Access Control is Moving to Public Keys. Your Physical Credential Should Too.
LEAF Verified brings modern cryptographic security to physical credentials, built on NXP's MIFARE DUOX® technology. The same public key foundation as Aliro™, with no shared secrets and no vendor lock-in. Designed for scale and open to everyone. No LEAF membership required.
Public Keys in 10 Seconds
Three everyday analogies that explain everything on this page
The Master Key
One key opens every lock. Compromise cascades to all.
The Personal Key
Each credential, its own key. One lost badge, one revocation.
The Registered Key
Stamped genuine at the factory. Can't be copied. Can't be faked.
See How LEAF Verified Works for You
Select your role to see what matters most
Integrate Once, Support Every LEAF Verified Credential
LEAF Verified is built on open standards: ISO 14443, ISO 7816-4, and X.509 PKI. No proprietary middleware, no vendor-specific APIs. Your platform verifies every LEAF Verified credential with the same integration.
Retrieve credentials via API calls into your platform, enable QR code scans for fast downloads, or use NDEF tap-to-phone redirect. A single manifest system that adapts to your workflow.
Every credential supports NFC Data Exchange with a configurable dynamic URL redirect, providing the foundation for you to build custom enrollment, provisioning, and onboarding workflows within your platform.
Every LEAF Verified credential uses the same certificate structure and verification flow. No per-vendor integration work.
{
"order_id": "o-Xk82mRvP",
"total_credentials": 500,
"credentials": [
{
"printed_id": "40928354012",
"open_id": "240100020406",
"serial_number": "04107C8AA22390"
},
{
"printed_id": "40928354087",
"open_id": "240100020588",
"serial_number": "040E7D8A22390"
}
]
}One Crypto Stack. Two Credential Types. Total Coverage.
The cryptographic building blocks required to support LEAF Verified are the same ones required for Aliro. Supporting both means implementing one crypto stack, not two. Open-source documentation makes integration straightforward.
Device onboarding documentation and reference implementations, publicly available with no NDA required.
LEAF Verified uses the same elliptic curve cryptography as Aliro. While Aliro requires mutual authentication (a fundamentally different protocol), the shared ECC P-256 foundation means less net-new cryptographic work on your roadmap.
Shape the credential roadmap alongside other industry leaders. Your input drives what comes next.
Built on open standards (ISO 14443, ISO 7816-4, X.509 PKI) with no vendor-specific software required. Everything you need is included with the credential.
// Verify a LEAF Verified credential
leaf_status_t status = leaf_verify_credential(
reader_ctx,
credential->certificate,
credential->open_id,
LEAF_CURVE_P256
);
if (status == LEAF_OK) {
grant_access(door_id);
}Install Readers Like Light Switches. No Key Ceremonies Required.
With LEAF Verified, you never distribute secret keys to readers. No SAM cards. No key ceremonies. No site visits to rotate keys. Every credential carries its own certificate, and the reader verifies it cryptographically on the spot.
Credential Manifest enables bulk digital enrollment. What used to take manual card-by-card entry becomes a single import.
No vendor-specific profiles to load, no config apps to manage, no per-project device setup. Readers work out of the box with any LEAF Verified credential.
Works across any LEAF Verified-compatible reader. Choose your hardware without being locked to a single credential vendor.
Own Your Security. Not Your Vendor's Ecosystem.
LEAF Verified is built on open standards, using the same modern public key cryptography found in online banking and Aliro. Your credentials work across any compatible device from any manufacturer. No proprietary lock-in. No vendor dependency.
Most access control deployments stay installed for over a decade. LEAF Verified is built on the same foundation as Aliro, so the credential you choose today stays relevant for the life of the system.
Every credential is cryptographically unique and verified at the factory. Lose one, deactivate one. Your fleet stays secure.
Every credential includes NFC tap-to-phone, giving your access control software provider the capability to build self-service enrollment and onboarding workflows with a single tap.
LEAF Verified and Aliro: Two Pillars of the Public Key Future
LEAF Verified and Aliro aren't competing. They're the two halves of the industry's transition from symmetric to public key.
LEAF Verified
Physical Credentials- Cards, fobs
- Passive credentials with tap-to-phone
Aliro
Digital Credentials- Smartphones, smartwatches, wallets
- Connected devices with OTA provisioning
Frequently Asked Questions
Quick answers to the questions we hear most
LEAF Verified is a physical access credential built on NXP's MIFARE DUOX chip, the first MIFARE IC to support public key cryptography. It uses ECC P-256 to authenticate on the spot, with no shared secrets, backend calls, or key distribution required. It is a turnkey, ready-to-deploy product, not just a chip.
MIFARE DUOX is NXP's contactless IC technology: the silicon. It provides powerful cryptographic capability but, on its own, has no application, identity, or ecosystem. LEAF Verified is what DUOX becomes when it is securely provisioned through a direct partnership between NXP and LEAF, starting at the wafer level. Think of DUOX as the raw material and LEAF Verified as the finished, deployable product.
Every credential carries a guaranteed unique 12-digit Open ID and a LEAF Certificate that enables any compatible reader to cryptographically verify authenticity. Authentication happens on the spot using public-key cryptography. No shared secrets are ever exchanged.
No. LEAF Verified is built on open standards (ISO 14443, ISO 7816-4, and X.509 PKI) using the same ECC P-256 cryptography as Aliro. Integration documentation is being open-sourced so any reader manufacturer can add support, and the LEAF Community's Product Committee governs the credential's evolution.
No. They solve different problems for different form factors. LEAF Verified is a physical credential product for passive media like cards and fobs. Aliro is a protocol for connected digital devices like smartphones and smartwatches. They share the same cryptographic foundation (ECC P-256) and are designed to complement each other.
Both. A modern deployment uses physical badges and mobile credentials together. Physical badges work without batteries or network connectivity; mobile credentials offer dynamic provisioning and remote revocation. LEAF Verified covers physical credentials, Aliro covers digital. Together they provide complete coverage on a single public-key foundation.
While you can buy raw chips, a blank DUOX chip is just a component with no identity, no certificate, and no ecosystem. LEAF Verified delivers a turnkey, ready-to-deploy product with wafer-level provisioning, PKI infrastructure, enrollment tooling, and ecosystem support. Building this from scratch would require developing your own PKI, encoding pipelines, API integrations, and ongoing lifecycle management.
No. LEAF Verified is available now and addresses the physical credential use case that Aliro does not cover. Deploying LEAF Verified today means deploying on the same public-key foundation Aliro is built on. Your physical credentials are future-aligned from day one.
Technical Specifications
The details engineers look for before booking a demo