MIFARE Ultralight EV1 vs MIFARE DESFire EV1

MIFARE Ultralight EV1 vs MIFARE DESFire EV1

MIFARE Ultralight EV1 and MIFARE DESFire EV1 represent a clear step-change in NFC security capability. Ultralight EV1 is the cost-minimum transit token. DESFire EV1 is the first AES-capable multi-application smart card in the DESFire line. The comparison illustrates when the AES premium is worth paying.

Overview

MIFARE Ultralight EV1: 48–128 bytes, 32-bit password, 24-bit counter, OTP area, NFC ForumNFC ForumIndustry body developing NFC standards, specifications, and certifications since 2004View full → Type 2. Targeted at single-use and limited-use transit tickets where cost per tag must be minimized and the monotonic counter is the primary anti-reuse mechanism.

MIFARE DESFire EV1: 2–8 KB EEPROMEEPROMNon-volatile memory technology retaining data without powerView full →, AES-128 (and 3DES), ISO 14443ISO 14443Standard for contactless smart cards at 13.56 MHz (Types A and B)View full →-4 (T=CL) command set, flexible multi-application file system with up to 28 independent applications and separate AES key sets. The first DESFire generation to provide AES — widely deployed in transit, campus, and corporate access control systems globally. AuthenticationAuthenticationIdentity verification of NFC tags/readers via passwords or cryptographyView full → is reader-initiated mutual AES, providing cryptographic security that 32-bit passwords cannot approach.

Key Differences

• Security: DESFire EV1's AES-128 provides cryptographically sound protection. Ultralight EV1's 32-bit password can be bruted in seconds on a targeted reader.
• Multi-application: DESFire EV1 supports up to 28 independent applications with separate AES keys. Ultralight EV1 is a single-application NDEF tag.
• Memory: DESFire EV1 offers 2–8 KB vs Ultralight EV1's 48–128 bytes.
• NDEF / NFC Forum: Ultralight EV1 is Type 2 NDEF compatible natively. DESFire EV1 requires NDEF application setup with a dedicated configuration step.
• Cost: Ultralight EV1 at $0.05–$0.12 vs DESFire EV1 at $0.50–$1.20 — a 5–10x premium for AES security.
• Transaction complexity: DESFire EV1 requires ISO 14443-4 T=CL with AES challenge-response — more reader complexity and software overhead. Ultralight EV1 is simple ISO 14443-3A read/write with no mutual authenticationmutual authenticationTwo-way identity verification between reader and tagView full →.
• Card lifetime: DESFire EV1's write endurancewrite enduranceMaximum write/erase cycles before memory degradation (typically 100K)View full → of 500,000 cycles vs Ultralight EV1's 100,000 cycles supports longer card lifetimes — relevant for multi-year transit cards.

Technical Comparison

Use Cases

MIFARE Ultralight EV1 is appropriate for disposable or limited-use transit tickets, event wristbands, and loyalty stamps where the token is discarded after use and cost per unit drives the decision. The hardware counter provides use-limit enforcement without requiring AES value decrement logic.

MIFARE DESFire EV1 is appropriate for long-lived cards requiring AES security: transit smart cards, campus cards, corporate access — where the card is carried for months or years and where compromising sector keys would have real financial or security consequences. Its 500,000-write endurance supports years of daily tap transactions.

Verdict

Ultralight EV1 is the correct choice when a low-cost, short-lived token with a monotonic counter is sufficient and the entire system (tags and readers) is controlled by the operator. DESFire EV1 is the correct choice when AES-authenticated, long-lived, multi-application security is required. The 5–10x cost premium for DESFire EV1 is justified in any deployment where Crypto-1Crypto-1Broken proprietary cipher in MIFARE Classic (reverse-engineered 2008)View full →'s broken-cipher problems (Classic series) or 32-bit password weakness (Ultralight series) create unacceptable risk — particularly for long-lived cards that remain in circulation for years.