Advertisement

Crypto controller platforms enhance security for contactless transactions

Infineon’s new crypto controller platforms offer enhanced security and greater flexibility for contactless and hygienic transactions.

As demand increases for contactless and hygienic transactions and payments, driven in part by the Covid-19 pandemic, there also is a growing need for enhanced security and greater flexibility to keep up with changing requirements. Infineon Technologies AG has unveiled its 40-nm SLC36/SLC37 security controller platforms for contactless transactions, based on its energy-efficient 32-bit ARM SecurCore SC300 dual-interface security chips with up to 512 KB Solid Flash memory. Featuring enhanced security and development flexibility, these crypto controller platforms are available in a range of dual interface and contactless modules to meet a variety of applications.

Infineon 40-nm SLC3x products for the crypto controller platforms

(Image: Infineon)

Based on the ARM SecurCore SC300 architecture, the 40-nm family covers the full range of the chips, from the smallest to the most powerful chip. It is designed to support different payment and ID applications with varying solution and memory requirements. The 40-nm platform also is the foundation for the next generation of SECORA solutions for payment and ID.

The crypto controller platforms are designed for contactless payment, ID, ticketing, and access applications, including wearables payments, and support multiple standards such as GlobalPlatform, Calypso, Cipurse, and the latest Java Card specifications. They also are in compliance with ISO14443 Type A/B & ISO18092 (NFC) for contactless interfaces and ISO7816 for contact-based interfaces and are EMVco and CC EAL 6+ certified. In addition, the platforms  are designed for global markets and support specific regional market requirements.

For advanced security, the platform is in compliance with the latest cryptological requirements for ECC and AES. It provides certified software libraries for symmetrical cryptography with AES and DES and asymmetrical cryptography with RSA and ECC libraries. In addition, the chips deliver enhanced security with the AIS 20/31-compliant hybrid random number generator, which features built-in cryptographic post-processing. The 40-nm SLC3x 32-bit Arm SecurCore SC300 architecture also is enhanced with Infineon’s secure cache for optimized code execution.

The platform also includes certified NVM technology including cryptographic protection with integral encryption of RAM and NVM and Instruction Stream Signature (ISS) for execution integrity.

Moving from analog to digital security on its hardware to make the platforms more robust, Infineon’s digital security concept and third generation Solid Flash technology support all contactless protocols, which makes this family unique in the industry, according to Oliver Manahan, director of business development, Payment & Ticketing Solutions, Infineon Americas.

Infineon 40-nm SLC3x crypto controller platforms applications

(Image: Infineon)

In addition to enhanced security features, one of the most important parameters of contactless transactions is speed of the transaction. The SLC36/SLC37 security controller platforms offers the highest performance for 40-nm products with internal clock frequencies of up to 100 MHz, said Infineon, which is particularly important for short transaction times.

The speed of a contactless transaction is important, said Manahan. But not all transactions are equal.

The real speed concern might not be at the CVS Pharmacy where it takes one-quarter or one-third of a second for the transaction, he said. But where it does become important, for example, is at the New York City MTA, which is opening up their payments to not just the MetroCard, but to all of the major payment networks, he added. “If you have a transaction that takes too long at a turnstile, an extra one-tenth or two-tenths of a second, that’s noticeable and not really a great use case.”

Manahan said Infineon’s new generation of platforms speed up contactless transactions across all of the payment, transport, ticketing, ID, and access applications thanks in part to the faster clocking speed.

Typically, the faster the clock speed the better the performance but that’s only part of the answer because it’s also how optimized and well written your cryptographic libraries are, he said. “We have several for these platforms – symmetric AES and DES and on the asymmetric side both RSA and ECC.”

“The better and more optimized those libraries are there is also an incremental boost in performance along with the clock speed,” he said. “You can have a high clock speed with fairly inefficient code and libraries and you wouldn’t get much of a performance boost. If you’ve got an increased clock speed with optimized code and good cryptographic libraries then you really see a good improvement.”

Infineon’s 40-nm SLC3x platform delivers 30% or higher speed improvement for contactless payment transactions, which can now achieve speeds of less than 200 ms even in scenarios with low reader field strength and in combination with small antenna designs, said Manahan.

Greater development flexibility

One of the key features of the platforms is its configurability. Infineon can supply the solution as a pre-configured module or a bare wafer, which allows customers to load their own software, including their operating system (OS) and applications, thus speeding up their time to market.

There are a couple of things that make this platform different from other solutions and one of those things is making it more configurable for the end user, which is typically the card vendor for Infineon, Manahan said. “If they don’t want to load the operating system and application themselves, we can do it, which is historically the model we use, but if they have their own OS and applets whether supplied by us or a third party, they can do it at their facility.”

By giving customers the option to load the software bundle [OS and applications such as for payment, ticketing, or ID] themselves, they have some flexibility with the applications they put on the card, but also the flexibility to add the latest applications, while shaving three to four weeks from the process, he said.

Infineon also noted there is an easy software migration path from the 65-nm SLC32 platform with fast approval and short lead times.

The 40-nm SLC36/SLC37 controller-based crypto platforms are available now with certificates from EMVCo and BSI for CC.

Advertisement



Learn more about Infineon Technologies

Leave a Reply