Smart Card Management

Manages the smart card operation cycle.

Info

For backward compatibility reasons, the system accepts PIN entries with alphanumeric characters. Internally these characters are mapped to a physical PIN, which allows different logical PINs to be interchanged.

Inspect: displays information specific to the smart card in the reader, including serial number, SCR(Secret Code Ratification) counter, MMPN(Mode Maximum Presentation Number), PIN Lock status, ATR (Answer To Reset) string and others.
Change PIN: changes the Server Master Key protection PIN on the card.

The PIN must have 8 (eight) digits (numeric characters [0-9]).
Create Server Master Key: creates a new SVMK (Server Master Key).
Erase: erases existing information on the card, such as SVMK, SVMK Shadow, PINs, etc. and leaves the card in a post-format state.
Create Partition Auth Set: creates a set of smart cards in M of N scheme to be used for partition authorization.
Get Label: displays the label (if any) of the card, created during the generation of the set. The PIN must be entered to access the label.
Copy Set: copies a set of cards with an M of N scheme to another set. The M of N scheme in the two sets can be different.
Copy Card: makes a physical copy of the card. Both cards must use the same PIN.

Attention

For security reasons, the smart card PIN can only be changed once. Once the PIN has been changed, the memory area of the card containing this information is sealed and can no longer be altered or tampered with.

Check the Initialization item for more information on smart cards.

The screen below shows an example of the information that can be obtained from a smart card in the Inspect option, such as the card's serial number (CSN), the PIN locking status, whether the card can still have its PIN changed and the smart card's formatting.

Whenever a card is used in the HSM, the event is recorded in the log, along with the serial number and label assigned, which allows for a very detailed level of auditing.