Transaction MAC Feature

NXP MIFARE Team
NXP MIFARE TeamMIFARE is the leading contactless development platform used in more than 40 different applications worldwide.
EXTERNAL NXP, THE NXP LOGO AND NXP SECURE CONNECTIONS FOR A SMARTER WORLD ARE TRADEMARKS OF NXP B.V. ALL OTHER PRODUCT OR SERVICE NAMES ARE THE PROPERTY OF THEIR RESPECTIVE OWNERS. © 2020 NXP B.V. 3 1 S T J U LY 2 0 2 0 Sandra Fuchs Principal Customer Application Engineer TRANSACTION MAC A MIFARE® DESFire® EV3 & MIFARE Plus® EV2 KEY FEATURE VIDEO
1EXTERNAL TRANSACTION MAC TO HELP PREVENT FRAUDULENT MERCHANT ATTACKS O F F L I NE T R AN S AC T I O N S W I T H S E C U R E VAL I D AT I O N • The Transaction MAC (TMAC) feature allows the infrastructure operator / POS operator / merchant to prove the genuineness and authenticity of executed transactions between the reader terminal and the IC inside a smart card • Helps to establish trust in a multi-service provider system − Proving that every transaction is genuine towards the backend system via secure verification of transaction validity • Card generated TMAC covers all transaction details, allowing to detect: − Forged or fraudulent transactions − Replay of transactions − Unreported and missing transactions Preventing fraudulent merchant attacks Generating a MAC for the transaction, proves genuineness of executed transactions Allows to detect replayed, manipulated or missing transactions using the TMAC counter
2EXTERNAL TRANSACTION MAC TO HELP PREVENT FRAUDULENT MERCHANT ATTACKS O F F L I NE T R AN S AC T I O N S W I T H S E C U R E VAL I D AT I O N Backend Clearing House Offline Transaction TMAC Key AES128 TMAC TMAC Key AES128 Reader Terminal Service Provider Y Reader Terminal Service Provider Z
3EXTERNAL TECHNICAL DETAILS: HOW TO ENABLE TRANSACTION MAC FEATURE ON THE CARD On MIFARE DESFire EV3 • Can be enabled independently for each application • Established by creating a Transaction MAC file inside the application • Correct access rights for Transaction MAC file need to be set • Desired Transaction MAC key needs to be written into Transaction MAC file in a secure way • Once enabled, Transaction MAC will be calculated automatically by the IC with every CommitTransaction command targeting the application, and returned to the reader On MIFARE Plus EV2 • In total, four Transaction MAC Keys can be configured on the IC • Each TMAC Key is connected to one TransactionMACBlock which contains current TMAC Value and Counter plus one TransactionMACConfiguratinBlock − TransactionMACConfiguratinBlock specifies which MIFARE Plus data or value blocks shall be protected by Transaction MAC • Once enabled, Transaction MAC will be calculated automatically by IC when updating one or more protected blocks • Write / Transfer / Increment Transfer / Decrement Transfer commands trigger Transaction MAC finalization and updating of TransactionMACBlocks
4EXTERNAL MORE INFORMATION ABOUT TRANSACTION MAC FEATURE Item Number Availability Datasheet - MIFARE DESFire EV3 DS4489 NXP Docstore (confidential) Datasheet - MIFARE Plus EV2 DS5223 NXP Docstore (confidential) Application Note - MIFARE DESFire EV3 Quick-Start Guide AN5755 NXP website (public) Application Note - MIFARE DESFire EV3 Features and Hints AN5881 NXP Docstore (confidential) Application Note - Feature and Functionality Comparison between MIFARE DESFire EV2 and MIFARE DESFire EV3 AN5756 NXP website (public) Application Note - MIFARE Plus EV2 Features and Hints AN5760 NXP Docstore (confidential) Application Note - Comparison between MIFARE Plus EV2 and previous types AN5762 NXP Docstore (confidential) RFID Discover Software SW1866 NXP Docstore (confidential) NXP Reader Library (Windows based) SW1717 NXP Docstore (confidential) https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-desfire https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-plus https://www.docstore.nxp.com/
NXP, THE NXP LOGO AND NXP SECURE CONNECTIONS FOR A SMARTER WORLD ARE TRADEMARKS OF NXP B.V. ALL OTHER PRODUCT OR SERVICE NAMES ARE THE PROPERTY OF THEIR RESPECTIVE OWNERS. © 2020 NXP B.V.
1 of 6

Transaction MAC Feature

Download to read offline
Devices & Hardware

The Transaction MAC feature of NXP’s MIFARE DESFire EV3 and MIFARE Plus EV2 ICs can help to prevent fraudulent merchant attacks. It allows to prove the authenticity of executed transactions between the reader terminal and an IC inside a smart card.

