More and more of daily life has become contactless. As we navigate through our
lives, people around the world use devices like smartphones, wearables and
smart cards to do things like pay for purchases, enter buildings, earn loyalty
points and ride public transport. All these contactless transactions involve
personal information that, if misused or stolen, can lead to serious
To reduce the risk of fraud and theft, contactless transactions need to be
protected. The goal is to safeguard private data and thereby minimize the
various threats. That’s why we have introduced a special IC family 16
years ago and several product evolutions since then, called the MIFARE Secure
Access Module (SAM), to increase security for contactless transactions.
Dedicated Protection for Contactless Transactions
The MIFARE SAM is a secure microcontroller, based on an IC with a dedicated
operating system and feature set, that stores and employs various
cryptographic keys and their handling. Working in combination with MIFARE
contactless ICs (which can be found inside a transport ticket or RFID key
card), the MIFARE SAM is integrated in a contactless reader (for example a POS
terminal, toll gate or door lock) to help enhance transaction security by
providing added protection for storage and communication functions of secure
keys. The MIFARE SAM helps establish a secure connection, so contactless
devices can safely perform sensitive transactions while helping to ensure that
those transactions remain secure.
The MIFARE SAM is specifically designed for use with NXP’s extensive
portfolio of contactless
(including MIFARE DESFire, MIFARE Plus, MIFARE Ultralight and even SmartMX
solutions) and is now in its third generation.
Enhancing System Security with MIFARE SAM AV3
In situations where secure data handling, authentication and cryptography are
MIFARE SAM AV3
helps enhance overall system security. The connection between the MIFARE SAM
AV3 and the reader is protected using security protocols based on either
symmetric cryptography (TDEA and AES) or PKI RSA asymmetric cryptography. The
protocols comply with the state-of-art standards and as a result help ensure
data confidentiality and integrity.
The MIFARE SAM AV3 offers also a special X-Mode that lets the device manage
tasks relating to RF communication, for a simpler design that uses less code
and reduces system complexity. Placing crypto functions needed for secure
transactions into the MIFARE SAM AV3 reduces communication times and
simplifies the design, for faster deployments. Operating in X-Mode also boosts
performance in the reader, for faster communication between the tag, the
reader and the SAM.
Supporting Smart City Applications
Since the MIFARE SAM is designed to work as a companion to secure MIFARE
contactless ICs, it supports applications that use these ICs for contactless
operations, such as transport ticketing, access control, loyalty and
But our recently introduced MIFARE SAM AV3 extends well beyond the world of
MIFARE, since the IC also supports NXP’s DNA variants in the NTAG
(NFC), ICODE (HF) and UCODE (UHF) IC families. For example, because the
IC supports a read range of up to 15 meters, it can be used in systems which
are based on RAIN RFID connectivity to support vehicle-related applications,
such as automatic vehicle identification (AVI) and payments for road tolling.
As another example, the MIFARE SAM AV3 can be used with NXP’s
ICs, which use vicinity RFID to read tags at up to 1.2 meters and automate
supply-chain tasks such as identifying consumables. Finally, when used with
ICs, the MIFARE SAM AV3 can work at close range to do other supply-chain
related tasks, such as the identification and authentication of raw materials
and replacement parts.
Part of NXP’s Broader Security Portfolio
As shown in the image, the MIFARE SAM AV3 is one part of NXP’s broader
portfolio for system security. There is, for example, the TrustZone®
feature for microcontrollers, which offers a baseline for secure operation.
For sensitive, connected applications in the Internet of Things (IoT), NXP
recommends the EdgeLock SE050 Plug & Trust Secure Element, which uses
security based on enhanced Common Criteria EAL 6+ to deliver great protection
against attack scenarios.
This is the first in a series of blogs that will introduce the MIFARE SAM AV3
and explain the ways it can enhance security in various applications. Our next
blog will focus on contactless transactions used with vehicles, with a
description of how the MIFARE SAM AV3 works with NXP’s UCODE DNA RAIN
RFID ICs to help protect road-toll payments and vehicle identification.