MIFARE® DESFire, when secured with 128-bit encryption, is one of the most secure access control technologies in the world. DESFire achieves this using mutual authentication, which means both a reader’s and transponder’s security keys must match each other. This ensures a DESFire transponder can’t be cloned or even hacked, because only readers programmed with authentic credentials will trigger it to reply. Furthermore, DESFire encrypts transactions to make it impossible to skim credentials from the RF data stream between a reader and transponder.
DESFire ciphers, or security keys, are integral to DESFire. For example, all readers in a DESFire system must be programmed with particular security keys for reading certain transponder populations. Correspondingly, all transponders in a group must be coded to recognize those security keys. How to manage all of DESFire’s keys depends ultimately on an integrator’s, installer’s or end-users resources and priorities. Some choose to create and manage their keys independently (e.g., using Idesco DESCoder programming tool). Others prefer outsourcing some or all parts of their key management so they can focus on their core business or mission.
Learn more about Idesco Security Key Management. Download Idesco Security Key Management service description and compare the range of Security Key Management options Idesco can provide; from coding, documenting and managing entirely yourself – to saving resources and letting Idesco take care of all your security key issues for you. If you are an integrator, both you and your customer might benefit by sharing this service description with them when you begin discussing different DESFire options.
Why migrate to DESFire?
- Secure 128 bit encryption, impossible to clone
- Open MIFARE® technology, several suppliers, no ‘vendor locking’
- Large transponder memory capacity supports robust security features, multi-applications
- (With Idesco) Flexibly and conveniently installed, re-configured, updated readers