STMicroelectronics Unveils New Series of Secure Payment SoCs
ST's new secure payment SoCs aim to increase contactless performance and protection while reducing power demand.
The ST’s STPay-Topaz family of SoCs is designed to be embedded in smartcards. They come pre-loaded with a wide variety of payment applications, all running on certified a JavaCard platform, and meet all required security and payment-scheme certifications.
According to ST, this is the first device in its class manufactured in 40nm Flash technology, and is based on the ST31P450 microcontroller. This secure MCU boasts cyber-protection including the Arm SecurCore SC000 32-bit RISC core, as well as cryptographic accelerators to block even the more advanced forms of cyberattack.
An RF IC embedded in a secure pay card. Image used courtesy of Dom J
STPay-Topaz-1 operates on the Java Card 3.0.5 classic operating system with GlobalPlatform 2.2.1 MG 1.0.1 API support. It offers up to 60 Kbytes of non-volatile memory.
The ST31P450 Microcontroller
The heart of the STPay-Topaz, the ST31P450, is designed for secure ID and banking applications. It incorporates the most up to date ARM processors designed for secure embedded systems. They feature the SecurCore SC000 32-bit RISC core, built on the 55 MHz Cortex M0 core.
The STPay-Topaz is available in the form of sawn wafers or micro-modules. For easy integration into plastic cards, it is also available in contactless or dual-interface configurations along with a variety of industry-standard inlay and antenna technologies.
STPay is available in sawn wafer and different gold and silver micromodules. Image from STMicroelectronics
Included is an RF interface incorporating an RF universal asynchronous receiver (RFUART). This enables contactless communication at speeds up to 848 kbps, compatible with the ISO/IEC 14443 Type A standard. Also offered is a serial communication interface, which is fully compatible with the ISO/IEC 7816-3 standard (T=0, T=1), the standard which deals with "cards with contacts" in the identification card IC portion of ISO/EIC protocols.
Other important features include:
- 10 Kbytes of User RAM
- Up to 450 Kbytes of secure user Flash memory, including 512 bytes of User OTP area
- 25-year data retention
- 500,000 Erase/Write cycle endurance
- Operates from power supplies ranging from 2.7 to 5.5 volts
- Operating temperature range of –25 °C to +85 °C
Getting Secure Products to Market Faster
The STPay ecosystem also includes an array of supporting tools and sample scripts. Developers can also count on support by local ST engineers to aid in script development, validation, and personalization.
The STPay tool is a toolkit that allows issuers and service providers to install and test Java applets and to test STPay-Java sample cards. To accelerate the process of script development, validation, and fast card deployment, it comes with sample personalization scripts for the most important US and global payment schemes.
Secure Pay Applications
The STPay-Topaz units offer support for a wide range of international and domestic payment schemes.
Global schemes include:
- Visa
- Mastercard
- Amex
- Discover
- JCB
- CUP
Domestic schemes include:
- Brazil’s Elo
- India’s RuPay
- Canada’s Interac
- Norway’s BankAxept
- Australia’s eftpos Payments
- Thai Bankers Association
Secure Identification Applications
These RF chips are useful for more than securing banking information. They're also increasingly common for personal identification.
A US passport with an ID chip embedded in the cover. Image (modified) used courtesy of Sean Hobson [CC-BY 2.0]
When transportation applets are required along with a banking applet, the following are available as options:
- MIFARE Classic
- MIFARE Plus
- MIFARE DESFire libraries
- Calypso
Do you design secure pay products? Share your experiences with the community in the comments below.
