MIFARE DESFire EV1 vs MIFARE DESFire EV2
MIFARE DESFire EV1 offers 2-8 KB memory with 3DES + AES-128 security, making it ideal for transit, campus cards, access control. MIFARE DESFire EV2 provides 2-32 KB with AES-128 + proximity check security, suited for high-security transit, national ID, government.
MIFARE DESFire EV1
MIFARE DESFire EV2
MIFARE DESFire EV1 vs MIFARE DESFire EV2
EV1 and EV2 share the same ISO 14443ISO 14443Standard for contactless smart cards at 13.56 MHz (Types A and B)View full →-4 foundation and AES-128 security. EV2 adds two major capabilities that matter for high-security deployments: relay attack protection and a formal multi-tenancy framework.
Overview
MIFARE DESFire EV1 (released 2002, updated over time) provides ISO 14443-4, AES-128 and 3DES, a flexible AID-based application and file system, and 2–8 KB memory. It remains widely deployed in transit and corporate access programs worldwide.
MIFARE DESFire EV2 (released ~2013) adds: - Proximity Check: A timing-based relay attack countermeasure. The reader sends a challenge and measures the round-trip time; if the card is too far away (relayed), the check fails and the transaction is rejected. - MIsmartApp: A standardized framework enabling delegated application management — a card issuer can grant a service provider the right to manage their own AID-namespaced application independently. - Extended memory: EV2 supports up to 32 KB.
Key Differences
- Relay attack protection: EV1 has none. EV2's Proximity Check actively defeats relay attack scenarios where an attacker places a device near a reader and relays transactions to a card meters away.
- Multi-tenancy: EV2's MIsmartApp framework enables third-party application provisioning with cryptographic key isolation. EV1 supports multiple AIDs but without the delegated management model.
- Memory ceiling: EV1 maxes at 8 KB; EV2 reaches 32 KB.
- Backward compatibility: EV2 is backward compatible with EV1 command sets; existing EV1 applications run on EV2 without modification.
- Cost: EV2 commands a moderate premium over EV1 at volume.
Technical Comparison
| Parameter | MIFARE DESFire EV1 | MIFARE DESFire EV2 |
|---|---|---|
| Memory | 2 / 4 / 8 KB | 2 / 4 / 8 / 16 / 32 KB |
| Security | AES-128, 3DES | AES-128, 3DES + Proximity Check |
| Relay attack protection | No | Yes (Proximity Check) |
| Delegated app management | No | Yes (MIsmartApp) |
| Protocol | ISO 14443-4 (T=CL) | ISO 14443-4 (T=CL) |
| UID | 7 bytes | 7 bytes |
| NDEF support | Yes (Type 4) | Yes (Type 4) |
| EV1 command compatibility | N/A | Yes |
| Typical card cost (volume) | $0.40–$0.80 | $0.50–$1.00 |
Use Cases
When EV1 Remains Adequate
EV1 is sufficient for environments where relay attacks are not a realistic threat model — most corporate access control deployments, campus cards, and lower-risk transit programs. Billions of EV1 cards remain in service and EV1 infrastructure is broadly deployed.
When EV2 Is Required
- High-value transit stored value: Relay attacks against transit e-purse systems are a documented fraud vector. Proximity Check directly addresses this.
- National identity and government programs: Where relay attacks could enable impersonation fraud at scale.
- Premium multi-tenant programs: Where card issuers need to delegate AID management to multiple service providers with cryptographic key isolation.
- Replacement programs post-2015: Any new card issuance program should prefer EV2 as the minimum, with EV3 as the recommended option.
Verdict
For existing EV1 deployments without a relay attack threat, EV1 remains cryptographically secure and does not need to be replaced on security grounds. For new programs or deployments where relay attack is a concern, EV2 is the minimum recommended baseline — though EV3 should be evaluated first given its additional SDM and transaction MAC capabilities at a comparable price point.
Recommandation
Choose MIFARE DESFire EV1 when you need flexible file system with strong encryption; choose MIFARE DESFire EV2 when you need relay attack protection via proximity check.