NXP Semiconductors has announced the NCJ37x Secure Element (SE), an automotive-qualified secure microcontroller with advanced cryptographic accelerators and physically built-in electrical attack resistance for various security-critical automotive applications such as smart access key fobs, Qi 1.3 authentication, or car-to-cloud communication. The device supports the protocols from the Car Connectivity Consortium (CCC) and its passive NFC ISO 14443-4 interface and highly-secure design approach address the needs of next-generation smart fobs combining Ultra-Wideband (UWB), Bluetooth Low Energy (BLE), and passive near field communication (NFC) technologies.
Carmakers are rapidly adopting smartphone access systems and evolving their smart fobs towards the higher security levels and wireless interfaces familiar to the smartphone world. This enables new use cases for smart fobs like having digital keys for several cars stored on the fob, and adding other payment means such as bank cards. To meet these needs, OEMs are looking for an open, multi-solution platform with higher security and flexibility that can accelerate time to market. The new NXP NCJ37x Secure Element works with NXP’s NCJ38x car-side Secure Element and corresponding secure applets. The passive ISO 14443-4 NFC, SPI, and I²C interfaces help enable robust protection against the latest attack scenarios and an extended feature set for a broad range of secure in-car applications entering the market requiring the secure processing of sensitive data.
The NCJ37x features the highly flexible Java Card Operating System (JCOP), Trust Provisioning service, and secure over-the-air updatability. The SE enables enhanced Common Criteria EAL 6+ certified security for a broad range of automotive applications, including car access, driver authorization, CCC digital key, car-to-cloud (C2C) communication, and Qi 1.3 authentication. The passive, or powered-by-the-field, NFC interface is convenient as a backup if the fob battery is drained. With 600kb of secure flash, it provides sufficient memory to allow a multi-service approach considering several active security domains and apps on the device.