A secure access module or secure application module (SAM) is a piece of cryptographic hardware typically used by smart card card readers to perform mutual key authentication. SAMs can be used to manage access in a variety of contexts, such as public transport fare collection and point of sale devices.

Physically, a SAM card can be a SIM card plugged into a SAM slot in a card reader, or a fixed integrated circuit in a housing directly soldered on a printed circuit board. Generally, a reader system consists of a microcontroller and a reader IC to communicate over the RF interface with a contactless smartcard. The microcontroller takes the part of controlling the reader IC functions such as protocol handling, command flow and data interpretation. By integrating a SAM into the reader system, the SAM handles all the key management and cryptography in a secure way. The entire system enables authentication and encryption of the contactless communication between the SAM and host system.

SAMs can be deployed in any of the following applications:

• Generate application keys based on master keys
• Store and secure master keys
• Perform cryptographic functions with smart cards
• Use as a secure encryption device
• Perform mutual authentication
• Generate session keys
• Perform secure messaging