As the first MIFARE® IC to combineasymmetric and symmetric cryptography on a single chip, MIFARE DUOX simplifies key management and accelerates asymmetric authentication in security demandingaccess-management applications.

Target applications

•  Access management

•  Secure car access

•  Electric vehicle (EV) charging

MIFARE DUOX meets the needs of applicationsdemanding flexibility, dynamic key provisioningand very high security by addressing thelimitations of symmetric-based installations.By adding asymmetric cryptography and certificate management capabilities to the smartcard IC,MIFARE DUOX reduces the complexity of keyprovisioning and management, and enables newlevels of design flexibility, protection and scalability for security-dependent applications

1. Dual-Key Architecture Innovation

DESFire Duox pioneers the integration of asymmetric encryption (PKI) and symmetric encryption (AES/DES) within the MIFARE series, establishing a dual-security mechanism. This architecture enables:

Rapid Asymmetric Authentication: Streamlines key management via Public Key Infrastructure (PKI), ideal for cross-system or cross-organization scenarios.

Efficient Symmetric Encryption: Maintains the high-speed data processing of traditional AES/DES algorithms, optimized for high-frequency transactions.

2. Enhanced Security Performance

Achieves Common Criteria EAL5+ certification (equivalent to bank-grade smartcards) with hardware-level safeguards, including side-channel attack resistance and physical tamper detection.

Supports layered security policies, enabling dynamic encryption-level adjustments for diverse applications (e.g., low-security access control vs. high-security payment systems).

3. Expanded Application Scenarios

EV Charging Authentication: Ensures mutual authentication between charging stations and vehicles via PKI, preventing unauthorized charging or data tampering.

Smart Car Keys: Integrates NFC technology to enable smartphones or wearables as digital keys, with dynamic keys to block relay attacks.

Smart City Integration: Compatible with NXP’s AppXpplorer Cloud Service, supporting multi-application convergence (e.g., public transit, shared mobility, e-payments).

4. Technical Compatibility

Backward compatibility withISO/IEC 14443-4 and NFC standards, ensuring seamless integration with existing MIFARE DESFire EV3 infrastructure.

Features Transaction MAC (Message Authentication Code) and Virtual Card Architecture for enhanced privacy and data integrity.

5. Market Positioning & Significance

As the first MIFARE product to support public-key cryptography, Duox addresses the limitations of traditional symmetric encryption in high-security IoT scenarios. It delivers a standardized solution for device trust in smart cities, Industry 4.0, and beyond.