December 2008
Chip Card & Security
Short Product Information
my-d™ proximity 2
SLE 66RxxS
Intelligent EEPROM with
Contactless Interface compliant to
ISO⁄IEC 14443 Type A and
Security Logic
Edition 2008-12-11
Published by
Infineon Technologies AG
81726 Munich, Germany
© 2008 Infineon Technologies AG
All Rights Reserved.
Legal Disclaimer
The information given in this document shall in no event be regarded as a guarantee of conditions or
characteristics. With respect to any examples or hints given herein, any typical values stated herein and/or any
information regarding the application of the device, Infineon Technologies hereby disclaims any and all warranties
and liabilities of any kind, including without limitation, warranties of non-infringement of intellectual property rights
of any third party.
Information
For further information on technology, delivery terms and conditions and prices, please contact the nearest
Infineon Technologies Office (www.infineon.com).
Warnings
Due to technical requirements, components may contain dangerous substances. For information on the types in
question, please contact the nearest Infineon Technologies Office.
Infineon Technologies components may be used in life-support devices or systems only with the express written
approval of Infineon Technologies, if a failure of such components can reasonably be expected to cause the failure
of that life-support device or system or to affect the safety or effectiveness of that device or system. Life support
devices or systems are intended to be implanted in the human body or to support and/or maintain and sustain
and/or protect human life. If they fail, it is reasonable to assume that the health of the user or other persons may
be endangered.
Important: For further information please contact:
Infineon Technologies AG in Munich, Germany,
Chip Card & Security,
Fax +49 (0)89 / 234-955 9372
E-Mail: security.chipcard.ics@infineon.com
Short Product Information 3 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
Trademarks of Infineon Technologies AG
my-d™
my-d™ proximity 2 - SLE 66RxxS Short Product Information
Revision History: Current Version 2008-12-11
Previous Release: 2008-07-17
Page Subjects (major changes since last revision)
all editorial changes
Short Product Information 4 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
Features
Intelligent EEPROM with
Contactless Interface compliant to ISO/IEC 14443 Type A and
Security Logic
Contactless Interface
• Physical interface and Anticollision compliant to ISO⁄IEC 14443-3 Type A
–Operation frequency: 13.56 MHz
– Data rate up to 848 kbit/s from PICC to PCD, 106 kbit/s from PCD to PICC
– Contactless transmission of data and supply energy
–Anticollision logic: Several cards may be operated in the field simultaneously
• Read / write distance up to 10 cm (influenced by external circuitry i.e. reader and inlay
design)
Up to 5120 bytes EEPROM
• Organized in up to 512 pages located in up to 16 sectors
• Each page organized in 8 bytes for data storage + 2 bytes for administrative purposes
• Configurable number of sectors (1 to 15) & sector size; up to 14 secured and 1 plain sector
• Configurable Key Area with up to 14 key pairs
• Up to 507 pages of user memory (user page size 8 byte)
• EEPROM Error Correction Unit (ECC)
• Unique IDentification number (UID)
• EEPROM programming time per page < 4 ms
• EEPROM endurance minimum 100,000 erase/write cycles1)
• Data retention minimum 10 years1)
Security Features
• State-of-the-art challenge and response security algorithm
– 2-way mutual authentication with 64-bit secret key between reader and card for basic
security
– 2 keys for each sector enable hierarchical key management
– Multi-level security structure possible
– Individual access rights for each key within a sector of each page
– Data integrity supported by 16 bit CRC (ISO 3309) and 32 bit MAC (after authentication)
• Access protection of EEPROM by transport key on chip delivery
Value Counters: up to 65536 (value range from 0 to 216-1)
• Each page in the User Area is configurable as a Value Counter
• Support of Anti-Tearing
Electrical characteristics
• ESD protection minimum 2 kV
• Ambient temperature -25°C ... +70°C (for the chip)
1)Values are temperature dep endent
Short Product Information 5 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
1 Ordering and packaging information
For more ordering information (wafer thickness and height of NiAu-Bump) please contact your
local Infineon sales office.
