English 
Español 
Description
Key Specifications:
| Model | Full name | Capacity | Encryption Algorithm | Security Level (SL) |
| EV1 | MIFARE DESFire EV1 | 2KB / 4KB / 8KB | DES, 3DES, AES-128 | Common Criteria EAL4+ |
| EV2 | MIFARE DESFire EV2 | 2KB / 4KB / 8KB / 16KB | 3DES, AES-128, Random Number Enhancement | EAL4+, Enhanced Against Side-Channel Attacks |
| EV3 | MIFARE DESFire EV3 | 2KB / 4KB / 8KB / 16KB / 32KB / 64KB | AES-128, Supports OTA Key Updates | EAL5+, supporting Secure Boot and privacy protection. |
All models operate at a frequency of 13.56 MHz, comply with the ISO/IEC 14443A standard, and typically have a read/write distance ranging from 1.5 cm to 8 cm.
Key Technical Features:
1. MIFARE DESFire EV1
Security Foundation: As the inaugural product in the series, the EV1 introduced a complete Smart Card Operating System (COS), supporting multi-application isolation and dynamic file management.
Encryption Mechanisms: It employs a hardware-level encryption coprocessor and supports various authentication protocols, effectively defending against replay and Man-in-the-Middle (MITM) attacks.
Application Flexibility: It allows for the creation of up to 28 independent applications, with support for 32 files under each application, making it suitable for complex system integration.
2. MIFARE DESFire EV2
Security Upgrades: It features enhanced random number generation quality and optimized defenses against physical attacks, such as Differential Power Analysis (DPA).
System Compatibility: It is fully compatible with existing MIFARE infrastructure and supports the standard APDU instruction set, facilitating the seamless upgrade of legacy systems.
Expanded Applications: It is ideal for scenarios requiring high interoperability, such as cross-city transit cards and enterprise-level access control networks.
3. MIFARE DESFire EV3
Performance Leap: It supports faster transaction speeds and longer communication distances, with data transfer rates reaching 848 kbps, significantly enhancing the user experience.
Remote Management: It supports Over-the-Air (OTA) key updates, allowing for remote card configuration via NFC-enabled mobile phones; keys can be pre-configured to enable “plug-and-play” style deployment.
Privacy Protection: It introduces a new anonymous mode to safeguard user privacy in scenarios where identity verification is not required, ensuring compliance with data protection regulations such as GDPR.
Differences between NXP Desfire EV1/EV2/EV3 2K 4K 8K Cards
We have three types of cards: NXP Desfire EV1 2K 4K 8K Card, NXP Desfire EV2 2K 4K 8K Card, and NXP Desfire EV3 2K 4K 8K Card. Although these three cards belong to the same series, they differ significantly in terms of card parameters and application fields.
| Feature / Version | DESFire EV1 | DESFire EV2 | DESFire EV3 |
|---|---|---|---|
| Launch Year | 2006 | 2016 | 2019 |
| Memory Options | 2K / 4K / 8K | 2K / 4K / 8K | 2K / 4K / 8K |
| Security Algorithms | 3DES, AES, RSA (basic) | AES-128, Random ID | AES-128 (enhanced), SCP03, Secure RNG |
| Application Support | Up to 28 apps, 32 files/app | True multi-application, independent keys | Multi-application + advanced isolation |
| Transaction Integrity | Basic checks | Transaction MAC | Transaction Timer (anti-hijack) |
| Anti-Cloning Features | Limited | Random UID, better encryption | Strong anti-relay (Proximity Check) |
| Resistance to Attacks | Standard | Improved cryptographic security | Side-channel & relay attack protection |
| Speed / Performance | Standard | Faster, more reliable | Optimised response time |
| Main Applications | Transit, access control, ID | Modern transport, campus, enterprise | Government ID, finance, critical systems |
