4.1 Card Encryption

The card encryption process in 2N^® PICard Commander assigns a unique 128-bit identifier to every card, which is subsequently encrypted using the project encryption keys. It is possible to read a card to find its identifier or additional information and learn whether it is possible to encrypt the card in the project.

Encryption Process
Card Information Reading

Encryption Process

Click Add card in Card encryption in the application introductory interface.
Alternative path: Project → Encrypt New Card.

Credential ID for new card – new card identifier.

Tap the card on the card reader. Press Encrypt to assign encrypted access data to the card.

Tip

Select the box to the right to start automatic encryption of other tapped cards without repressing Encrypt.

The application informs you of a successful card encryption.

If the encryption failed, the application provides the causes:

Card cannot be encrypted – 2N^® PICard Commander has no access to the card PICC master key. To encrypt a card with a preset PICC master key, select the appropriate card mode in Subs. 3.1 Project Settings.
Not enough free space on card – there is not enough space on the card for the 2N^® PICard upload. The required minimum memory is 512 B.
Unsupported card – the application does not support this card type. The 2N^® PICard technology is designed for the encryption of the MIFARE DESFireEV2 and EV3 cards.
Only Mifare DESFire EV2 or EV3 are supported – the application does not support this card type. The used card is MIFARE DESFire EV1.
Communication failure with card – the reader failed to read the card. Tap the card on the reader and do not remove it before the encryption process is completed.

Tip

There is a pop-up list of encrypted card IDs in the box bottom section. Copy the list before closing the box to be able to keep it. By closing the box you will delete the list. You will be able to display the ID of each card only later.

Card Information Reading

Display the assigned card ID and other info and encryption options in Project → Read card. Tap the card on the reader to read the information.

This card can be encrypted in the application.

Kartu tohoto typu nelze v aplikaci šifrovat.

This card cannot be encrypted in the application.

PICard credential reads the card credential assigned during encryption. If the card has no credential, the following options are displayed:

Not encryptable – the card type is compatible with the 2N^® PICard technology, but the project has no access to its PICC master key.
This card is not suitable for PICard encryption – the application does not support this card type. The 2N^® PICard technology is designed for the encryption of the MIFARE DESFire EV2 and EV3 cards.
Not encrypted yet – the card can be encrypted.
Unknown – the card is encrypted in another project under a different main encryption key. The card may be also be corrupted.

Card Status displays the card state or encryption options.

Valid PICard credential – the card is encrypted in this project.
The card can be encrypted (card is empty) – the card is not encrypted. The card has factory default settings.
The card can be encrypted – the card is not encrypted. A project compatible PICC master key is set on the card.
Different PICC Master Key detected. Card's current PICC Master Key required for encryption – the card cannot be encrypted in this project. The set PICC master key is different.
PICard application created in a different project, so cannot be read in this project – the card has been encrypted in a different project.
Only Mifare DESFire EV2 or EV3 are supported – the card cannot be encrypted. The application does not support this card type. The used card is MIFARE DESFire EV1.
INVALID CREDENTIAL (there's a problem with the digital signature) – the encrypted access data cannot be displayed. The authenticity confirmation has failed. The digital signature is invalid.

Card ID displays the card UUID and informs that the Random ID function is enabled.