Secure access module
A secure access module or secure application module (SAM) is a piece of cryptographic hardware typically used by smart card card readers to perform mutual key authentication.[1] SAMs can be used to manage access in a variety of contexts, such as public transport fare collection and point of sale devices.
Physically, a SAM card can be a SIM card plugged into a SAM slot in a card reader, or a fixed integrated circuit in a housing directly soldered on a printed circuit board. Generally, a reader system consists of a microcontroller and a reader IC to communicate over the RF interface with a contactless smartcard. The microcontroller takes the part of controlling the reader IC functions such as protocol handling, command flow and data interpretation. By integrating a SAM into the reader system, the SAM handles all the key management and cryptography in a secure way. The entire system enables authentication and encryption of the contactless communication between the SAM and host system.
SAMs can be deployed in any of the following applications:
- Generate application keys based on master keys
- Store and secure master keys
- Perform cryptographic functions with smart cards
- Use as a secure encryption device
- Perform mutual authentication
- Generate session keys
- Perform secure messaging
References
- Al-Khouri, Ali M (2013). Critical Insights from a Practitioner Mindset. Chartridge Books Oxford. p. 243. ISBN 9781909287594.