Security and Compliance Technical Lab

Overview

The Security and Compliance Technical Laboratory (SCTL) is one of the areas of competence of LSI-TEC. It was designed with the purpose of providing the market with the means to measure the technical quality of products. The lab is focused on conducting tests related to the evaluation of conformity and safety of equipment, mainly those related to payment systems.

The LSI-TEC is a non-profit organization, classified as an Institute of Science and Technology (ICT) by the Brazilian Government. It has the role of providing a link between society and scientific institutions, promoting the transformation of knowledge into advanced technology. It has human and material resources to assist organizations in the development of their products and services in the face of rapid technological evolution.

Currently, the SCTL it offers compliance assessment tests for the following technologies:

  • MIFARE ™ (contactless communication).
  • ISO/IEC 14443 (contactless communication).

LSI-TEC has several areas of competence in addition to SCTL. Get to know the other areas of competence on the LSI-TEC home page.

The SCTL Lab

The LSI-TEC’s Security and Compliance Technical Laboratory was designed to provide the market with the means to measure the technical quality of products in the area of payment systems, including Automated Fare Collection – AFC (electronic ticketing).

The SCTL – LSITEC is mainly focused on conducting tests related to contactless communication between cards and terminals involving the following technologies:

  • MIFARE ™ (contactless communication);
  • ISO/IEC 14443 (contactless communication);
  • ISO/IEC 10373-6 (test methods);

For these technologies it has the following scope of action:

  • MIFARE™ Functional certification;
  • AFC (ISO/IEC 14443) conformity assessment;
  • Evaluation of samples;

Learn more about these activities.

Scope of Tests

The LSITEC has a set of tests (certifications, qualifications and evaluations) of products related mainly to contact and non-contact communication technologies between cards and terminals:

MIFARE™ Functional Certification

Card certification, inlay qualification, terminal certification or reader qualification in Ultralight, Classic, Classic Plus or Desfire technologies against MIFARE ™ requirements derived from ISO/IEC 14443 (Identification cards – Contactless integrated circuit cards – Proximity cards) and Of ISO/IEC 10373-6 (Identification cards – Test Methods Part 6: Proximity cards).

AFC (ISO/IEC 14443) Conformity Assessment

Conformity assessment of card or terminal in accordance with the requirements defined in ISO/IEC 14443 (Identification cards – Contactless integrated circuit cards – Proximity cards) and ISO/IEC 10373-6 (Identification cards – Test Methods Part 6: Proximity cards).

Sample Evaluation

Evaluation of cardboard or terminal samples against the MIFARE certification report or ISO/IEC 14443 assessment report as a way of verifying their similarity to a previously certified or evaluated product.

MIFARE™ Funcional Certification Level 2

The MIFARE™ technology, NXP proprietary, widely used in the market, makes use of an ISO/IEC 14443 standard profile for the contactless (proximity) layer.

The MIFARE™ Functional Certification aims to ensure the interoperability of the use of MIFARE™ Ultralight, Classic, Classic Plus and Desfire technology between card providers and terminals in relation to contactless communication.

The LSITEC has one of NXP’s accredited laboratories to perform the MIFARE™ Functional Certification (see  www.mifare.net/en/about-mifare/certification).

The MIFARE™ Functional Certification can cover the inlay, card or terminal.

  • Inlay: Chip with attached antenna mounted on a stand without being wrapped in a plastic card.
  • Card: Plastic card containing an inlay (chip connected to a coil antennaMolded).
  • Terminal: Equipment responsible for the interaction with the card, also called reader or validator.
  • Reader: Transmission module with antenna that can be mounted on a terminal.

If the product (inlay, card, terminal, or reader) complies with MIFARE ™ technology requirements, ie pass the tests described in the compliance testing plan, LSITEC will issue a NXP-recognized MIFARE™ certificate of compliance and, Consequently, by the market.

There are the following certification variants:

  • MIFARE™ Complete Certification Test (Full Certification Test)
    • A complete certification test is performed on a card that in its In-lay (all or part) has not been previously tested for certification or qualification under this test plan or any previous version of it.
  • MIFARE™ Certification Renewal Test (Renewal Certification Test)
    • A Certification Renewal Test may be performed if the In-lay of the submitted card has previously been qualified in accordance with this test plan to obtain a MIFARE™ compliant air interface certificate for the card and the Certificate already issued is expired.
  • MIFARE™ (Update Certification Test) Certification Upgrade Test – Delta *
    • A Certification Upgrade test is intended for customers who already have a MIFARE™ compliant air interface certificate for the card, but with minor changes that do not affect their internal functionality (for example, card stock). In this case, a reduced set of tests is applicable for re-certification of the card.

