proximity checks to protect card data from attack. Furthermore, unlike many other DESFire solutions available on the market, random UID has also been introduced to our high security profile to restrict the card from openly sharing any information that could be associated with the user.

DESFire EV3 credentials from HID also offer layered security with the addition of a Secure Identity Object™ (SIO™) data model for added key diversification, authentication signatures and encryption.

Furthermore, unlike many other DESFire solutions available on the market, random UID has also been introduced to  to restrict the card from openly sharing any information that could be associated with the user.

Key Features

  • Feature-rich security — Secure card data with the best implementation of the DESFire EV3 toolbox including AES128 encryption, secure channel-based file transfer and proximity check to protect against man-in-the-middle attacks
  • Added assurance — Available with the portable Secure Identity Object (SIO) data model for added key diversification, authentication signatures and encryption
  • Protect user privacy — By implementing a random UID, the card is restricted from openly sharing any information that could be associated with the user
  • Fully backwards compatibility — Ensure your investment in legacy DESFire credentials and readers is protected; DESFire EV3 credentials offer fully backwards compatibility with EV1 and EV2 based solutions
  • Flexibility — Available in three profiles to ensure the best fit for your access control system: high security, compatibility and custom
  • Simplified, cost-effective migrations — Support for iCLASS 13.56MHz technology to enable migration from legacy credentials

Available in three profiles to ensure the best fit for your site and existing infrastructure allowing you to step up the security. 

High Security Profile 
Best-in-class security and privacy on EV3, programmed with an enhanced application that leverages the new features of EV3 plus a Secure Identity Object (SIO). 

HID's new DESFire EV3 Secure Identity Object (SIO) application leverages the best possible security settings and features of EV3 combined with NIST based open standards for key diversification. 

Compatibility: Supported by HID Signo readers with firmware 10.0.2.4 or higher. 


Compatibility Profile 
Offers the flexibility of DESFire EV3 backwards compatibility with iCLASS SE, multiCLASS Rev E readers and third-party applications that rely on static UID, reading DESFire EV1 or EV2 Secure Identity Object (SIO) cards.

This is achieved through the provision of both applications onto the DESFire EV3 credential. iCLASS SE and multiCLASS SE Rev E readers can continue to read the EV1 compatible Secure Identity Object (SIO) application while the latest Signo reader firmware selects the new higher security Secure Identity Object (SIO) application, leveraging the latest security features.

Compatibility: EV1 SIO application supported by HID Signo™, iCLASS® SE™ and multiCLASS® SE readers. HID Signo reader with firmware 10.0.2.4 or greater supports the higher security EV3 application.

Custom Profile 
Available customized to bespoke specifications, or unprogrammed for full in-field personalization compatible with EV1, EV2 or EV3 compliant solutions. 

Compatibility: Supported by custom profile HID Signo, iCLASS SE and multiCLASS Rev E readers.