flexDF (DESFire) and HID SIO

I’m interested in the flexDF chip. Is it compatible with HID’s Secure Identity Object protocols (I have the SIO encoder)? It would be beneficial to keep it on par with the rest of the facility’s standard.

I have no idea! Interesting… my thought is probably not… but I can’t be sure. You can get DESFire EV1 cards on amazon or ebay easy enough and do some testing.

Well DESFire cards are compatible with SIO, I just didn’t know if this was a 1:1 of the DESFire protocol if you know what I mean.

Out of curiosity, do they come pre-programmed or blank? I’d love to test a pre-programmed one before trying to write to it.

They are blank. DESFire chips act as an NFC Type 4 tag type with a “file system” capability vs a generally accessible “user memory”. This means you can take an 8k chip and define multiple files on it (space allowing), and each “file” can have several access keys defined, etc. So in short, it is a multi-application chip. One of those applications could probably be an HID SIO application… but it would have to run through an encoder and that encoder would need the master key for the DESFire chip. Those master keys ship from the factory set to a default value, which means an encoder that is set up to define an SIO application on a blank DESFire probably will have no problem creating the SIO file. The problem / question that should be sorted out is whether or not the encoder will change that master key. If it does, then you can’t use the DESFire chip for anything else.

The DESFire EV2 helps solve this problem since it can be configured to allow new applications to be defined without need of the master key, but the EV1 flavor requires the master key for any file operations.

So… with that in mind, you will probably want a blank one with default master key to test with your encoder. If it was “pre-programmed” then likely the master key would be changed and your encoder wouldn’t be able to proceed.