Serial NO. : I005036-EN
Date of Editing : 2023-02-03
Content :
2. Encryption Structure - Key Points
2-1. Basic Concepts of Encryption
2-2. Software and Equipment Requirements for Encryption Structures
2-3. How to Determine if a Controller is Encrypted?
2-4. The consequence of encrypted controller reading encrypted/unencrypted cards
2-5. The consequence of Unencrypted Card Reader Reading Encrypted/Unencrypted Cards
6-1. How to Disable Card Reader Encryption?
6-2. How to deal with the case that had been encrypted by SOR?
SOYAL provides various encryption/anti-copy methods to eliminate card copying situations. The main encryption methods include SOR Encryption and DesFire Encryption, with DesFire Encryption being the more advanced and secure option, currently unbreakable in the market.
All SOYAL H/E series card readers and K/U card readers support both SOR and DesFire encryption methods. SOR encrypted cards can be created using standard Mifare cards, while DesFire encrypted cards require the use of DesFire-specific cards.
※For detailed structural explanations, refer to ➤ 2. Encryption Structure - Key Points.
This article primarily introduces the basic concepts of encryption, the standard encryption process in SOYAL, and addresses other common questions such as disabling encryption and writing data to specific blocks. For additional common questions, refer to ➤ 6. Frequently Asked Questions.
2. Encryption Structure - Key Points
2-1. Basic Concepts of Encryption
The concept of encryption can be divided into two parts:
a. Encrypting the card
b. Encrypting the controller and reader
Encrypting the card involves writing two sets of keys (Key A/B) to the card and then writing the specified card number into a designated block within the chip.
Encrypting the controller and reader involves writing Key A/B to the card reader/reader head and specifying that the card reader, when reading a card, only reads the content within the specified chip block.
When a controller reads a specified block of an encrypted card and obtains Key A/B that matches the card reader's Key A/B, it can then read the content of that chip block (i.e., the specified card number).
※The reading and verification of encryption occur at the moment that the controller doing card detection. The subsequent processes of the card reader handling the door-opening procedure and sending data to 701ServerSQL are the same as in a non-encrypted structure.
While SOR and DesFire are different encryption methods, the basic principles are the same. In short, whether it's SOR or DesFire encryption, an encrypted H/E series controller can only read the content of an encrypted card when the Key A/B matches.
.png)
2-2. Software and Equipment Requirements for Encryption Structures
| SOR | DesFire | SOYAL DesFire | |
| Encryptor | Distributor or SOYAL | Distributor | SOYAL |
| Encoder | AR-725-P | AR-837-P | SOYAL provides assistance with encryption, no need to purchase an Encoder. |
| Card Required | Standard Mifare Card | DesFire Card | DesFire Card |
| Controller | H/E series controller | ||
| Reader | K/U series reader | ||
| Tools | Mifare Key | 323D Master | -- |
2-3. How to Determine if a Controller is Encrypted?
Referring to the following FAQ➤ Model Identification Method for SOYAL controllers, How to Determine Frequencies of controllers?
2-4. The consequence of encrypted controller reading encrypted/unencrypted cards
When an encrypted card that correctly matches the key is read by the encrypted card reader, the card number saved in specific block will be displayed normally. If an unencrypted card is read by the encrypted card reader, there will be no response; the LED will not flash, and the buzzer will remain silent.
※If the card reader version is older, it might display a red LED without any sound from the buzzer. In such cases, you should use the 701ClientSQL software to confirm the error code. If the error code indicates (M66) "License tree error," it means the card reader is encrypted, and the card is either unencrypted or has a different encryption key.
Please verify whether the card reader is encrypted by referring to the following FAQ➤ Model Identification Method for SOYAL controllers, How to Determine Frequencies of controllers?
※Note 1:
In situations where the software or card reader displays "License Tree Error," there are two possibilities:
a. The key of the encrypted card is different from the key of the encrypted card reader.
b. The layer of the encrypted card is different from the layer of the encrypted card reader.
In general, a different layer implies a different key. This issue can be resolved by either disabling encryption or using special firmware that spans different layers. For more details, please refer to the FAQ link in Note 2.
※Note 2:
How to undertake the case that had been encrypted by SOR?
2-5. The consequence of Unencrypted Card Reader Reading Encrypted/Unencrypted Cards
In the case where the card reader is not encrypted, regardless of whether it reads an encrypted or unencrypted card, it will only read the original UID of the card.
※Encryption involves writing a key to a specified block within the chip while configuring the card reader to read the corresponding block. This series of actions does not modify the original UID of the card.
Controller and card encryption manual ➤ SOR Mifare Key Manual
Controller encryption manual ➤ 323D Master Manual-Chapter 3
Card encryption manual ➤ AR-837-P Manual
5. Other Anti-Copy Methods
The format of NXP 15693 cards is another anti-copy method. The 15693 cards (ISO/IEC 15693) have a special chip, similar to DesFire encryption with dedicated DesFire cards. Additionally, 15693 cards have characteristics that make them impossible to copy (the chip cannot write information; for details, please refer to NXP chip-related protocols). Therefore, there is currently no relevant copying record in the market.
※ Currently, only E-series card readers can be updated with special firmware to read 15693 cards. If you want to use this method for anti-copy purposes, please contact the sales department at SOYAL.
6. Frequently Asked Questions
6-1 How to Disable Card Reader Encryption?
The steps to disable SOR and DesFire encryption are the same. Please refer to the following steps:
H Series Controller:
*123456# enter programming mode > 29*21*# (Reset SOR/Controller Parameters/User Data)
E Series Controller:
*123456# enter programming mode > 4.Parameters(2) > 9.Factory Reset > 2.System and User (Reset SOR/Controller Parameters/User Data)
6-2. How to deal with the case that had been encrypted by SOR?
Referring to the following FAQ➤How to undertake the case that had been encrypted by SOR?