Idesco key diversification flexibly enhances security


Key diversification is a powerful security capability MIFARE added to its DESFire technology. Like previous MIFARE keyed security features, key diversification requires system integrators and vendors who deploy it to address management of their security keys. That is why Idesco’s security key management service will begin offering customers a range of options for also managing diversified security keys. They will be able to program and manage their keys themselves with a coding tool, or purchase programmed readers and transponders from Idesco, to avoid learning DESFire key programming and management. Best of all, customers purchasing key diversified readers and transponders from Idesco will remain free to source them from other MIFARE® DESFire suppliers. Key diversification will be a configurable parameter in all Idesco DESFire readers, giving both system integrators and sensitive sites the maximum freedom to optionally deploy it as a future security enhancement.

How does Key Diversification strengthen DESFire security?

In general, all DESFire readers and transponders are coded to recognize each other by sharing identical, highly-specific strings of characters called, security keys. These shared keys are what let transponders and readers recognize each other (i.e. mutual authentication). The result is no foreign DESFire reader could read your site’s transponders – so they can never be cloned. Continuous additional encryption further protects your readers’ and transponders’ conversations, thereby defeating skimming and side-hack attempts.

Key diversification expands this security by protecting individual transponders with their own, unique security key. As a result, readers’ authentications of every transponder are also unique. The statistical impossibility of deciphering a shared DESFire key (i.e. by skimming repeated transactions) becomes pointless with key diversification: a shared DESFire key no longer commands a transponder to share its contents – only its unique security key.

Other news

Mobile identification app


Idesco Mobile Lite mobile ID application is convenient, easy to use and manage. It doesn’t require a cloud service. Users simply download the app to their mobile phone which simultaneously creates a device UID in their phone.

Read more


When Taina Parkkinen joined Idesco’s team over a year ago, she began reinforcing Idesco’s embedded software design and documentation.

Read more


We have rapidly grown our team recently, with several new recruits tasked to developing future Idesco RFID products. In support of our latest growth plan, our sales team has also been re-organized.

Read more
Customer support

Cookies on our website

Your privacy is important to us, and we are committed to protecting your personal information. Before you continue browsing our website, please read privacy policy and accept cookies.