MIFARE Ultralight, Classic, and DESFire — A Plain-English Tour

One card opens an office door. Another stores a single bus ride. A third holds your transit balance for years. All the same word: MIFARE. It's NXP's chip family inside most contactless cards you tap, and the three branches worth knowing are Ultralight, Classic, and DESFire.

What MIFARE actually is

MIFARE is a brand owned by NXP Semiconductors. Every chip in the family runs at 13.56 MHz on ISO/IEC 14443A, the same air interface as most consumer NFC cards. The lineup spans Ultralight (memory tags), Classic (legacy memory cards), Plus (AES upgrade for Classic), DESFire (microcontroller smart cards), and SAM modules for readers.

Your phone detects every MIFARE chip the same way, because the radio is shared — 13.56 MHz inductive coupling. What changes between them lives above the radio: memory layout and crypto.

MIFARE Ultralight — memory chips for tickets

Ultralight is the cheapest member. The base chip carries 64 bytes in 16 four-byte pages, with no on-board cryptography — just one-time-programmable bits and per-page write locks. Ultralight C adds 192 bytes and 3DES authentication; EV1, Nano, and AES variants push memory and add password protection or AES.

Disposable transit tickets, event passes, and loyalty cards are usually made of it. It's the close sibling of NXP's NTAG family — both memory-only at 13.56 MHz — but NTAG follows the NFC Forum Type 2 Tag spec for NDEF, while Ultralight speaks raw ISO 14443-3 and mostly lives in closed-loop ticketing.

MIFARE Classic — Crypto-1, and why it's broken

Classic comes in 1K (16 sectors) and 4K (40 sectors). Each sector holds 16-byte blocks plus a trailer with two keys (Key A and Key B) and access bits — reading or writing needs authentication first.

The cipher is Crypto-1, a 48-bit LFSR stream cipher NXP designed in-house. In 2008 it was reverse engineered by Karsten Nohl and others; by 2009, practical attacks recovered sector keys in seconds. NXP shipped hardened Classic EV1 chips, but a 2015 attack by Meijer and Verdult broke those too.

It's still everywhere — hotel keys, badges, some transit cards — because the installed base is enormous. NXP itself recommends migrating new deployments to MIFARE Plus or DESFire. NFCore reads the UID and NDEF wrapper of any Classic card; its cloning tools are scoped to tags you own, not credentials issued to you.

MIFARE DESFire — microcontroller cards with AES

DESFire is a different animal — a microcontroller with an ISO/IEC 7816-4 file system. You create applications, files, and per-file access rules. EV1, EV2, and EV3 support 3DES and AES-128; DESFire Light carries 640 bytes and five AES-128 keys, certified Common Criteria EAL4.

It supports 3-pass mutual authentication, plain / CMAC / fully encrypted messaging, and data rates up to 848 kbit/s. Most modern transit systems run on it — Oyster, OV-chipkaart, Clipper — along with a large share of corporate access control.

iPhone vs Android — what each can read

iPhone Core NFC supports DESFire natively through NFCMiFareTag, reads Ultralight, and exposes the NDEF wrapper of any card formatted with one. It cannot do raw Crypto-1, so Classic 1K is effectively read-only on iPhone.

Android is more permissive. android.nfc.tech.MifareClassic exposes per-sector Key A / Key B authentication, but only on devices with an NXP-compatible NFC controller. DESFire and Ultralight work on essentially any NFC-equipped Android. The honest caveat: even on Android, a Classic card without its keys can't be read.

Picking the right MIFARE

Disposable ticket or event pass → Ultralight or Ultralight C. Tap-to-NDEF sticker on a desk → an NTAG is usually the better fit. Anything sensitive (access, payment, ID) → DESFire EV3 or Plus EV2. Don't start a new deployment on Classic.

To inspect cards you find, open NFCore on iPhone or Android and tap one — the inspector reports UID, ATQA, SAK, and NDEF; Memory Dump shows raw Ultralight pages; the Command Console sends ISO 7816-4 APDUs to DESFire.

Frequently Asked Questions

Can my iPhone read a MIFARE Classic card?

Only its NDEF wrapper — and only if the issuer formatted one. iOS Core NFC doesn't implement Crypto-1, so raw sector reads aren't possible on iPhone. A modern Android phone with an NXP-based controller can do full reads, but only when you already have the keys.

Is MIFARE Classic still safe to use?

Not for anything sensitive. Crypto-1 was reverse engineered in 2008 and key-recovery attacks have been public since 2009. NXP recommends migrating to MIFARE Plus or DESFire for any system where unauthorized cloning would matter.

What's the difference between Ultralight and an NTAG?

They're sibling products at NXP. Ultralight targets ticketing and speaks ISO 14443-3; NTAG (213/215/216) is the NFC Forum Type 2 Tag designed for NDEF first. For consumer stickers, NTAG is the standard.

What does the "EV" in DESFire EV3 mean?

EV stands for evolution version — NXP's way of versioning a chip family while keeping backward compatibility across generations of readers.