Configuring MIFARE DESFire in Security Center - Security Center 5.10

Security Center Administrator Guide 5.10

Applies to
Security Center 5.10
Last updated
2023-06-12
Content type
Guides > Administrator guides
Language
English
Product
Security Center
Version
5.10

To encode MIFARE DESFire key cards or re-encode cards that were configured with a third-party production tool, you must create the configuration in Config Tool.

Before you begin

Ensure the following:
  • Your Security Center license supports MIFARE DESFire configuration.
  • You are granted the Export configurations and keys user privilege.

What you should know

MIFARE DESFire EV1/EV2 is a 128-bit, Advanced Encryption Standard (AES)-based protocol for which you define the keys.

Procedure

  1. From the Config Tool home page, open the MIFARE DESFire configuration task.
  2. From the MIFARE DESFire configuration list, click Add an item ().
  3. In the dialog box that opens, enter a name for the configuration you are creating.
  4. Do one of the following:
    • To enable Security Center to recognize a pre-encoded card, enter a name in the Configuration name field, then complete the fields to match the card.
    • To encode a new card or re-encode an existing card, select the Card encoding check box, then set the values for your new configuration.
      NOTE: Enabling Card encoding opens three options for the kind of configuration file you will create.
  5. If you are encoding or re-encoding a card, select an option:
    • Format card: Delete all information on the card before creating an application.
    • Update the app master key: Change the master key of the application on the card.
    • Free create: Enable the creation of applications even when the card master key is unknown.
  6. Click OK, then click Save.
    If you have multiple configurations in the MIFARE DESFire configurations list, selecting a configuration activates it.
  7. (Optional) Verify the configuration:
    1. Select a configuration from the MIFARE DESFire configuration list.
    2. In the Testing on USB reader section, click Read mode.
    3. Badge a card.
    If the card matches the active configuration, it is read properly. If the card uses a different configuration than the one you selected, it returns a failed read.
  8. (Optional) Encode or re-encode a card:
    1. Select a configuration from the MIFARE DESFire configuration list.
    2. In the Testing on USB reader section, click Write mode.
    3. Badge a card.
    The card is encoded or re-encoded to match the active configuration.
  9. Export the configurations by doing one of the following:
    • Export the configurations to a SmartCardsSites.xml file.
    • Export the configurations directly to Synergis™ Cloud Link units.
  10. To export the configurations to a SmartCardsSites.xml file:
    1. Click Export to file and save the SmartCardsSites.xml file to your local hard drive.
    2. Log on to Synergis™ Appliance Portal and upload the SmartCardsSites.xml file to your Synergis™ unit.
    3. Copy the SmartCardsSites.xml file to the Security Center installation folder of each workstation being used to configure MIFARE DESFire credentials.
  11. To export the configurations directly to Synergis™ Cloud Link units:
    1. Click Export to units.
    2. In the Unit selection dialog box, select one or more Synergis™ Cloud Link units to export the configuration to.
    3. Click Export.
    4. Verify the updated configuration in Synergis™ Appliance Portal by clicking Configuration > MIFARE DESFire.
    In the Readers and associated MIFARE DESFire configurations section, the configurations you exported are listed in the Available configurations for each reader.