There is a test plan for inlay and card and another test plan for terminal and reader:

In general, the tests are related to the transmission of data in the contactless interface following the guidelines of ISO / IEC 14443 (Identification cards – Contactless integrated circuit cards – Proximity cards and ISO / IEC 10373-6 (Identification cards – Test Methods Part 6: Proximity cards) and the profile of MIFARE™ technology. For card, in addition, tests of writing and reading of data in memory are carried out.

The following tables summarize the scope of contactless interface tests for inlay, card, and MIFARE™ terminal.

Table – Summary of the scope of tests of the contactless interface for inlay and MIFARE™ card
Table – Summary of the contactless interface test scope for MIFARE™ terminal and reader

Quantity of products to be sent to the Laboratory for testing:

  • MIFARE™ card certification: 20 cards and 1 inlay (*);
  • MIFARE™ Inlay Qualification: 20 inlays;
  • MIFARE™ terminal certification: 1 terninal, including manuals and drivers;
  • MIFARE™ player qualification: 1 player, including manuals and drivers.

Certificates

Certificate ID Certificate type Card model Issue date Expires on Company NameChip Information
1003-2024MF001Functional Certification Level 2MIFARETM PLUS X EV2 2K 7BYTES2024-02-162026-02-15MagtikMOA4-MF1P2200DA4
1003-2023MF003Functional Certification Level 2MIFARETM PLUS X 2K 7BYTES2023-09-062025-09-05NOVA MAXCARDMF1PLUS6001DUD/03
1001-2023MF002Functional Certification Level 2MIFARE™ CLASSIC EV1 4K 4BYTES2023/04/212025/04/20IDEMIA France SASNXP – MF1S70yyX/V1
1001-2023MF001Functional Certification Level 2MIFARE™ CLASSIC EV1 1K 7BYTES2023-04-212025-04-20IDEMIA France SASNXP – MF1S50yyX/V1
1003-2022MF002
002
Functional Certification Level 2Mifare PLUS EV2 2K 7Bytes2022-05-252024-05-24VALID SOLUC. Y SERV. DE SEGUR. EN MEDIOS DE PAGO E IDENTIFICACION S.A.
Argentina
NXP MOA8- MF1P2200DA8/00
1003-2022MF001
001
Functional Certification Level 2Mifare PLUS EV2 2K 7Bytes2022-03-112024-03-10AdvanIDe Holdings PTE LTDNXP – MOA8
MF1P2200DA8/00
00118Functional Certification Level 2MIFARE PLUS 2K 7Bytes02/10/201802/10/2020Allcard S.A.NXP – MF 1PLUS6001DA8/03
00112Fuctional Certification Level 2MIFARE PLUS 2K 4Bytes07/06/201706/06/2019CardtekNXP – MF1PLUS6021DA/03
00106Functional Certification Level 2MIFARE PLUS 2K 4Bytes25/05/201724/05/2019Magtik S.A.NXP – MF1PLUSXOY1
00103Functional Certification Level 2MIFARE CLASSIC 1K 4Bytes08/02/201708/02/2019Evolution Smart Card Indústria e Comércio Ltda.NXP – MF1S5030XDA4/1
00102Functional Certification Level 2MIFARE CLASSIC 4K 4Bytes06/02/201706/02/2019Evolution Smart Card Indústria e Comércio Ltda.NXP – MF1S7030XDA4/V1
00101Functional Certification Level 2MIFARE PLUS X 2K – 4bytes11/08/201611/08/2018Giesecke & Devrient America do SulNXP MF1PLUS6021DA4

Contact

SCTL – Security and Compliance Technical Laboratory

A lab of Laboratório de Sistemas Integráveis Tecnológico

Rua Pais Leme, nº 136, Cj. 101 e 102
Pinheiros – São Paulo – SP – Brazil
ZIP 05424-110
E-mail: rossan.santos@lsitec.org.br
Site: sctl.lsitetc.org.br