Access Control Product Comparison

The Difference Between MIFARE® DESFire® EV1 vs EV2 Contactless Cards

MIFARE DESFire EV1 vs EV2 access control cards: what's the difference?

MIFARE DESFire cards are some of our most popular access control cards to date. However, they come in different types.

One of the most common questions we’re asked about access cards is the difference between DESFire EV1 and EV2.

The main difference between MIFARE DESFire EV1 and EV2 cards is that EV1 cards can hold up to 28 different applications, whereas EV2 can hold an unlimited number of different applications, limited only by the memory size.

In this post, we’ll take a deeper look at the differences between the two and hopefully demonstrate why DESFire EV2 is the better choice for your access control solution.

But first…

What is MIFARE DESFire EV1 and DESFire EV2?

The first MIFARE cards arrived in 1994 as a product of NXP and have since undergone several upgrades to ensure they remain as secure as possible. The DESFire contactless range was originally introduced in 2002 to mitigate the risks associated with low-frequency MIFARE Classic® cards – MIFARE Classic cards have been vulnerable to hacking since at least 2007.

The DESFire range has since spawned multiple generations including the two we are looking at today: EV1 and EV2. Note that there is also a newer range EV3 available, however, this post aims to look solely at the difference between DESFire EV1 vs EV2. For information about DESFire EV3 cards or any other MIFARE cards, check out our handy guide to the types of MIFARE cards.

Key applications for EV1 and EV2 products include:

  • Access control
  • Identity cards
  • Loyalty cards
  • Public transportation ticketing
  • Micropayments

If you’re wondering what DESFire means, the ‘DES’ is indicative of the high-security level the cards use (3DES and or AES hardware). The ‘Fire’ element represents the cards’ key qualities: fast, innovative, reliable and secure.

MIFARE DESFire EV1 vs EV2: What’s the same?

It’s worth nothing that both MIFARE DESFire EV1 and EV2 cards are great options. Whether you choose to go for our genuine MIFARE® DESFire® 4K NXP EV1 cards or advanced DESFire EV2 cards, this will depend entirely on your requirements.

Despite there being numerous differences in the overall security and performance of the pair, EV1 and EV2 both operate at a frequency of 13.56MHz and use the same highly secure AES-128 encryption.

This means they can both be easily configured to work interchangeably. So, those wishing to upgrade from EV1 to EV2 can be sure existing access card readers will work with the newer technology.

MIFARE DESFire access control cards

MIFARE DESFire EV1 vs EV2: What’s the difference?

As mentioned earlier, the main difference between DESFire EV1 and EV2 is that EV2 can hold an unlimited number of different applications, while EV1 cam only hold up to 28 different applications.

EV2 has many benefits over EV1, including:

  • A longer read range
  • More secure EAL5+ certification
  • Proximity check
  • Unlimited application uses
  • Backward compatibility

Now let’s look at these differences in more detail.

Read range and speed

To ensure the most convenient contactless functionality, DESFire EV2 features a significantly improved read range and speed when compared to EV1. The exact speed and performance will vary depending on the card type and the size of the antenna, but the official operating distance is 10cm. However, third parties have shown that the actual operating distance is higher than this.

Speed-wise, MIFARE DESFire 4K EV2 cards can transfer data rates of up to 848Kbit/s, making this one of the quickest contactless technologies to date.

High-security EAL5+ certification

Thanks to its DES, 2K3DES, 3K3DES and AES hardware encryption, MIFARE DESFire EV2 benefits from a Common Criteria EAL5+ certification, while EV1 makes to with EAL4+.

Other security features unique to EV2 include on-chip backup management and mutual three-pass authentication.

Proximity check

EV2’s Proximity check feature boosts security further, protecting your cards against relay attacks. It does this by ensuring the card signal is being read by a reader in close proximity and not a remote signal from a hacker.

Virtual Smart Card architecture also anticipates future needs for privacy protection.

Unlimited application uses

EV1 cards are limited to 28 simultaneous applications. This all changes with the EV2, with virtually no limits on the number of applications and processes the chip can run.

Backward compatibility

For those concerned with the compatibility of the EV2 chip, it has been designed to be compatible with previous chips. These include not only DESFire EV1 but also older MIFARE technologies too.

EV1 vs EV2 Comparison Table

Hopefully the above will have given you a little insight into the difference between DESFire EV1 and DESFire Ev2. To give you a full overview, however, we’ve included a comparison chart below. This goes into more technical detail regarding the differences between the two.

ISO/IEC 14443 A 1-4 Yes Yes
ISO/IEC 7816-4 support Extended Extended
EEPROM data memory 2/4/8KB 2/4/6/8/16/32KB
Flexible file structure Yes Yes
NFC Forum Tag Type 4 Yes Yes
Unique ID 7B UID or 4B RID 7B UID or 4B RID
Number of applications 28 Unlimited until memory is full
Number of files per app 32 32
Data rates supported Up to 848Kbit/s Up to 848Kbit/s
Crypto algorithms DES/2K3DES/3K3DES/AES128 DES/2K3DES/3K3DES/AES128
Certification EAL4+ EAL5+
Delegated Application Management (Multi-App) No Yes
Transaction MAC per app Yes
Multiple keysets per app Up to 16 keysets
Multiple file access rights Up to 8 keys
Inter-app file sharing Yes
Virtual Card Architecture Yes
Proximity Check Yes
Delivery types Wafer, MOA4 & MOA8 Wafer, MOA4 & MOB6

Ready to order?

Whether you’re considering upgrading to newer technologies or simply need more MIFARE® cards, our experts are always happy to help. Call us on 0800 988 2095 and we will find the products that best suit your requirements.

Alternatively, you can browse our complete range of MIFARE cards here.