Ultralight C Disposable NFC

MIFARE Ultralight C Cards

Name: MIFARE Ultralight C Cards — 3DES Disposable NFC
Brand: Proud Tek
SKU: PT-MIFARE-ULTRALIGHT-C-CARD
Availability: InStock

3DES Disposable NFC

Fan of printed RFID cards including transit tickets, a clear card and a wooden card

Quick answer

NXP MIFARE Ultralight C (MF0ICU2) is the disposable-tier NFC card chip: 192 bytes of user memory, 3DES mutual authentication (112-bit key), ISO/IEC 14443-3 Type A, NFC Forum Type 2 Tag. It is the default credential for single-use transit tickets, event wristband cards, ski day-passes, short-stay hotel keys, and one-time-use loyalty claims — any programme where the per-card cost must sit near disposable economics but Crypto-1 cloning risk is unacceptable. Proud Tek ships Ultralight C blanks and custom-printed cards with per-card 3DES key diversification per NXP AN11136, a pre-shipment UID-to-diversified-key manifest, and NXP chip-authenticity certificates on every batch.

3DES mutual authentication (NIST SP 800-67 TDEA, 112-bit effective key) at a per-card cost 40-60% below DESFire EV3 — the reason Ultralight C is the default silicon for disposable transit, event, and ski programmes where Crypto-1 cloning risk is unacceptable.
192 bytes organised as 48 × 4-byte pages with 144 free user bytes — enough for a fare payload + counter, a signed access token, or an NDEF URI + loyalty record; NFC Forum Type 2 Tag so any modern smartphone reads public pages without authentication.
Per-card key diversification (NXP AN11136) + UID-to-diversified-key CSV manifest + NXP chip-authenticity certificate on every Proud Tek batch — the three artefacts that separate a procurement-grade Ultralight C supply from a commodity one.

Request samples

10+ Years ISO 9001 500+ Clients 50+ Countries

At a glance

Use these short answers to decide whether this page matches the project before moving into the detail.

Chip family and silicon

NXP MIFARE Ultralight C (MF0ICU2) — the only Ultralight-family variant with 3DES mutual authentication; positioned between Ultralight EV1 (password-only) and DESFire EV3...

Air interface and NFC Forum classification

13.56 MHz, ISO/IEC 14443-3 Type A — read by every standard contactless reader, turnstile, terminal, and NFC-enabled smartphone (iPhone XS and later, any modern Android)....

Next step

Ready to move forward? Start your inquiry to get specific answers for this project.

