EXTERNAL USE

JOHANNES GRÜLL

JUNE 22ND, 2016

PRESENT IMPROVED - FUTURE INSIDE

SECURE CLOSED LOOP

PAYMENTS IN AN OPEN

ENVIRONMENT

• Diners Club first contemporary credit card in the

1950’s

• Convenient way to pay for goods & services

without cash

• Convenient use across multiple vendors

• Started as piece of cardboard with signature

• Evolved to complex payment scheme’s like

EMV

• Transaction fees

• Liability shifts

ChallengesFrom Cardboard to Multi-party Payment Solutions

June 22, 20162.

Agenda

1. Adding value to access credentials

2. Trust & guarding against fraud

3. Practical implementation

• MIFARE DESFire EV2

• MIFARE Plus EV1

• Secure your smartcard a slot in your customer’s

wallet• Increase personal value of card to customers

• Increased self service possibilities

• Increased customer & brand engagement

• Common Criteria based platforms allow to run

own payment solutions• Receive cash in advance

• Minimize cash handling cost

• Power own incentive schemes towards customers &

partners

Closed-loop MicropaymentIncreasing Value of Credentials

June 22, 20164.

Micropayment in Single-vendor vendor systems

June 22, 20165.

Vendor

Locations

Vendor/

Card Issuer

End

User

Card loadingSpending money

Demand for Multi-vendor Systems

June 22, 20166.

How can I attract

additional

customers?

Service

Providers

Card

Issuer

End

User

I want

convenient

access with 1

credential only

I want to

increase the

value of my card

to end users

Micropayment in Multi-vendor systems - Challenge

June 22, 20167.

Service

Providers

Card

Issuer

End

User

1.

2.Purchase

3.Multiple challenges in claiming and re-

imbursing within the application

provider eco-system arise

• Traceability of Transactions• Common Criteria certified solutions securing wallets

• New smartcard features securing and proofing transactions

• Authenticity of Transactions• Tax regulations

• Cash register

• Privacy of individual data• End user

• Service providers sales data

• Quick & reliable re-imbursement• Automated

• Scalable

• Protecting individual application providers sales data

Challenges in multi-vendor systemsShared Wallet Applications

June 22, 20168.

Use Cases: Campus CardCashless Campus as Eco-system

June 22, 20169.

• On-Campus Services• Payment (vending machines, copying machines,…)

• Student self-service (registering, printing documents,..)

• Off-Campus Eco-system integration• Public transport linking university sites

• Restaurants

• Cafes

• New Value Streams• Co-promotion

• Fee based model

• Dedication of stipendiums

• Requirement: Scalable & future proof platforms

MIFARE Plus® generation benefitsMIFARE Plus® EV1

June 22, 2016

MIFARE

Plus S

MIFARE

Plus SE

MIFARE

Plus X

MIFARE

Plus EV1

RF Interface

P rotocol

UID –

unique

identif ier

Communication

speed

M emory size

[Byte]2KB 1KB 2KB 2KB

4KB  4KB 4KB

M emory M odel

Crypto

Key Length

Authentication

Communication,

S ecurity

T ransaction

M ACyes

P roximity Check yes

V irtual Card

S elect

CC Certif ication EAL4+ no EAL4+ EAL5+

IS O 7816-4

AP DUyes

NFC compliance

T arget

applications

Input

capacitance17pF 17pF 17pF 17pF or 70pF

S ecure NFC

channelin SL1 & SL3

M ulti

applications

yes

NFC capabilities in SL3

Public transport / Campus cards / Access management

Compact, Sectors & 16- byte block

Crypto- 1, AES

48- bit crypto- 1, 128- bit AES

3- pass mutual

CMACed

MIFARE Plus

ISO/IEC 14443- 2, type A

ISO/IEC 14443- 3&4

7- byte UID, 4- byte NUID, RID

106- 848 Kbps

in SL3 level

Supported via MAD

no

no

no

1994

MIFARE Classic

2009

MIFARE Plus

06/2015

MIFARE Plus SE

04/2016

MIFARE Plus EV1

MIFARE DESFire® generation benefitsMIFARE DESFire® EV2

June 22, 201611.

2002MIFARE DESFire

2008MIFARE DESFire EV1

2015

MIFARE DESFire EV1 256B

2016MIFARE DESFire EV2

MIFARE

DESFire EV1

MIFARE

DESFire EV2

ISO/IEC 14443 A 1-4

ISO/IEC 7816-4 support extended extended

EEPROM data memory 2/4/8KB 2/4/8KB

Flexible file structure

NFC Forum Tag Type 4

Secure, high-speed cmd

Unique ID 7BUID or 4B RID 7BUID or 4B RID

Number of applications 28 unlimited

Number of files per app 32 32

High data rates support up to 848 Kbit/s up to 848 Kbit/s

Crypto algorithms supportDES/2K3DES/

3K3DES/AES

DES/2K3DES/

3K3DES/AES

CC certification (HW + SW) EAL 4+ EAL 5+

MIsmartApp feature -

Transaction MAC per app -

Multiple keysets per app - Up to 16 keysets

Multiple file access rights - Up to 8 keys

Inter-app files sharing -

Virtual Card Architecture -

Proximity Check -

Delivery typesWafer, MOA4 &

MOA8

Wafer, MOA4 &

MOB6

TransactionMACSecuring your money in a shared economy

June 22, 201612.

• MAC calculated over the data of a whole

transaction

• Prove of card presence

• Counters to eliminate replay attempts

• Possibility to integrate reader ID to allocate

transaction to specific service provider

• Detect missing transactions

TransactionMAC in Multi-vendor Systems

June 22, 201613.

Service

ProvidersClearing

House

TMAC keys shared by card and

clearing house

TMAC‘s sent to clearing house

Re-imbursement after clearing

Thank you

Visit us at http://MIFARE.net

Follow us:

https://twitter.com/nxp_mifare https://at.linkedin.com/in/nxpmifarewww.youtube.com/user/nxpsemiconductorshttp://blog.nxp.com/ https://www.facebook.com/nxpsemi

Q&A

Webinar SeriesOutlookDate Title

May 24th 2016 MIFARE Innovation Roadmap – present improved, future inside

June 1st 2016 How to protect contactless systems today and tomorrow

June 8th 2016 Enhanced user experience through active application management

June 15th 2016 Streamlined user management for multi-vendor installations

June 22nd 2016 Secure closed loop payments in an open environment

June 29th 2016 Introduce the future in your today’s system – how to ensure smooth system

upgrades

July 6th 2016 Added value to card based environments through NFC and cloud – when IoT

becomes reality

July 13th 2016 Complement use cases with mobiles and wearables