Point-of-Sale Terminals get a secure IP controller - Embedded.com

Point-of-Sale Terminals get a secure IP controller


Connect One is scheduling a January, 2007 release to production of its iChipSec CO2128 secure Internet Protocol (IP) communication controller chip for use in new IP-enabled point-of-sale (POS) terminals.

Incorporating hardware enhancements that ensure high-throughput by offloading IP and network security protocols from the host processor, the new iChip design is built around an ARM7 core processor. It supports high speed video streaming with the use of a parallel interface that supports 32 Mbps with UDP/IP hardware acceleration. Data encryption/decryption also is accelerated in hardware, to reduce SSL3 transaction processing.

According to Alan Singer, Connect One vice president of sales and marketing, iChipSec can act as a router among LAN, WiFi and modem platforms, as it includes a NAT (Network Address Translation) and port forwarding functionality. This allows a payment terminal to serve as an access point or gateway for other terminals connected to it, helping to reduce infrastructure cost and enhance network security.

To reduce the bill-of-material costs related to embedding secure network connectivity, the new IC incorporates a 10/100BaseT Ethernet MAC, which allows system designers to connect to an Ethernet PHY chip instead of a more expensive MAC/PHY.

The CO2128 also includes USB v.2.0 full-speed host and device interfaces, enabling the use of the newest WiFi chipsets and other USB peripherals. The 128-pin chip also boasts a high-speed parallel bus that delivers over 32- Mbps throughput, allowing next-generation POS terminals to display high-quality video advertisements to the customer at the point-of-sale.

An optional V.32bis soft modem allows the elimination of a wired modem in most POS designs, but retaining backward compatibility with existing PSTN connections, which can be used as an alternative dial-up back-up channel for LAN models. New firmware can be loaded into iChipSec's memory in order to activate the soft modem if the terminal cannot connect to the LAN.

iChip's firmware boots and runs from shared or dedicated flash. Shared memory is accessible via UART, parallel, two-wire, or USB interfaces. Dedicated flash can be connected via the external bus interface (EBI) or SPI. Other communication peripherals are accessible via USB, EBI, two-wire, SPI or UART interfaces. The chip includes 256KB of SRAM.

CO2128 supports a wide range of Internet protocols and communication drivers for moving data over 10/100BaseT LANs, 802.11b/g WiFi, cellular and dial-up networks.

It supports up to 10 simultaneous TCP and UDP sockets, permitting the terminal to connect to multiple servers concurrently; two TCP listening sockets that enable it to act as a server; SMTP, POP3, MIME, HTTP, FTP and Telnet clients; and a Web server hosting one Web site for configuring iChipSec and one for the application.

Firmware is provided by Connect One in “flavors” that load from external flash and run from iChipSec's SRAM. The firmware also can be downloaded from the host CPU directly into the SRAM. Each flavor is a unique combination of protocols, communication drivers, and optional features. Connect One will offer several firmware flavors.

The logical interface between the host application and iChipSec is Connect One's AT+i Protocol, a high-level API that enables fast and easy implementation and maintenance of the security and Internet protocols.

iChipSec uses the SSL3/TLS1 protocol to support a secure socket or FTP session using RSA Public Key Infrastructure (PKI). Cipher suites used for encryption include 3DES, AES-128/192/256, ARC4, MD5 and SHA-1/256. For WiFi applications, CO2128 also supports WEP and WPA encryption. For additional security, CO2128 includes tamper-protection.

For applications requiring lower cost, Connect One offers the 64-pin CO2064, which does not include an EBI or high-speed parallel bus. CO2128 and CO2064 are packaged in an RoHS-compliant LQFP form factor. The chips operate at 48MHz in a low-leakage 0.13 micron process. The core operates at 1.2 volts, while I/Os operate at 3.3 volts. Both chips operate in the industrial temperature range.

Samples of iChipSec CO2128 will be available in January for $8.25 and CO2064 for $7.50 for over 50,000 units through distribution. The II-EVB-330 evaluation board for secure LAN, cellular or dial-up access will cost $1,450. The II-EVB-331 evaluation board for secure WiFi, LAN, cellular or dial-up access will cost $1,725.

Connect OnePhoenix, AZ 408-986-9602 www.connectone.com

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.