NXP MIFARE Team
NXP MIFARE TeamMIFARE is the leading contactless development platform used in more than 40 different applications worldwide.

Recommended

Transaction Timer FeatureTransaction Timer Feature
Transaction Timer FeatureNXP MIFARE Team
279 views6 slides
Hashicorp Vault Associate Certification Concepts Part 2 Hashicorp Vault Associate Certification Concepts Part 2
Hashicorp Vault Associate Certification Concepts Part 2 Adnan Rashid
208 views16 slides
Becoming a hyperledger aries developer learn things.onlineBecoming a hyperledger aries developer learn things.online
Becoming a hyperledger aries developer learn things.onlinedjaber3
348 views89 slides
FIDO Specifications Overview: UAF & U2FFIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2FFIDO Alliance
2.6K views24 slides
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityHuda Seyam
336 views17 slides
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxFIDO Alliance
891 views17 slides

More Related Content

What's hot

What's hot(20)

SSL Communication and Mutual AuthenticationSSL Communication and Mutual Authentication
SSL Communication and Mutual Authentication
Cleo2.5K views
HSM (Hardware Security Module)HSM (Hardware Security Module)
HSM (Hardware Security Module)
Umesh Kolhe1.1K views
HSM Key change flow using thalesHSM Key change flow using thales
HSM Key change flow using thales
Galih Lasahido4K views
Azure DevOps Overview [Arabic]Azure DevOps Overview [Arabic]
Azure DevOps Overview [Arabic]
ahmadezzeir379 views
RSA SecurID AccessRSA SecurID Access
RSA SecurID Access
MarketingArrowECS_CZ4.5K views
Easy way to do rolling upgrades for SQL ServerEasy way to do rolling upgrades for SQL Server
Easy way to do rolling upgrades for SQL Server
SolarWinds1.3K views
SSL Certificates and OperationsSSL Certificates and Operations
SSL Certificates and Operations
Nisheed KM552 views
Spring Day | Identity Management with Spring Security | Dave SyerSpring Day | Identity Management with Spring Security | Dave Syer
Spring Day | Identity Management with Spring Security | Dave Syer
JAX London15.6K views
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part Two
Arash Ramez3K views
FIDO2 & MicrosoftFIDO2 & Microsoft
FIDO2 & Microsoft
FIDO Alliance1.1K views
Gestionarea utilizarii retelelor de socializare de catre organizatiile guvern...Gestionarea utilizarii retelelor de socializare de catre organizatiile guvern...
Gestionarea utilizarii retelelor de socializare de catre organizatiile guvern...
E-Government Center Moldova2.7K views
Intro To The FIX Protocol presented at BarCampNYC3 Intro To The FIX Protocol presented at BarCampNYC3
Intro To The FIX Protocol presented at BarCampNYC3
Brian Driscoll7.1K views
A Tour of CombineA Tour of Combine
A Tour of Combine
Vy-Shane Xie2.1K views
12-Factor Apps12-Factor Apps
12-Factor Apps
Siva Rama Krishna Chunduru562 views
WebAuthn and Security KeysWebAuthn and Security Keys
WebAuthn and Security Keys
FIDO Alliance2.6K views
Digital SignatureDigital Signature
Digital Signature
saurav588443.4K views
Jack pot jp 666t food steamer manualJack pot jp 666t food steamer manual
Jack pot jp 666t food steamer manual
Vytautas3280 views
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
pqrs1234686 views
WSO2 API microgateway introductionWSO2 API microgateway introduction
WSO2 API microgateway introduction
Chanaka Fernando264 views
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
Prashanth Kurimella2.3K views

Similar to Transaction MAC Feature

Similar to Transaction MAC Feature(20)

