Smart Card Management
Manages the smart card operation cycle.
Info
For backward compatibility reasons, the system accepts PIN entries with alphanumeric characters. Internally these characters are mapped to a physical PIN, which allows different logical PINs to be interchanged.
- Inspect: displays information specific to the smart card in the reader, including serial number, SCR(Secret Code Ratification) counter, MMPN(Mode Maximum Presentation Number), PIN Lock status, ATR (Answer To Reset) string and others.
-
Change PIN: changes the Server Master Key protection PIN on the card.
The PIN must have 8 (eight) digits (numeric characters [0-9]).
-
Create Server Master Key: creates a new SVMK (Server Master Key).
- Erase: erases existing information on the card, such as SVMK, SVMK Shadow, PINs, etc. and leaves the card in a post-format state.
- Create Partition Auth Set: creates a set of smart cards in M of N scheme to be used for partition authorization.
- Get Label: displays the label (if any) of the card, created during the generation of the set. The PIN must be entered to access the label.
- Copy Set: copies a set of cards with an M of N scheme to another set. The M of N scheme in the two sets can be different.
- Copy Card: makes a physical copy of the card. Both cards must use the same PIN.
Attention
For security reasons, the smart card PIN can only be changed once. Once the PIN has been changed, the memory area of the card containing this information is sealed and can no longer be altered or tampered with.
Check the Initialization item for more information on smart cards.
Dinamo - Local Management Console
┌─────────┤ Smart Card ├──────────┐
│ ◂ │
│ Inspect │
│ Change PIN │
│ Create Server Master Key │
│ Erase │
│ Create Partition Auth Set │
│ Get Label │
│ Copy Set │
│ Copy Card │
└─────────────────────────────────┘
Service running... Replication Domain: <none>The screen below shows an example of the information that can be obtained from a smart card in the Inspect option, such as the card's serial number (CSN), the PIN locking status, whether the card can still have its PIN changed and the smart card's formatting.
Whenever a card is used in the HSM, the event is recorded in the log, along with the serial number and label assigned, which allows for a very detailed level of auditing.
Dinamo - Local Management Console
┌────────────────────────────┤ ├─────────────────────────────┐
│ │
│ ATR : 3B:7A:94:00:00:80:65:A2:01:01:01:3D:72:D6:43 ↑ │
│ CSN : 15C000E3A8171006F00FF0010 ▒ │
│ Family : Gemplus Generic Product ▒ │
│ Card Name : GemXpresso Pro R3.x ▒ │
│ Card OS : OSv09 ▒ │
│ Prog Ver : 01 ▒ │
│ Chip Ver : 38 ▒ │
│ LOCK1 byte : 02 ▒ │
│ LOCK2 byte : 02 ▒ │
│ Card Type : SmOe ▒ │
│ PIN Locked : no (one more PIN change allowed) ░ │
│ PIN SCR : 0 ↓ │
│ │
│ ┌────┐ │
│ │ OK │ │
│ └────┘ │
│ │
│ │
└─────────────────────────────────────────────────────────────┘
Service running... Replication Domain: <none>