Pin description
Figure 1-1 Pin configuration Module Contactless Card - MCC2 (top / bottom view)
Figure 1-2 Pin configuration Module Contactless Card - MCC8 (top / bottom view)
Table 1-1 Ordering information
Type Package1)
1) MCC is short for Module Contactless Card
Total/User
Memory2)
2) Total memory size and page count includes the service area, the authentication counter, the transport key
and the 2 administrative bytes per page whereas user memory size and page count is freely programmable
for user data.
Total/User
Pages2) Ordering
code
SLE 66R04S C Die (sawn/unsawn wafer) 770/576 bytes 77/72 on request
SLE 66R04S NB NiAu Bumped (sawn wafer) on request
SLE 66R04S MCC2 P-MCC2-2-1 on request
SLE 66R04S MCC8 P-MCC8-2-3 on request
SLE 66R16S C Die (sawn/unsawn wafer) 2560/2008 bytes 256/251 on request
SLE 66R16S NB NiAu Bumped (sawn wafer) on request
SLE 66R16S MCC2 P-MCC2-2-1 on request
SLE 66R16S MCC8 P-MCC8-2-3 on request
SLE 66R32S C Die (sawn/unsawn wafer) 5120/4056 bytes 512/507 on request
SLE 66R32S NB NiAu Bumped (sawn wafer) on request
SLE 66R32S MCC2 P-MCC2-2-1 on request
SLE 66R32S MCC8 P-MCC8-2-3 on request
Short Product Information 6 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
Figure 1-3 Pad configuration die
Table 1-2 Pin description and function
Symbol Function
LAAntenna connection
LBAntenna connection
LA
SLE 66RxxS
my-d™ proximity 2
LB
Short Product Information 7 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
Application Segments
2 my-d™ product family
The my-d™ products are designed to meet increased demands for basic security and design
flexibility. The family of contactless memory my-d™ supplies the user with different memory
sizes and incorporates security features to enable considerable flexibility in the application
design.
The functional architecture, meaning the memory organization and authentication of my-d™
products is the same for both my-d™ proximity (ISO/IEC 14443) and my-d™ vicinity (ISO/
IEC 18000-3 mode 1 or ISO/IEC 15693). This eases the system design and allows simple
adaptation between applications.
All my-d™ products are available in plain mode with open memory access and in secure mode
with memory access controlled by authentication procedures.
Flexible controls within the my-d™ ICs start with plain mode operation and individual page
locking; for more complex applications various settings in secure mode can be set for multi
user / multi application configurations.
In secure mode a cryptographic algorithm based on a 64-bit key is available. Mutual
authentication, message authentication codes (MAC) and customized access conditions
protect the memory against unauthorized access. Configurable value counters featuring anti-
tearing functionality are suitable for value token applications, such as limited use
transportation tickets.
Architectural interoperability of all my-d™ products enables an easy migration from simple to
more demanding applications.
In addition, the my-d™ light (ISO/IEC 18000-3 mode 1 or ISO/IEC 15693) is part of the my-d™
family. Its optimized command set and memory expands the range of applications to cost
sensitive segments.
2.1 Application Segments
my-d™ products are optimized for personal and object identification. Please find in the
following table some dedicated examples.
