ACOS6 SAM - Ideal Solution for Security EnhancementThe ACOS6 Secure Access Module (SAM) is designed as a general cryptogram computation module or as a security authentication module for ACOS contact client cards— ACOS3 and ACOS6, and common contactless client cards—DESFire, DESFire EV1 and Ultralight-C.
The ACOS6 SAM card securely stores cryptographic keys and uses these keys to compute cryptograms for other applications or smart cards. Using this, terminals need not know the master key(s) of an application, whereas the keys never leave the ACOS6 SAM.The ACOS6 SAM card can perform:
Mutual Authentication to guarantee the authenticity of the terminal and the client card
Secure Messaging to ensure data transmission between the card and terminal/server is secured and not susceptible to eavesdropping, replay attack and unauthorized modification
Purse MAC Computation to authenticate and ensure data integrity of data and commands that are transferred into the card and vice versa.
Key Diversification to enable diversified entry of keys without exposing the master key.
Secure Key Injection to ensure the key injection from SAM to client cards for contactless cards with protection of Encryption and Message Authentication Code, besides, key(s) is allowed to be change after injection
One application of how the ACOS6 SAM enhances system security can be seen in e-health transactions, as when a doctor or a patient inserts his or her ACOS3 or ACOS6 smart card into the card reader, which prompts the ACOS6 SAM to use the proprietary information it contains to verify the validity of the card.
- Full 32Kbytes of EEPROM memory for application data
- Compliance with ISO 7816 parts 1, 2, 3, 4; supporting Transparent, Linear fixed, Linear Variable, Cyclic structures and supporting the T = 0 direct protocol
- Supports ACOS3/ ACOS6/ DESFire/ DESFire EV1/ Ultralight-C:
- Secure Access Module (SAM) pairing
- Key storage and operation including Mutual authentication, Encrypted PIN submission, Secure messaging, E-Purse commands
- High-speed transmission possible (9.6 to 223.2 kbps) with modifiable ATR
- DES/ 3DES/ 3KDES/ AES-128 and MAC/ENC/CMAC capabilities
- Multilevel secured access hierarchy
- Anti-tearing is done on file headers and PIN commands
- Customer Loyalty
- Multiple e-Purse
- Electronic Government Project
- Secure Access Module
- Hardward Encryption Engine