You are currently browsing the archives for the felica category


Embedded contactless reader for PCs from Sony and HID

Sony announced a very good news today for the contactless world. Sony and HID Global forms an alliance to create an embedded contactless reader for PCs. Sony, being one of the pioneers in the contactless technology, will be incorporating with HID, which acquired Omnikey -one of the best PC connected reader manufacturers, for building an embedded contactless reader.

Sony is already an influencer of contactless technology; they own their own contactless chip –Felica– and they are playing a huge role on the NFC area. Needless to say, Sony has huge opportunities on their home entertainment products from Play Station 3 to wide screen TVs and Vaio laptop line up for integrating with NFC based chips.

On the other hand, HID has a wide range of products in identity and security markets. I personally admire the PC connected Omnikey readers a lot, very robust and has a great support in terms of drivers and software.

I believe a contactless reader may eventually become a standard peripheral device for PCs, if this attempt is successfully completed. I can imagine how wide range of applications can be developed once the computers have embedded contactless readers. People can top up or check their balances/transaction history of transportation cards at home, (which is already being done in far east right now) process credit card transactions for shopping online or buy airtime for their NFC handsets. I had personally seen an embedded Felica reader in action on a Sony guy I had a meeting with, so this is not a long run. It just needs the right actors to be involved in the picture.

All contactless readers support both ISO 1443 type A and B, so these readers will support all current contactless chips that are available like Mifare, Calypso, Legic, etc. Of course that will bring a lot of political discussion over software and ownership of the reader IC, but for now let’s cross fingers for Sony and HID!

Mifare classic the legend

It’s quite common nowadays to talk about security leaks of mifare classic chips. It’s easy to “hack” the chip, clone it, read the contents of it without knowing the keys, and so on; the list goes on like this. Even the license holder NXP is recommending to migrate to mifare plus. Well not good for any product!

These words definitely don’t sound good, however there’s the fact that a huge number of mifare chips (more than one billion, according to unofficial sources of mine) are already being used for systems mainly transportation and access control. Many of these applications do not require anything more than reading a unique id. When it’s transportation or e-purse, it’s authenticating a few sectors and updating the purse balance.

Mifare was developed by an Austrian company called Micron. It was specifically designed for transportation and the name was chosen accordingly: Micron Fare Collection, which was Mi-Fare. The chip was very fast and providing a good level of security required for access control and transport ticketing environment. The memory structure is not flexible enough for today’s complex mechanisms but back then, I think it was more than enough.

Basically, mifare operating system has 16 sectors of secure memory protected by two 48 bit keys stored in the chip. Each sector has 4 blocks for storing data. Each block has 16 bytes of data storage. Each sector has one block reserved for keys and access conditions. Although not recommended, you can even use the keys as data storage.

I think the strength of mifare platform comes mainly from off-the-shelf readers and components widely available on the market. Today, designing a mifare application, developing it on readers and formatting the cards is quite a standardized process. You can find virtually unlimited number of products and companies providing mifare based application and systems. The “security” rules are also very well defined and documented.

Well, there’s been many projects that it was planned that mifare will be phased out. Or mifare is specifically blacklisted as a prerequisite. However, I strongly believe that mifare is quite a successful product and it has made a very good job for deploying contactless systems. If mifare did not exist, I think contactless systems would not be popular as it is today. Of course there are very strong competitors of mifare such as Legic, Calypso and Felica, but mifare is the most popular one among all. I will try to cover the competitors of mifare, which are all stronger than mifare in the security level, but not as much as deployed worldwide as mifare. This is actually the point that I’d like to point out with this post.

It’s quite common nowadays to talk about security leaks of mifare classic chips. It’s easy to “hack” the chip, clone it, read the contents of it without knowing the keys, and so on; the list goes on like this. Even the license holder NXP is recommending to migrate to mifare plus. Well not good for any product!
These words definitely don’t sound good, however there’s the fact that a huge number of mifare chips (more than one billion, according to unofficial sources of mine) are already being used for systems mainly transportation and access control. Many of these applications do not require anything more than reading a unique id. When it’s transportation or e-purse, it’s authenticating a few sectors and updating the purse balance.
Mifare was developed by an Austrian company called Micron. It was specifically designed for transportation and the name was chosen accordingly: Micron Fare Collection, which was Mi-Fare. The chip was very fast and providing a good level of security required for access control and transport ticketing environment. The memory structure is not flexible enough for today’s complex mechanisms but back then, I think it was more than enough.
Basically, mifare operating system has 16 sectors of secure memory protected by two 48 bit keys stored in the chip. Each sector has 4 blocks for storing data. Each block has 16 bytes of data storage. Each sector has one block reserved for keys and access conditions. Although not recommended, you can even use the keys as data storage.
I think the strength of mifare platform comes mainly from off-the-shelf readers and components widely available on the market. Today, designing a mifare application, developing it on readers and formatting the cards is quite a standardized process. You can find virtually unlimited number of products and companies providing mifare based application and systems. The “security” rules are also very well defined and documented.
Well, there’s been many projects that it was planned that mifare will be phased out. Or mifare is specifically blacklisted as a prerequisite. However, I strongly believe that mifare is quite a successful product and it has made a very good job for deploying contactless systems. If mifare did not exist, I think contactless systems would not be popular as it is today. Of course there are very strong competitors of mifare such as Legic, Calypso and Felica, but mifare is the most popular one among all. I will try to cover the competitors of mifare, which are all stronger than mifare in the security level, but not as much as deployed worldwide as mifare. This is actually the point that I’d like to point out with this post.