Request Ultralight C card quote

Memory layout and capacity: 192 bytes organised as 48 pages × 4 bytes. Pages 0-1 hold the 7-byte UID; pages 2-3 internal configuration + OTP + lock bits; pages 4-39 user memory (144 bytes free); pages 40-43 3DES key slots; pages 44-47 counter + lock.
144 free bytes are enough for: one NDEF URI + 16-byte fare payload; or transit operator ID + product code + validity window + ride counter + transaction log; or a 64-byte loyalty payload + counter; or a signed access token.
Security posture — 3DES mutual authentication: Triple-DES (TDEA, NIST SP 800-67) mutual authentication with a 112-bit effective key — both card and reader must prove knowledge of the shared secret before the reader can access authenticated pages or increment the decrement counter.
With per-card key diversification (NXP AN11136) the master key never leaves the issuer; compromising one card reveals nothing about any other card in the batch, which is what makes Ultralight C acceptable at disposable-volume deployment.
Why not Ultralight (no-C), Classic, or DESFire: Ultralight / Ultralight EV1 use a 32-bit password — brute-forceable on commodity hardware; fine for a brochure URL, not for a fare or a pass.
MIFARE Classic 1K uses Crypto-1, publicly broken since Nohl/Plötz 2008; one European metro publicly estimated €2-5M / year in fare-evasion loss from Crypto-1 cloning on legacy stock.
DESFire EV3 (AES-128) is the right answer for multi-application credentials and stored value, but 2-3× the silicon cost — overkill for single-use disposable economics.
Card body, durability and slot geometry: ISO/IEC 7810 ID-1 (85.60 × 53.98 × 0.76 mm) standard; ISO/IEC 10373-1 durability methodology. Thin 0.3 mm PET option for turnstile slot-accept gates used in public transit.
Paper / Tyvek inlay option laminates the Ultralight C chip into a paper or non-woven ticket body for the lowest possible per-credential cost, common on festival wristbands and single-ride fare tickets.
Factory pre-encoding and manifests: 3DES key diversification per card using the issuer's master key + UID (TDEA-CMAC per AN11136 or a custom algorithm the issuer specifies); UID-to-diversified-key mapping CSV ships before the batch leaves the factory.
NDEF payload (URL RTD, Smart Poster, vCard, custom) pre-written; lock-bits set after encoding, never before, so OTP pages are not accidentally locked against the application data.
QC on every bulk run: Genuine NXP MF0ICU2 chip-authenticity certificate ships with the batch; a spot-check 3DES authentication log confirms the feature is present and responding on every sampled card.
Dimensional tolerance to ISO/IEC 7810 is 100% inspected so magnetic-stripe encoders, lamination presses, and turnstile card dispensers do not jam on mixed-tolerance stock.
Print, personalise, brand: Full-colour CMYK offset (≥1,000 units, ISO 12647-2 process control) or UV digital (short runs, 600-1,200 dpi). Pantone spot colour, spot UV, hot foil, embossed numbering, signature panel, HiCo / LoCo magstripe overlay.
Variable data — sequential card numbers, QR / 1D barcodes for visual fallback, sponsor logos — inline with the factory print step.
Programme fit and deployment patterns: Transit: single-ride, day-pass, multi-ride disposable tickets for bus / metro / rail, with 3DES gate authentication + counter.
Events: festival wristbands, day-pass concert / exhibition / sports tickets — gate-tap throughput lifts from ~600-800 / hr (barcode) to ~1,200-1,800 / hr (RFID tap).
Ski resorts: day and multi-day passes with 3DES + diversified key; seasons after migration from magstripe typically see 40-60× fewer verified clone incidents.
Hospitality short-stay: 1-3 night room credentials where the card is not recovered — DESFire-grade security at sub-DESFire cost.
Loyalty one-time claims: scratch-style tap-to-redeem promotion cards where 3DES blocks replay of single-use tokens.
Libraries / self-service kiosks: patron ID with a short borrow record on user pages.
Procurement realities: MOQ 500 blank / 1,000 printed; lead time 10-15 business days for custom printed batches, 2-3 business days for blank stock.
Per-card cost at 50k-500k volume lands roughly 40-60% below a DESFire EV3 equivalent while delivering genuine 3DES (not password) security — which is what makes the chip the default for disposable economics.
Compliance and end-of-life: Applicable card-side standards: ISO/IEC 14443-3/-4, ISO/IEC 7810, ISO/IEC 10373-1; NFC Forum Type 2 Tag. Reader-side radio compliance (FCC 47 CFR Part 15, EN 300 330) sits with the gate / terminal supplier.
Paper / Tyvek inlay variants route to standard paper-recycling streams; PVC cards are collected at the gate or venue exit and routed to local PVC recycling where streams accept them; r-PET / PLA substrate options on request for ESG-reporting programmes.

The disposable-ticketing sweet spot — 3DES at Ultralight economics

192 BUser memory (48 × 4 B pages)
3DESMutual authentication (112-bit)
40-60%Below DESFire per-card cost
MOQ 500Blank / 1,000 printed

Ultralight C occupies the gap between Ultralight EV1 (password-only — fine for a URL, not for a fare) and DESFire EV3 (AES-128 — overkill for single-use).
The programme-economics calculation is simple: if the card does not come back and the clone-risk tolerance is non-zero, 3DES at disposable cost is the right silicon.
When stored value or multi-application use is in scope, the answer is DESFire — Ultralight C is the single-purpose, one-lifecycle credential.

Ultralight C vs neighbouring MIFARE tiers

Ultralight / Ultralight EV1 — entry cost, no real security

MIFARE Ultralight (MF0ICU1): 64 bytes, no authentication beyond a 32-bit password
Ultralight EV1 (MF0ULx1): 48-128 bytes, password-only authentication
Brute-forceable on commodity hardware — acceptable only for a brochure URL or static record
Lowest chip cost in the family
Not acceptable where fare, access, or pass cloning would produce measurable loss

Ultralight C — 3DES at disposable cost (this page) / DESFire EV3 — AES when stored-value is in scope

