Call to Customize and Purchase +1.949.380.1312
- Secure Access Module Compatibility
- Cryptographic Features
ACOS6-SAM Secure Access Module
Description
The ACOS6-SAM Secure Access Module (SAM) is designed as a general cryptogram computation module or as a security authentication module for ACOS contact client cards – ACOS3, ACOS6, ACOS7 and ACOS10, and common contactless client cards – MIFARE DESFire, DESFire EV1, Ultralight-C and Mifare Plus.
ACOS6S is a Security Access Module (SAM) specifically designed for use in mutual authentication, secure messaging and key diversification.
The SAM card securely stores cryptographic keys and uses these keys to inject keys or to compute cryptograms for other applications or smart cards. Both the master keys and diversified keys are securely stored in the card and never leave the card, enhancing the security of the system. These features ensure the ultimate security of a payment system such as e-Purse as well as Identification Systems.
The ACOS6-SAM card can perform:
- Mutual Authentication: To guarantee the authenticity of the terminal and the client card
- Secure Messaging: To ensure that the data transmission between the card and terminal/server is secured and not susceptible to eavesdropping, replay attack and unauthorized modification
- Purse MAC Computation: To authenticate and ensure data integrity of data and commands that are transferred into the card and vice versa
- Key Diversification: To enable diversified entry of keys without exposing the master key
- Secure Key Injection: To ensure the key injection from SAM to client cards for contactless cards with protection of Encryption and Message Authentication Code, besides, key(s) may be changed after injection
e-Purse Application for a Merchant
Card Issuance and Card Usage
- During the Card Issuance Stage, the ACOS6-SAM is used to store Diversified Keys when initializing client cards (ACOS3/ACOS6) for a Payment/e-Purse Application.
- The customer receives the card, and tops up the card in a kiosk (e.g. an ACR900 device). The client card (ACOS3/ACOS6) is authenticated by the terminal and vice versa. This process is called mutual authentication, and is made possible by the ACOS6-SAM card inside the terminal.
- Customer purchases items using the card and a merchant’s PIN-pad terminal.
- Mutual Authentication is once again performed and a session key is also generated as proof of the transaction. This is possible because of the ACOS6-SAM card stored in the PIN-pad terminal.
Available ACOS6 SDK
The ACOS6 Multi-Application & Purse Smart Card Software Development Kit (ACOS6-SDK) is designed for professional developers who are interested in developing applications on ACOS6 and ACOS6-SAM. It contains tools allowing one to learn the ISO7816-4’s file structure on ACOS6, as well as a personalization scripting tool, the Scripting Tool Plus, enabling one to personalize a smart card. Further, development of applications is facilitated through the unique ACS Card Tool, which allows users to send direct commands to any PC/SC-compliant smart card readers and cards. With these useful tools and a user-friendly interface, the development kit can reduce the time and cost that users invest into R&D and Marketing.
Features
ACOS6-SAM Features
- Full 64KB of EEPROM memory for application data
- Supports high-speed transmission rate from 9.6 to 223.2 kbps
- Protocol T=0
- Compliance with ISO 7816 Parts 1, 2, 3, and 4:
- Transparent
- Linear fixed
- Linear variable
- Cyclic
- Strong Cryptographic Capabilities: DES/3DES/Secure Messaging with MAC
- Has multiple secure e-Purse available for payment applications
- Supports multi-level secured access hierarchy
- Anti-tearing done on file headers and PIN commands
- Initialize client card (e.g., ACOS3/ ACOS6) with diversified keys based on the card’s serial number
- 100,000 write/erase cycles
Cryptographic Capabilities
- AES: 128/192/256-bits (ECB, CBC)
- DES/3DES: 56/112/168-bits (ECB, CBC)
- Random Number Generation: FIPS 140-2 compliant hardware based RNG
File Security
- Session key based on random numbers
- Key pair for mutual authentication
- Secure Messaging function for confidential and authenticated data transfers (e.g., ACOS3/ACOS6)
- Stores and performs all key operations for mutual authentication, encrypted PIN submission, secure messaging, and e-Purse commands
- Multilevel secured access hierarchy
- Anti-tearing capability
Certifications / Compliance
- ISO 7816 – 1/2/3 (T=0 Only)
- CC EAL5+ (chip level)
Customization
- Color Printing
- SIM form factor 2FF and 3FF
- 6-Pin Module form factor
- PVC/PET/PC/ABS
- Hi-co/Lo-co Magnetic Stripe
- Signature Panel/Barcode
Secure Access Module Compatibility
- ACOS3
- ACOS6
- ACOS7
- ACOS10
- MIFARE Ultralight® C
- MIFARE® DESFire®
- MIFARE® DESFire® EV1
- MIFARE® DESFire® EV2
- MIFARE® DESFire® Light
- MIFARE Plus®
Applications
- e-Government
- e-Healthcare
- Access Control
- Network Security (Logical Access)
- e-Purse & Loyalty
- Banking & Payment
- Transportation
ACOS6-SAM Card Product SheetSpecifications
ACOS6-SAM Secure Access Module |
|
| Memory |
|
| Communication Protocol |
|
| Electrical |
|
| Cryptographic |
|
| Random Number Generation | FIPS 140-2 compliant RNG |
| File Security |
|
| Compliance |
|
| Environmental |
|
| Card Life Cycle States |
|
| Client Supported Cards |
|
| Dimensions | SIM Size PC/SC: 25.00 x 15.00 x 0.76mm (0.984 × 0.591 × 0.591in) |
| Manufacturer | Advanced Card Systems (ACS) |
| Part Numbers | ACOS6S-B, ACOS6S-C, ACOS6-SAM |
| Warranty | 1 Year Limited Warranty |
