ACOS6 Secure Access Module (SAM) is designed to be used as a general cryptogram computation module or as the security authentication module for ACOS3 and ACOS6 client cards.
The ACOS6 SAM card securely stores cryptographic keys and use these keys to compute cryptograms for other applications or smart cards. Using this, terminals need not know the master key(s) of an application and the keys never leave the ACOS6 SAM.
The SAM card can perform –
- Mutual Authentication to guarantee the terminal and the client card to be real
- Secure Messaging to ensure data transmission between the card and terminal/server is secured and not susceptible to eavesdropping, replay attack and unauthorized modification
- Purse MAC Computation allows data and command that is transferred into the card and vise versa to be authenticated and data integrity.
- Key Diversification to inject diversify key securely without exposing the master key.
For example, when a doctor or patient inserts his/her ACOS3/ACOS6 smart card into the card reader, the ACOS6-SAM uses the proprietary information it contains to verify if the card is valid. The system security would hence be greatly enhanced.
ACOS6 SAM Standard Features
- Compliance with ISO 7816 Parts 1,2,3,4
- High baud rate switchable from 9600 to 14,400, 28,800, 57,600, 115,200 and 223,200 bps.
- Full 64 K of EEPROM memory for application data.
- Supports ISO7816 Part 4 file structures: Transparent, Linear fixed, Linear Variable, Cyclic.
- DES / Triple DES capability
- Mutual authentication with session key generation.
- Secure Access Module pairs with ACOS3/ACOS6.
- Stores and performs all key operations on ACOS3/ACOS6 including mutual authentication, encrypted PIN submission, secure messaging, and ePurse commands
- Multilevel secured access hierarchy
- Anti-tearing done on file headers and PIN commands.
- Customer Loyalty
- Multiple e-Purse
- Electronic Government Project
- Secure Access Module
- Hardward Encryption Engine