Table 1-3 my-d™ products overview
Product Application
my-d™ proximity 2
−
SLE 66RxxS Access Control, Entertainment, Public
Transport, Customer Loyalty Schemes, Micro
Payment
my-d™ NFC
−
SLE 66RxxP Smart Poster, Public Transport, Event
Ticketing, Access Control, Consumer Good
information
my-d™ proximity enhanced
−
SLE 55RxxE Access Control, Gaming, Entertainment,
Customer Loyalty Schemes
my-d™ light
−
SRF 55V01P Libraries, Laundry, Factory Automation, Media
Management, Event Ticketing, Leisure Park
Access
Short Product Information 8 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
Application Segments
my-d™ vicinity plain
−
SRF 55VxxP Factory Automation, Healthcare, Ticketing,
Access Control
my-d™ vicinity plain HC
−
SRF 55VxxP HC Ticketing, Brand Protection, Loyalty Schemes,
Ski passes
my-d™ vicinity secure
−
SRF 55VxxS Ticketing, Brand protection, Loyalty Schemes,
Access Control
Table 1-3 my-d™ products overview
Product Application
Short Product Information 9 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
Circuit Description
3 my-d™ proximity 2
-
SLE 66RxxS
The my-d™ proximity 2 products are based on the ISO⁄IEC 14443-3 Type A standard for
contactless proximity cards. The my-d™ proximity 2 family additionally features my-d™
commands and my-d™ cryptographic algorithm. The products are targeting personal
identification,access and event ticketing, amusement and entertainment with basic security
requirements. They are fulfilling the requirements of state of the art contactless memory ICs
with respect to compatibility to the ISO⁄IEC 14443-3 standard part 1-3, operating range and
command as well as feature set. The my-d™ proximity 2 family focuses on flexible memory
and sector configuration.
3.1 Circuit Description
The my-d™ proximity 2 is made up of an EEPROM memory unit, an analog interface for
contactless energy and data transmission and a control unit.
Figure 3-1 Block diagram of the my-d™ proximity 2
•Analog Contactless Interface
The Analog Contactless Interface comprises the voltage rectifier, voltage regulator and
system clock to supply the IC with appropriate power. Additionally the data stream is
modulated and demodulated.
•Operational mode
The access to the memory depends on the actual mode of the my-d™ proximity 2. The
memory is accessed according to plain or secure mode after the PICC is selected.
•Authentication Unit (optional use)
The Authentication Unit generates random numbers, calculates and verifies the message
authentication codes (MAC).
•Memory Unit
The Memory Unit consists of up to 5120 bytes memory organized in up to 512 pages each
of 8 user and 2 administration bytes.
POWER
Control Unit
Memory
Access
IO Command
Analog
Contactless
Interface Memory Unit
Operational Mode
LB
LA
Anticollision
DATA
Power Circuit
Rectifier
Clock Extractor
Power On Reset
Voltage Regulator
CLOCK
Parallel
Serial
Authentication
Unit
Authen-
tication
Antenna
Short Product Information 10 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
Memory Principle
•Control Unit
The Control Unit decodes and executes all commands. Additionally the control unit is
responsible for the correct anticollision flow.
3.2 Memory Principle
The my-d™ proximity 2 chip features secure memory access.
The User / Key Memory with its flexible organisation permits up to 14 independent secure
sectors of a variable size each protected with a 64 bit key pair. Only after a successful
authentication a single sector is accessible. In addition, one freely accessible plain sector is
available for general purpose use.
The memory is organized in 4 areas:
•User Area
• Key Area
• Service Area
• Administration Area
Figure 3-2 my-d™ proximity 2 Memory Organization
The User Area stores User Data in flexible numbers of sectors, from 0 to 15, with configurable
number of pages (from 1 up to 507 pages), where sector 0 is the plain sector and sector 1 is
reserved for authentication counters.
ISO Custom mode
(Issuer mode 10 byte / page )
(User mode 8 byte / page)
Service Area
Unique serial number (UID)
User Area
page (plain)
Addr.
00h
page (secure)
page (secure)
:
:
:
Administration
Area
SI AC
SI AC
SI AC
SI AC
Key Area
Key A (Sector 2)
Key B (Sector 2)
Key (Sector 15)
:
SI AC
SI AC
:
SI AC
end
Short Product Information 11 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
System Overview
The Key Area stores the 8-byte key(s) allocated to each secure sector. Two 8-byte keys per
sector with different access rights are available to enable a hierarchical key management.
The Service Area stores the UID, manufacturer data, configuration data as well as the
authentication counter. This information is programmed at manufacture of the chip and cannot
be changed.