Ultralight C (MF0ICU2): 192 bytes, 3DES mutual authentication (NIST SP 800-67 TDEA) — this page
DESFire EV3 (MF3DHx2/3): 2-32 KB, AES-128 + per-card diversification (NXP AN10922)
Ultralight C: 40-60% below DESFire per-card at matched volumes — disposable economics retained
DESFire EV3: right answer when the credential must be reused, hold value, or run multi-application logic
Crossover typically at ~12-18 months of expected card lifecycle

192 bytes, 144 usable — why the memory map matters

Pages 4-39 (144 bytes): application payload — fare record, counter backup, loyalty stamp history, access token.
Page 41 counter (optional): monotonic decrement, tear-off-style ride / punch tracking.
Pages 40, 42, 43 (16 bytes 3DES key slots): write-only after personalisation.
Pages 2-3 lock bits + OTP: lock user memory or individual pages permanently once personalised.

From Crypto-1 break 2008 to Ultralight C as default disposable silicon

2001-2004
MIFARE Ultralight (MF0ICU1) arrives as the low-cost, password-only NFC chip for single-use applications; fine for brochures, insufficient for fare or access.
2008
Nohl / Plötz publish the academic break of Crypto-1 on MIFARE Classic. One European metro later publicly estimates €2-5 M / year in fare-evasion losses attributable to Crypto-1 cloning.
2009
NXP releases MIFARE Ultralight C (MF0ICU2) with 3DES mutual authentication — security hardened to TDEA (NIST SP 800-67) at a price point that makes disposable programmes viable.
2012-2015
NFC Forum Type 2 Tag specification matures; Ultralight C public pages become NDEF-readable by any smartphone, opening consumer-tap marketing and loyalty flows on top of the authenticated gate logic.
2016
NXP AN11136 publishes the recommended 3DES key-diversification scheme for Ultralight C — the pattern every procurement-grade supplier now follows.
2020-2024
DESFire EV3 (AES-128) displaces Ultralight C on reusable and stored-value credentials; Ultralight C consolidates into the true disposable tier (single-ride, day-pass, festival wristband, short-stay hotel).
2026 Today
From buyer conversations across events-venue-single-use, transit-single-ride, hotel-disposable-key, conference-badge, and one-time-visitor programmes converge on Ultralight C + 3DES diversified key + UID manifest + NXP chip-authenticity certificate — the four-artefact spec that separates a procurement-ready disposable card from a commodity one.

Applications

Public transit: single-ride, day-pass, and multi-ride disposable tickets with 3DES gate authentication + monotonic counter.
Events: festival wristband cards, concert / sports / exhibition day-pass tickets — gate throughput lifts from ~600-800 / hr (barcode) to ~1,200-1,800 / hr (RFID tap).
Ski lift passes: day and multi-day passes with diversified-key 3DES; dramatic drop in verified clone incidents after migration from magstripe.
Short-stay hospitality: 1-3 night room credentials where card recovery is not expected and DESFire economics are not justified.
Loyalty one-time claims: tap-to-redeem promotion cards where 3DES blocks replay of single-use tokens (<0.1% fraudulent redemption vs 1.5-3% on QR / barcode equivalents).
Libraries / kiosks: patron ID with a short borrow record on authenticated user pages.

Bulk-procurement failure modes Proud Tek eliminates

Transport-key left as factory default: Proud Tek diversifies the 3DES key per card using the issuer's master + UID per AN11136 and ships the UID-to-diversified-key CSV before the batch leaves.
OTP / lock bits pre-set by the supplier: every user page is verified unlocked pre-shipment; lock-bit configuration is done only after application data is written, at the issuer's instruction.
Counterfeit or mis-shipped chips (Ultralight vs Ultralight C): NXP chip-authenticity certificate + spot-check 3DES-response log ships with every batch.
No UID manifest: comma-separated UID list (hex + decimal) emailed before shipment for database seeding.
Dimensional drift: 100% ISO/IEC 7810 ID-1 tolerance inspection so magstripe encoders, lamination presses, and turnstile dispensers do not jam.

Useful next pages

Use these linked product, guide and comparison pages to keep the next click specific and practical.

Related card products

Where Ultralight C sits in the MIFARE chip hierarchy, plus the reusable-credential upgrade path.

MIFARE Classic 1K cards (legacy — for comparison) MIFARE DESFire EV3 cards (AES-128 upgrade path) MIFARE Plus SE cards (Classic-pin-compatible AES upgrade) RFID membership cards (reusable counterpart) Blank RFID cards (all chip types) NFC cards (overview) NTAG213 NFC stickers (adhesive alternative)

FAQ

Is Ultralight C secure enough for transit?

