Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

0

Share

Download to read offline

Transaction Timer Feature

Download to read offline

The Transaction Timer feature of NXP’s MIFARE DESFire EV3 and MIFARE Plus EV2 ICs defends against Man-in-the-Middle attacks. The new feature makes it possible to set a minimum time per transaction, so it’s harder for an attacker to interfere with the transaction. Learn more about the technical details of the Transaction Timer feature and how it can be used to make access control, transport ticketing, and micropayment installations more secure.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

Transaction Timer Feature

  1. 1. EXTERNAL NXP, THE NXP LOGO AND NXP SECURE CONNECTIONS FOR A SMARTER WORLD ARE TRADEMARKS OF NXP B.V. ALL OTHER PRODUCT OR SERVICE NAMES ARE THE PROPERTY OF THEIR RESPECTIVE OWNERS. © 2020 NXP B.V. 3 1 S T J U LY 2 0 2 0 Sandra Fuchs Principal Customer Application Engineer TRANSACTION TIMER A MIFARE® DESFire® EV3 & MIFARE Plus® EV2 KEY FEATURE VIDEO
  2. 2. 1EXTERNAL RESTRICTING TRANSACTION TIME TO MITIGATE MAN-IN-THE-MIDDLE ATTACKS V I A T RAN S AC T I O N T I M ER F E AT U R E • Newly available feature on MIFARE DESFire EV3 and MIFARE Plus EV2 products • Transaction Timer allows card issuer to configure a maximum time a transaction can take to avoid interference by Man-in-the-Middle attacker • Enablement of transaction timer limits the possibility of keeping the card powered and not finishing (holding) the ongoing transaction by an attacker • The value of the Transaction Timer can be set for each application individually (1, 10, 100 seconds can be chosen) • Once threshold of Transaction Timer is exceeded, the card will automatically reset itself, go into IDLE mode and abort the transaction • As long as the Transaction Timer does not expire, regular command execution is not influenced by the feature at all − Applicable for existing infrastructures without changing reader terminals Enhanced security without changing existing infrastructures Helping to avoid Man-in-the-Middle attacks and transaction holding Individual configuration of maximum time a transaction can take
  3. 3. 2EXTERNAL RESTRICTING TRANSACTION TIME TO MITIGATE MAN-IN-THE-MIDDLE ATTACKS V I A T RAN S AC T I O N T I M ER F E AT U R E Valid Transaction Reader Terminal Commit Transaction Successful Transaction • Finalized in time Incomplete Transaction • Not finalized in time • Transaction Timer expired Valid Transaction Reader Terminal Commit Transaction
  4. 4. 3EXTERNAL TECHNICAL DETAILS: HOW TO ENABLE TRANSACTION TIMER ON THE CARD On MIFARE DESFire EV3 • Individual enablement for each application (independently) • Different Transaction Timer values for different applications • Enablement is done using the SetConfiguration command with option 0x55 • Once enabled, timer setting will be reflected in the response to the AuthenticateEV2First command in the parameter PDCap2.2 • The timer starts counting for every application selection On MIFARE Plus EV2 • Can be enabled once for each card • Enablement is done by writing the PDCap2.2 value inside the FieldConfigurationBlock to the chosen Transaction Timer setting • Once enabled, timer starts counting when receiving the first command after ISO/IEC 14443-4 card activation • The Transaction Timer is active in SL1, SL3 and SL1SL3MixMode (not supported in SL0)
  5. 5. 4EXTERNAL MORE INFORMATION ABOUT THE TRANSACTION TIMER FEATURE Item Number Availability Datasheet - MIFARE DESFire EV3 DS4489 NXP DocStore (confidential) Datasheet - MIFARE Plus EV2 DS5223 NXP DocStore (confidential) Application Note - MIFARE DESFire EV3 Quick-Start Guide AN5755 NXP website (public) Application Note - MIFARE DESFire EV3 Features and Hints AN5881 NXP DocStore (confidential) Application Note - Feature and Functionality Comparison between MIFARE DESFire EV2 and MIFARE DESFire EV3 AN5756 NXP website (public) Application Note - MIFARE Plus EV2 Features and Hints AN5760 NXP website (public) Application Note - Comparison between MIFARE Plus EV2 and previous types AN5762 NXP website (public) RFID Discover Software SW1866 NXP DocStore (confidential) NXP Reader Library (Windows based) SW1717 NXP DocStore (confidential) https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-desfire https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-plus https://www.docstore.nxp.com/
  6. 6. NXP, THE NXP LOGO AND NXP SECURE CONNECTIONS FOR A SMARTER WORLD ARE TRADEMARKS OF NXP B.V. ALL OTHER PRODUCT OR SERVICE NAMES ARE THE PROPERTY OF THEIR RESPECTIVE OWNERS. © 2020 NXP B.V.

The Transaction Timer feature of NXP’s MIFARE DESFire EV3 and MIFARE Plus EV2 ICs defends against Man-in-the-Middle attacks. The new feature makes it possible to set a minimum time per transaction, so it’s harder for an attacker to interfere with the transaction. Learn more about the technical details of the Transaction Timer feature and how it can be used to make access control, transport ticketing, and micropayment installations more secure.

Views

Total views

144

On Slideshare

0

From embeds

0

Number of embeds

1

Actions

Downloads

10

Shares

0

Comments

0

Likes

0

×