HID® Crescendo® – Smart cards for physical and logical access

The Crescendo card is a secure authentication solution that integrates both physical and logical access into a single smart card.

Compatible with FIDO2, PKI and OATH, it enables secure access to networks, systems and cloud services without the need for pre-installed software.

These cards comply with high security standards such as NIST SP 800-63 guidelines and can be used as corporate IDs with advanced printing and security capabilities.

Contact

Categories: HID® Cards, Multifactor Authentication

Description
Specifications

Product description

Multi-factor authentication (MFA) and passwordless authentication: integrating FIDO2, PKI and OATH, providing secure access to networks and cloud services without the need for passwords.
Regulatory compliance: aligned with NIST SP 800-63 guidelines and certifications such as FIPS 140-2 and Common Criteria.
Versatility: compatible with multiple physical (Seos, iCLASS, MIFARE) and logical access technologies.
Advanced security: protection against physical and logical attacks, including differential power analysis and fault injection detection.
Ease of management: credential lifecycle managed from a single platform with a single PIN for multiple access technologies.
Easy Implementation: designed to be easy and quick to implement.
Zero Trust Security Approach: enable organisations to adopt the Zero Trust security approach.
Data Privacy: comply with privacy regulations such as GDPR, HIPAA, PCI-DSS, LBA, SOX, NERC-CIP and more.
Durability: 500,000 EEPROM cycles, with a data life of 20 to 25 years.
Printer support: Compatible with HID Secure Issuance card printers, either direct print (DTC) or high definition (HDP).

There are several versions of the Crescendo card, each with different features and security levels. The main versions are:

Version	Compatibility	Physical Access Technologies	Protocols
Crescendo 3000	Contact and non-contact	MIFARE DESFire EV2, HID SEOS, MIFARE Classic, iCLASS, Prox	FIDO2, PKI, OATH
Crescendo 2300	Non-contact	HID SEOS, iCLASS, Prox	PKI, FIDO2, OATH
Crescendo 144K	Contact	HID SEOS, MIFARE Classic, MIFARE DESFire EV3, iCLASS, Prox	PKI

Each version is designed for different security needs and specific applications within a corporate environment.

Specifications

Logical access	Crescendo 3000: Contactless, Crescendo 2300: Contact & Contactless / Contactless; Crescendo 144K: Contact
Physical access	Crescendo 3000: MIFARE DESFire EV2 Crescendo 2300: HID SEOS 8K, MIFARE Classic, MIFARE DESFire EV1, PROX / HID SEOS 8K, iCLASS 32K, PROX Crescendo 144K: HID SEOS 8K, MIFARE Classic, MIFARE DESFire EV3, iCLASS 32K, PROX
Security services	Crescendo 3000: FIDO 2.0 Crescendo 2300: PKI, FIDO 2.0, OATH Crescendo 144K: PKI
Platform	Crescendo 3000: Java Card 3.0.5, Global Platform 2.3, NXP JCOP 4.0 Crescendo 2300: Java Card 3.0.5, Global Platform 2.2, NXP JCOP 3.0 Crescendo 144K: Java Card 3.0.4, Global Platform 2.2, G&D SM@RTCAFÉ EXPERT 7.0
Cryptographic algorithms	Crescendo 3000: AES-256, Triple DES, Up to RSA 4096 bits and ECC 640 bits key length Crescendo 2300: AES-128, Triple DES, RSA1024 and 2048, ECC p256/p384 Crescendo 144K: AES-128, Triple DES, RSA1024 and 2048, ECC
Smart Card Interface	Crescendo 3000: ISO 14443 Type A Crescendo 2300: ISO 7816-3, ISO 14443 Type A / ISO 14443 Type A Crescendo 144K: ISO 7816-3, ISO 14443 Type A
Communication speed	Crescendo 3000: Contactless up to 848 Kbps Crescendo 2300: Contact up to 115,200 bps; Contactless up to 848 Kbps Crescendo 144K: Contact up to 115,200 bps; Contactless up to 848 Kbps
EEPROM Size	Crescendo 3000: 180 Kbytes Crescendo 2300: 132 Kbytes (TBC) Crescendo 144K: 144 Kbytes
EEPROM Resistance	Crescendo 2300: 500,000 ciclos Crescendo 144K: 500,000 ciclos
EEPROM Data duration	Crescendo 3000: 25 years Crescendo 2300: 20 years Crescendo 144K: 20 years
Dimensions	54 x 85.7 x 0.84 mm
Storage temperature	-35°C to +50°C
Security measures	Crescendo 3000: – Security against template attacks – Configurable memory encryption – Physical unclonable function (PUF) – Spatial de-correlation of logical functions – Certified isolation of NXP and client code Crescendo 2300: – Module protected against SPA, DPA, Timing. – Fault analysis and induction. – Protection functions include detection of supply voltage, out-of-range frequencies and temperatures, and detection of illegal address or instruction. Crescendo 144K: – Clock frequency, temperature, supply voltage and light sensors. – Single Fault Injection (SFI) attack detection – Differential power analysis DPA protection – Delay and Fault Attack Prevention (DFA)
Material	Composite construction (40% PVC, 60% PET)
Printer compatibility	Direct reverse printing to high-definition DTC or HDP card
Security assessment and certification	Crescendo 3000: Common Criteria EAL 6+, FIDO2 Level 1 Crescendo 2300: Common Criteria EAL 5+m NIST FIPS 140-2 Level 2 NIST FIPS 140-2 Level 2 / FIDO2 Level 1 Crescendo 144K: Common Criteria EAL 5+, FIDO2 Level 1
Guarantee	Crescendo 3000: Lifetime Warranty. Crescendo 2300: 5 Years Crescendo 144K: 5 Years