Generic Access Control Data Model, MIFARE Plus, MIFARE DESFire EV1, MIFARE SAM AV2, SmartMX, a generic approach for physical access control applications.

Card Identifier Object

The card identifier object contains information that can be used in the discovery phase of the card.

Table 3. Card Identifier Object

Field Name Field Type Length (Bytes) Mandatory Optional
Manufacturer ASCIIZ 16 Optional
Mutual Authentication Mode Binary 2 Mandatory
Communication Encryption Binary 1 Mandatory
Customer ID BCD 4 Optional
Key Version BCD 1 Optional
Digital Signature Binary 8 Optional

Manufacturer Field Type – ASCIIZ Length – 16 bytes Optional Usage – This data field contains the ASCII representation of the Card Personalization /

Manufacturer of the card. This can also be used to store the end user.

Mutual Authentication Mode

Field Type – Binary

22Length – 2 bytes

Mandatory

Usage – This data field contains 2 bytes consisting of several setting of the mutual authentication method. The first byte contains the Mutual Authentication type, Key Diversification algorithm, encryption Algorithm and if a random or unique Identifier is returned during anti-collision. Random or Unique ID will be important for key diversification. The second byte defines the key length. If bit seven is set, this signifies that the key length is proprietary. Bits 6 – 0 have an adder effect.

Example: 0xC103 signifies ISO-7816 Mutual Authentication, Unique ID, Standard ISO DES Algorithm, using a key length of 192 bits. Since each key in the DES operation is 8 bytes in length, this would signify 3 key triple DES. For 2 key triple DES, the value would be 128 bits.

Bit Description
15 1 – ISO 7816-4 Authentication
  0 – Proprietary Authentication
14 1 – Standard ISO Algorithm
  0 – Proprietary
13 1 – Random ID returned during anti-collision
  0 – Unique ID returned during anti-collision
12 RFU – set to 0
11-10 10 – Key Diversification AES
  01 – Key Diversification DES
  00 – Key Diversification Proprietary
9 – 8 10 – Encryption AES
  01 – Encryption DES
  00 – Encryption Proprietary Algorithm
7 1 – Proprietary bit length
6 RFU – set to 0
5 RFU – set to 0
4 RFU – set to 0
3 1 – 512 bit
2 1 – 256 bit
1 1 – 128 bit
0 1 – 64 bit

Communication Encryption

Field Type – Binary Length – 1 byte Mandatory Usage – This data field sets the security of the data streams for reading the data streams

between the reader and the card

Table 5. Communication Encryption Settings

Value Cryptographic Mode
0×00 Plain Communications
0×01 Plain Communications secured by CMAC
0×02 Fully Enciphered Communications
0xFF Proprietary
Customer ID

Field Type – Binary Coded Decimal Length – 4 bytes Optional Usage – This field contains a 8 digit numerical BCD data representation of the Customer

ID. Example – 0×00001234 would represent a Customer ID of 00001234.

Key Version

Field Type – Binary Coded Decimal Length – 1 byte Optional Usage – This field contains a 2 digit numerical BCD data representation of the

application verification key version. Example – 0×01 would represent a key version of 01.

Digital Signature

Field Type – Binary Length – 8 bytes Optional Usage – A cryptographic signature of all data in this object not including the digital

signature. Please see Digital Signature section of this document.