Security Architecture

As well as supporting traditional bureau personalisation, the MULTOS security architecture allows for applications and data to be securely loaded to a MULTOS device in an insecure environment - ideal for instant issuance, mobile payments and post issuance updates. An overview of how this is achieved is as follows:-

  • Each MULTOS device contains a unique RSA key pair, generated and certified by the Key Management Authority. This key pair is securely loaded to the device when it is enabled.
  • The public part of the key  is used by data preparation software, in a secure environment such as a perso bureau, to encipher a packet of data called an Application Load Unit (ALU).
  • The ALU contains the application code and personalised data.
  • Only the target MULTOS device can decipher the ALU.
  • The load process does not require any external cryptographic device and a secure channel is not required as all the cryptographic processing is internal to the MULTOS device itself.

See the documents GALU and Enablement in the Technical Library for more details.