Yes — Ultralight C runs 3DES mutual authentication (TDEA per NIST SP 800-67, 112-bit effective key), which has no published practical break. With per-card key diversification per NXP AN11136 the master key never leaves the issuer, so compromising one card reveals nothing about any other card in the batch. That is why Ultralight C is the default for disposable fare. When the credential is reusable or carries stored value, DESFire EV3 with AES-128 is the right answer instead.

What is the difference between MIFARE Ultralight, Ultralight EV1, and Ultralight C?

Ultralight (MF0ICU1, 64 bytes) and Ultralight EV1 (MF0ULx1, 48-128 bytes) use only a 32-bit password — brute-forceable, acceptable only for static NDEF records like a brochure URL. Ultralight C (MF0ICU2, 192 bytes) adds 3DES mutual authentication with a 112-bit key, making card cloning and replay significantly harder. For any programme with a security requirement — fare, access, ticket, pass — Ultralight C is the Ultralight-family choice.

Can Ultralight C store monetary value?

For low-value disposable use (single-ride fare, day pass, one-time loyalty claim) — yes. The 3DES-authenticated decrement counter and authenticated user pages support tear-off-style value tracking. For higher-value reusable stored-value (transit purses, campus cashless payment, loyalty wallets), DESFire EV3 with AES-128 and the on-chip transaction MAC is the right tier — its higher per-card cost is absorbed by the reusable lifecycle.

Can a standard smartphone read Ultralight C cards?

Yes — any NFC-enabled iPhone (XS or later) or modern Android reads public pages and NDEF records without authentication, because Ultralight C is ISO/IEC 14443-3 Type A + NFC Forum Type 2 Tag compliant. The 3DES authentication is used by the reader infrastructure — gates, terminals, turnstiles — to verify the card is genuine before reading authenticated pages. Consumers only tap; the cryptography stays in the reader.

What MOQ and lead time should we plan around?

MOQ 500 for blank white Ultralight C; 1,000 for custom-printed stock. Lead time is 10-15 business days for custom printed batches and 2-3 business days for blank stock from Proud Tek's factory inventory. Per-card key diversification, UID manifests, NDEF pre-encoding, thin 0.3 mm PET, and paper / Tyvek inlay variants are all available without MOQ uplift.

Do you supply NXP chip-authenticity certificates with the order?

Yes. Every Proud Tek Ultralight C batch ships with the NXP chip-authenticity certificate and a spot-check 3DES-authentication log confirming the feature is present and responding on every sampled card — specifically to address the documented failure mode where another supplier substituted non-authenticated Ultralight (no "C") into a bulk order.

Sources & references

Primary standards, OEM datasheets and regulatory documents cited by this article. All URLs were verified on the access date shown below.

NXP MIFARE Ultralight C (MF0ICU2) short-form specificationNXP Semiconductors · Sep 1, 2017 · accessed Apr 24, 2026
Canonical product data sheet — 192 B memory layout, 3DES authentication flow, page-level access control.
NXP Application Note AN11136 — Ultralight C 3DES key diversificationNXP Semiconductors · accessed Apr 24, 2026
Reference diversification scheme used by every procurement-grade Ultralight C deployment.
NIST SP 800-67 Rev. 2 — Recommendation for the Triple Data Encryption Algorithm (TDEA)U.S. National Institute of Standards and Technology · Nov 1, 2017 · accessed Apr 24, 2026
The standard that defines the 3DES block cipher used inside Ultralight C mutual authentication.
ISO/IEC 14443-3 — Identification cards — Contactless integrated circuit cards — Proximity cards — Part 3: Initialization and anticollisionInternational Organization for Standardization · Jul 1, 2018 · accessed Apr 24, 2026
The Type A air-interface layer Ultralight C operates on.
NFC Forum Type 2 Tag Operation SpecificationNFC Forum · Aug 1, 2017 · accessed Apr 24, 2026
NDEF-readable behaviour of Ultralight C public pages on consumer smartphones.

10+ Years RFID Manufacturing

ISO 9001 Certified Factory

500+ Enterprise Clients

50+ Countries Served

Proud Tek is a Shenzhen-based RFID & NFC manufacturer supplying hotel chains, transit operators, event venues and retail brands worldwide. Every order includes free samples, RF testing and dedicated project support.

Get a Quick Quote

Tell us about your project and we'll respond within one business day. Fields marked (asterisk) are required.