Connect One's IP controller targets secure POS terminals transactions - Embedded.com

Connect One’s IP controller targets secure POS terminals transactions

Connect One's iChipSec CO2128 integrates several hardware enhancements to ensure high-throughput by offloading IP and network security protocols from the host processor.

The secure Internet Protocol (IP) communication controller chip is designed to reduce the cost and speeds the design of new IP-enabled point-of-sale (POS) terminals.

The CO2128's tightly integrated ARM7 core processor, RTOS, security and networking protocol stack ensure efficient and secure high-speed transaction processing. For high bandwidth applications like video streaming, the chip's high-speed parallel interface supports 32 Mbps with UDP/IP hardware acceleration.

Data encryption/decryption also is accelerated in hardware, which tremendously reduces SSL3 transaction processing.

iChipSec can act as a router among LAN, Wi-Fi and modem platforms, as it includes a NAT (Network Address Translation) and port forwarding functionality. This allows a payment terminal to serve as an access point or gateway for other terminals connected to it, helping to reduce infrastructure cost and enhance network security.

CO2128 reduces the bill-of-materials to embed secure network connectivity by including a 10/100BaseT Ethernet MAC, which permits manufacturers to save several dollars by connecting to an Ethernet PHY chip instead of a more expensive MAC/PHY.

It also includes USB v.2.0 full-speed host and device interfaces, enabling the use of the newest Wi-Fi chipsets and other USB peripherals. The 128-pin chip also boasts a high-speed parallel bus that delivers over 32- Mbps throughput, allowing next-generation POS terminals to display high-quality video advertisements to the customer at the point-of-sale.

An optional V.32bis soft modem saves terminal manufacturers several dollars by eliminating their current wired modem. This feature ensures backward compatibility with existing PSTN applications and provides an economical dial-up back-up channel for LAN models. New firmware can be loaded into iChipSec's memory in order to activate the soft modem if the terminal cannot connect to the LAN.

iChip's firmware boots and runs from shared or dedicated flash. Shared memory is accessible via UART, parallel, two-wire, or USB interfaces. Dedicated flash can be connected via the external bus interface (EBI) or SPI. Other communication peripherals are accessible via USB, EBI, two-wire, SPI or UART interfaces. The chip includes 256KB of SRAM.

CO2128 supports a wide range of Internet protocols and communication drivers for moving data over 10/100BaseT LANs, 802.11b/g WiFi, cellular and dial-up networks.

It supports up to 10 simultaneous TCP and UDP sockets, permitting the terminal to connect to multiple servers concurrently; two TCP listening sockets that enable it to act as a server; SMTP, POP3, MIME, HTTP, FTP and Telnet clients; and a Web server hosting one Web site for configuring iChipSec and one for the application.

Firmware is provided by Connect One in “flavors” that load from external flash and run from iChipSec's SRAM. The firmware also can be downloaded from the host CPU directly into the SRAM. Each flavor is a unique combination of protocols, communication drivers, and optional features. Connect One will offer several firmware flavors.

The logical interface between the host application and iChipSec is Connect One's AT+i Protocol, a high-level API that enables fast and easy implementation and maintenance of the security and Internet protocols.

AT+i requires no Internet programming expertise on the part of the designer and minimum modification of the host application. AT+i's SerialNET plug-and-play operating mode enables serial-to-Internet full-duplex routing without any changes to the host application.

iChipSec uses the SSL3/TLS1 protocol to support a secure socket or FTP session using RSA Public Key Infrastructure (PKI). Cipher suites used for encryption include 3DES, AES-128/192/256, ARC4, MD5 and SHA-1/256. For Wi-Fi applications, CO2128 also supports WEP and WPA encryption. For additional security, CO2128 includes tamper-protection.

For applications requiring lower cost, Connect One offers the 64-pin CO2064, which does not include an EBI or high-speed parallel bus. CO2128 and CO2064 are packaged in a RoHS-compliant LQFP form factor. The chips operate at 48 MHz in a low-leakage 0.13 micron process. The core operates at 1.2 volts, while I/Os operate at 3.3 volts. Both chips operate in the industrial temperature range.

Samples of iChipSec CO2128 will be available in January for $8.25 and CO2064 for $7.50 for over 50,000 units through distribution. The II-EVB-330 evaluation board for secure LAN, cellular or dial-up access will cost $1,450. The II-EVB-331 evaluation board for secure Wi-Fi, LAN, cellular or dial-up access will cost $1,725.

More information is available at www.connectone.com.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.