Security Level 3 (SL3) CapabilitiesSecurity Level 3 (SL3) Capabilities
Security Level 3 (SL3) Capabilities
NXP MIFARE Team815 views
A REPORT ON CITRIX INDEPENDENT COMPUTING ARCHITECTURE (ICA) PROTOCOL A REPORT ON CITRIX INDEPENDENT COMPUTING ARCHITECTURE (ICA) PROTOCOL
A REPORT ON CITRIX INDEPENDENT COMPUTING ARCHITECTURE (ICA) PROTOCOL
chaitanya ivvala831 views
SL1SL3 MixMode FeatureSL1SL3 MixMode Feature
SL1SL3 MixMode Feature
NXP MIFARE Team350 views
Testing Network Routers for Extreme Scale and Performance Testing Network Routers for Extreme Scale and Performance
Testing Network Routers for Extreme Scale and Performance
Sailaja Tennati1.6K views
Diameter_Apr2014.pptxDiameter_Apr2014.pptx
Diameter_Apr2014.pptx
LaCorrientedelGolfo10 views
ISO8583 SimulatorISO8583 Simulator
ISO8583 Simulator
Srinivasa Sundar Bandepalli484 views
Secure Dynamic Messaging FeatureSecure Dynamic Messaging Feature
Secure Dynamic Messaging Feature
NXP MIFARE Team503 views
Don’t Get Stuck in The Encryption Stone Age: Get Decrypted Visibility with Am...Don’t Get Stuck in The Encryption Stone Age: Get Decrypted Visibility with Am...
Don’t Get Stuck in The Encryption Stone Age: Get Decrypted Visibility with Am...
SBWebinars342 views
NFC Basic ConceptsNFC Basic Concepts
NFC Basic Concepts
Ade Okuboyejo14.9K views
WAPWAP
WAP
VinishA2384 views
Axiros tr069-smartmicrogrid-devicemanagementAxiros tr069-smartmicrogrid-devicemanagement
Axiros tr069-smartmicrogrid-devicemanagement
Axiros1K views
Security and identity management on WebRTCSecurity and identity management on WebRTC
Security and identity management on WebRTC
Quobis1.9K views
WebRTC SecurityWebRTC Security
WebRTC Security
Alex Hunte753 views
Derived Unique Token per TransactionDerived Unique Token per Transaction
Derived Unique Token per Transaction
Priyanka Aash358 views
ACTAtek unique featuresACTAtek unique features
ACTAtek unique features
Aurangzeb Mufti1.1K views
Sierra Wireless Developer Day 2013 - Show&Tell 7 - KortexSierra Wireless Developer Day 2013 - Show&Tell 7 - Kortex
Sierra Wireless Developer Day 2013 - Show&Tell 7 - Kortex
Thibault Cantegrel1.8K views
Microsoft Power Point Am Ptracs Presenatation Brief PptMicrosoft Power Point Am Ptracs Presenatation Brief Ppt
Microsoft Power Point Am Ptracs Presenatation Brief Ppt
us056444467 views
Tos tutorialTos tutorial
Tos tutorial
manikainth3.4K views
MVTS IIMVTS II
MVTS II
ALOE Systems, Inc. 2.4K views
A new perspective on Network Visibility - RISK 2015A new perspective on Network Visibility - RISK 2015
A new perspective on Network Visibility - RISK 2015
Network Performance Channel GmbH 477 views

More from NXP MIFARE Team

More from NXP MIFARE Team(9)

NTA's Leap Card - Expanding Ticketing while Shrinking CostsNTA's Leap Card - Expanding Ticketing while Shrinking Costs
NTA's Leap Card - Expanding Ticketing while Shrinking Costs
NXP MIFARE Team144 views
NXP MIFARE Webinar: Complement Use Cases With Mobiles And WearablesNXP MIFARE Webinar: Complement Use Cases With Mobiles And Wearables
NXP MIFARE Webinar: Complement Use Cases With Mobiles And Wearables
NXP MIFARE Team1.4K views
NXP MIFARE Webinar: Added Value To Card Based Environments Through NFC And CloudNXP MIFARE Webinar: Added Value To Card Based Environments Through NFC And Cloud
NXP MIFARE Webinar: Added Value To Card Based Environments Through NFC And Cloud
NXP MIFARE Team3.8K views
NXP MIFARE Webinar: Introduce The Future In Your Today's System- How To Ensur...NXP MIFARE Webinar: Introduce The Future In Your Today's System- How To Ensur...
NXP MIFARE Webinar: Introduce The Future In Your Today's System- How To Ensur...
NXP MIFARE Team1.4K views
NXP MIFARE Webinar: Secure Closed Loop Payments In An Open Environment NXP MIFARE Webinar: Secure Closed Loop Payments In An Open Environment
NXP MIFARE Webinar: Secure Closed Loop Payments In An Open Environment
NXP MIFARE Team2.3K views
NXP MIFARE Webinar: Enhanced User Experience Through Active Application Manag...NXP MIFARE Webinar: Enhanced User Experience Through Active Application Manag...
NXP MIFARE Webinar: Enhanced User Experience Through Active Application Manag...
NXP MIFARE Team1.6K views
NXP MIFARE Webinar: Streamlined User Management For Multi-Vendor Installations NXP MIFARE Webinar: Streamlined User Management For Multi-Vendor Installations
NXP MIFARE Webinar: Streamlined User Management For Multi-Vendor Installations
NXP MIFARE Team1.5K views
NXP MIFARE Webinar: How To Protect Contactless Systems Today And TomorrowNXP MIFARE Webinar: How To Protect Contactless Systems Today And Tomorrow
NXP MIFARE Webinar: How To Protect Contactless Systems Today And Tomorrow
NXP MIFARE Team2.7K views
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside
NXP MIFARE Team7.8K views

