Mifare4Mobile

  • 18. May 2019 at 9:44
    Hi

    We are looking to create virtual DesFire card on Android on iPhone so we can communicate with Access Control DesFire readers. I have been reading the forums about Mifare4Mobile and it seems there is both scant and conflicting information. It seems to say you need a rooted Android phone to create a virtual card as it needs to use the SE of the phone. Is this correct? If so what is the point of it as how may users have rooted phones? There is a post on Stackoverflow about using Host-based Card Emulation (HCE) to do this on Android at least (https://stackoverflow.com/questions/11523765/how-well-does-the-android-nfc-api-support-mifare-desfire/26775311). So at this point I am totally confused.
    + 0  |  - 0

    Re: Mifare4Mobile

    20. May 2019 at 9:02
    Hi David,

    Yes, MIFARE4Mobile (M4M) uses the phone’s SE for security. Therefore, you cannot use M4M with unprepared phones. For obvious reasons the card data and keys cannot be lay inside of a user space application. M4M uses a SE which is mostly directly combined with the phone’s NFC reader or the providers SIM card. This approach need extra software in the sources of Android. So, you must be the supplier of the phone or wristband.

    NXP offers MIFARE2Go, a solution which can be used on every phone without modification. All credentials reside on a backend system and the user operate with the backend system directly or with time limited artifacts on its phone (in case of offline situations). No SE on the phone is required in this case. You will find more information about MIFARE2Go here:

    MIFARE2Go

    The TapLinx team

    + 0  |  - 0

    Re: Mifare4Mobile

    30. May 2019 at 17:48
    Thanks for this. However there does not seem to be much detail available on how this works or any API information. My requirement is to simply create a virtual card on the device that I can use on an access control system. I cannot find any technical details on how this is achieved?

    + 0  |  - 0

    Re: Mifare4Mobile

    3. June 2019 at 9:58
    Hi David,

    For security reasons the SE hardware is not available for users directly. On no device for any OS you can simply download a VC into your phone. The SE is the property of the manufacturer and all keys and credentials are owned by the manufacturer.

    If the manufacturer creates a blank VC with default keys, then you can use it and install your own application on it. But what is the business reason behind this for the manufacturer?

    You can do what you want if you use own hardware. Either you use a MIFARE DESFire as plastic card (if you buy it, you get it with default keys) or you use an own device with SE, like a wristband. As “manufacturer” you will get such devices with all credentials and therefore you are able to prepare it with the VCs you want.

    The TapLinx team
    + 0  |  - 0

    Re: Mifare4Mobile

    4. June 2019 at 9:45
    Thanks for the info. However I still confused. What is the difference between Mifare2GO and Mifare4Mobile? Your first post seemed to intimate that MIFARE2Go was a viable solution as does not need to connection to the phone SE? You said "NXP offers MIFARE2Go, a solution which can be used on every phone without modification."

    Dave
    + 0  |  - 0

    Re: Mifare4Mobile

    4. June 2019 at 9:47
    Also this seems to be marketed to hotels and Access Control Companies. If hotels wish customers to use their mobile phones they are not going to supply the phones?
    + 0  |  - 0

    Re: Mifare4Mobile

    4. June 2019 at 17:07
    Hi David,

    please write to me directly at taplinx@nxp.com. I will hand-over your questions to one of our managers for MIFARE2Go. It is better to let him explain in detail whether MIFARE2Go could be a solution for you.

    The TapLinx team
    + 0  |  - 0
Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.