The Administration Area stores 2 bytes of information about page administration (SI - Sector
Index and AC - Access Condition). The Access Condition and Sector Index byte are corruption
protected.
3.3 System Overview
The system consists of a host system, one or more my-d™ proximity 2 or other
ISO⁄IEC 14443-3 compliant cards and an ISO⁄IEC 14443-3 compatible contactless reader
with an antenna. Operation on protected areas of a my-d™ proximity 2 in Secure Mode require
mutual authentication between the label and the reader. To achieve the system security the
my-d™ security algorithm has to be integrated into the reader. A license can be obtained from
Infineon Technologies for integration of the algorithm into the reader.
Optionally the EasySAM can be used. It incorporates the security algorithms and a key
management system including diversification of Masterkeys. Additionally AES and TDES is
supported enabling data encryption methodes.
The EasySAM is an EAL5+ certified product. .
To access plain pages on a SLE 66RxxS, the algorithm is not required on the reader.
Figure 3-3 Secure my-d™ proximity 2 RFID system
Host System
Identification Terminal (PCD)
µC Analog
Circuitry
Antenna PICC
Data
Energy
Clock
SLE 66RxxS
my-d™ proximity 2
Algorithm
Algorithm
or SW
SAM
Short Product Information 12 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
Product Versions
3.4 Product Versions
To identify the different types of my-d™ proximity 2 contactless memories special chip type
information is coded into the manufacturer page (page 02h, byte 0). The table below briefly
describes the values of this byte for the different chip versions.
Note: Bit [5:3] should not be evaluated since their value may be changed for future revisions.
Note: In addition to the chip type information, the manufacturer code and a chip family
identifier are coded into the UID as described in Table 3-2. The chip family identifier
can be used to determine the basic command set for the chip.
Table 3-2 Manufacturer and Chip Family Identifier
3.5 Supported Standards
•ISO⁄IEC 14443-3 Type A (Parts 1, 2 and 3)
tested according to ISO/IEC10373-6 (PICC Test & Validation)
3.6 Command set
The my-d™ proximity 2 chip is compliant to the ISO⁄IEC 14443-3 standard. A set of standard
ISO commands is implemented to operate the chip. Additional to the ISO/IEC 14443
commands, a my-d™ specific command set is implemented. This facilitates the access to the
on-chip integrated memory. To execute commands on plain memory pages, no authentication
is required.
3.7 Multi-Application Functionality
The my-d™ proximity 2 Secure Mode provides the possibility to configure for example one
large sector or up to 15 smaller ones of flexible size.
Table 3-1 Chip Information for different product variants
Sales Code Chip Information Byte
SLE 66R04S 10xx x010b
SLE 66R16S 10xx x100b
SLE 66R32S 10xx x101b
UID Field Value Description
UID0 05hManufacturer ID according to ISO/IEC 7816-6/AM1
UID1 x0hThe higher nibble of UID1 is the chip family identifier coded as:
1h ... my-d™ command set
The lower nibble is RFU and set to 0h.
Note: The lower nibble shall not be checked for chip family
determination.
Short Product Information 13 / 14 2008-12-11
my-d™ proximity 2
SLE 66RxxS
Security features
In particular, one sector can be addressed without authentication reading e.g. additional label
and user information (plain sector).
The my-d™ proximity 2 closes the gap between the diverging requirements for low cost
memory and value token applications. Its unique value counter functionality eases the
implementation of value blocks and limited use.
The hierarchical approach of a key pair enables customized applications comprising different
memory access.
3.8 Security features
The serial number (UID) is unique for each label and cannot be changed. Access to the
protected memory of the label is controlled by using mutual authentication.
For all operations to the protected memory the authentication unit calculates and validates the
message authentication codes (MAC) to verify the data integrity. Additionally a key pair and
individually configurable Access Conditions secure the access to the protected memory.
Published by Infineon Technologies AG
www.infineon.com/rfid
14