Transaction MAC Feature

  • 1. EXTERNAL NXP, THE NXP LOGO AND NXP SECURE CONNECTIONS FOR A SMARTER WORLD ARE TRADEMARKS OF NXP B.V. ALL OTHER PRODUCT OR SERVICE NAMES ARE THE PROPERTY OF THEIR RESPECTIVE OWNERS. © 2020 NXP B.V. 3 1 S T J U LY 2 0 2 0 Sandra Fuchs Principal Customer Application Engineer TRANSACTION MAC A MIFARE® DESFire® EV3 & MIFARE Plus® EV2 KEY FEATURE VIDEO
  • 2. 1EXTERNAL TRANSACTION MAC TO HELP PREVENT FRAUDULENT MERCHANT ATTACKS O F F L I NE T R AN S AC T I O N S W I T H S E C U R E VAL I D AT I O N • The Transaction MAC (TMAC) feature allows the infrastructure operator / POS operator / merchant to prove the genuineness and authenticity of executed transactions between the reader terminal and the IC inside a smart card • Helps to establish trust in a multi-service provider system − Proving that every transaction is genuine towards the backend system via secure verification of transaction validity • Card generated TMAC covers all transaction details, allowing to detect: − Forged or fraudulent transactions − Replay of transactions − Unreported and missing transactions Preventing fraudulent merchant attacks Generating a MAC for the transaction, proves genuineness of executed transactions Allows to detect replayed, manipulated or missing transactions using the TMAC counter
  • 3. 2EXTERNAL TRANSACTION MAC TO HELP PREVENT FRAUDULENT MERCHANT ATTACKS O F F L I NE T R AN S AC T I O N S W I T H S E C U R E VAL I D AT I O N Backend Clearing House Offline Transaction TMAC Key AES128 TMAC TMAC Key AES128 Reader Terminal Service Provider Y Reader Terminal Service Provider Z
  • 4. 3EXTERNAL TECHNICAL DETAILS: HOW TO ENABLE TRANSACTION MAC FEATURE ON THE CARD On MIFARE DESFire EV3 • Can be enabled independently for each application • Established by creating a Transaction MAC file inside the application • Correct access rights for Transaction MAC file need to be set • Desired Transaction MAC key needs to be written into Transaction MAC file in a secure way • Once enabled, Transaction MAC will be calculated automatically by the IC with every CommitTransaction command targeting the application, and returned to the reader On MIFARE Plus EV2 • In total, four Transaction MAC Keys can be configured on the IC • Each TMAC Key is connected to one TransactionMACBlock which contains current TMAC Value and Counter plus one TransactionMACConfiguratinBlock − TransactionMACConfiguratinBlock specifies which MIFARE Plus data or value blocks shall be protected by Transaction MAC • Once enabled, Transaction MAC will be calculated automatically by IC when updating one or more protected blocks • Write / Transfer / Increment Transfer / Decrement Transfer commands trigger Transaction MAC finalization and updating of TransactionMACBlocks
  • 5. 4EXTERNAL MORE INFORMATION ABOUT TRANSACTION MAC FEATURE Item Number Availability Datasheet - MIFARE DESFire EV3 DS4489 NXP Docstore (confidential) Datasheet - MIFARE Plus EV2 DS5223 NXP Docstore (confidential) Application Note - MIFARE DESFire EV3 Quick-Start Guide AN5755 NXP website (public) Application Note - MIFARE DESFire EV3 Features and Hints AN5881 NXP Docstore (confidential) Application Note - Feature and Functionality Comparison between MIFARE DESFire EV2 and MIFARE DESFire EV3 AN5756 NXP website (public) Application Note - MIFARE Plus EV2 Features and Hints AN5760 NXP Docstore (confidential) Application Note - Comparison between MIFARE Plus EV2 and previous types AN5762 NXP Docstore (confidential) RFID Discover Software SW1866 NXP Docstore (confidential) NXP Reader Library (Windows based) SW1717 NXP Docstore (confidential) https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-desfire https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-plus https://www.docstore.nxp.com/
  • 6. NXP, THE NXP LOGO AND NXP SECURE CONNECTIONS FOR A SMARTER WORLD ARE TRADEMARKS OF NXP B.V. ALL OTHER PRODUCT OR SERVICE NAMES ARE THE PROPERTY OF THEIR RESPECTIVE OWNERS. © 2020 NXP B.V.