AT88SC102 Card

AT88SC102

Features
• 1K X 1 Serial EEPROM with Security Logic
• Two Application Zones
• Stores and Validates Security Codes
• Maximum of Eight Incorrect Security Code Attempts
• Provides Transport Code Security
• Low Voltage Operation: 2.7V to 5.5V
• Manufactured using Low Power CMOS Technology
• Supports ISO/IEC 7816-3 Synchronous Protocol
• VPP Internally Generated
• 2 μs Read Access Time; 2 ms Write Cycle Time
• Temperature Range from -40°C to 85°C
• ESD Protection 4,000V Minimum.
• High Reliability:
100,000 Program/Erase Cycles Guaranteed
Data Retention of 10 years

The AT88SC102 device is a low-cost, synchronous, secure memory integrated circuit, designed for use in prepaid and loyalty smart card applications. The AT88SC102 provides 1024 bits of serial Electrically Erasable and Programmable Read Only Memory (EEPROM) within two Application Zones, plus 64 bits in a code protected zone. Additional EEPROM memory and security logic provide security for smart card applications. Space is provided in the EEPROM memory for manufacturing records for both the smart card manufacturer and card issuer. After personalization, these records, and the state of the bit which enables the Erase Counter function, are locked and protected from modification for the lifetime of the product.

AT88SC102, 1K EEPROM Security Logic with Two Application Zones

Terminology
The following terms have specific definitions for the AT88SC102.

ERASE: A program operation which results in an EEPROM data bit being set to a logic “1” state. Outside the Application Zones, all erase operations are performed on 16-bit words. An erase operation performed on any bit within a word will execute an erase of the entire word. Inside the Application Zones, erase operations are controlled by the SV Flag, EZ passwords and the EC2EN fuse. These operations are defined in the “Device Operation” section of the data sheet.

WRITE: A program operation which results in an EEPROM bit, or word being set to a logic “0” state. An unwritten bit is defined as erased, or set to a logic “1” state. Write operations in the AT88SC102 may be performed on individual bits after security code validation. In Security Level 2, write operations also require that the P1 or P2 bit within the Application Zone is set to “1”.

Security Features
The Security Features of Atmel’s AT88SC102 include:
• Data access only after validation of the Security Code.
• Permanent invalidation of the device after eight consecutive false Security Code presentations.
• Read/Write protection of certain memory zones.                                                                            

• Secure transport of devices using transport code compare sequence.
• Unique customer identification number written and locked into every device for protection against
duplication or counterfeiting.

Security Levels and Memory Access to AT88SC102
Access to the memory is controlled by the state of the Issuer Fuse and by the voltage supply applied on the FUS pad.

Level 1: (Security During Personalization)
Conditions:
ISSUER FUSE = “1” (not blown)
FUS PIN = “1” (required)
AT88SC102 die and modules are delivered with the Issuer Fuse intact (unblown). Issuer personalization is completed at this level. Security Code validation is required to allow access to personalize the EEPROM memory. The FUS PIN must be held at a logic “1” for Security Level 1. The function of the FUS PIN enables the card issuer to simulate Security Level 2 during application development, without permanently blowing the Issuer fuse.
See “Memory Access Rules During Personalization”.

Level 2: (Security After Personalization)
Conditions:
ISSUER FUSE = “0” (blown)
FUS PIN = “X” (don’t care)
Customer release. The EEPROM memory zone is protected by the various flags and passwords. After issuer personalization, Security Level 2 is implemented by blowing the Issuer Fuse. The device can also be placed in Security Level 2 by taking FUS pin low, independent of the state of Issuer Fuse.
See “Memory Access Rules After Personalization”.

AT88SC102, 1K EEPROM Security Logic with Two Application Zones

Memory Map      
AT88SC102 Memory Diagram    
Bit Address Description Bits Words
0 – 15 Fabrication Zone (FZ) 16 Bits 1 Words
16 – 79 Issuer Zone (IZ) 64 Bits 4 Words
80 – 95 Security Code (SC) 16 Bits 1 Words
96 – 111 Security Code Attempts counter (SCAC) 16 Bits 1 Words
112 – 175 Code Protected Zone (CPZ) 64 Bits 4 Words
176 – 687 Application Zone 1 (AZ1) 512 Bits 32 Words
688 – 735 Application Zone 1 Erase Key (EZ1) 48 Bits 3 Words
736 – 1247 Application Zone 2 (AZ2) 512 Bits 32 Wordss
1248 – 1279 Application Zone 2 Erase Key (EZ2) 32 Bits 2 Words
1280 – 1407 Application Zone 2 Erase Counter (EC2) 128 Bits 8 Words
1408 – 1423 Memory Test Zone (MTZ) 16 Bits 1 Words
1424 – 1439 Manufacturer’s Zone (MFZ) 16 Bits 1 Words
1440 – 1455 Block Write/Erase 16 Bits 1 Words
1456 – 1471 MANUFACTURER’S FUSE 16 Bits 1 Words
1529 EC2EN FUSE (Controls use of EC2) 1 Bits  
1552 – 1567 ISSUER FUSE 16 Bits 1 Words

AT88SC102, 1K EEPROM Security Logic with Two Application Zones

Memory Zones  
Zone Definition
Fabrication Zone
FZ (16 bits)
The 16-bit Fabrication Zone is programmed when the chip is manufactured and cannot be changed.
The data held in the Fabrication Zone is specific to each Atmel customer, and cannot be modified.
Application software may check this Fabrication Zone Code to assure that the device was
manufactured by Atmel specifically for the intended application. Devices containing codes assigned to
specific customers will not be sold to unauthorized customers. Fraudulent cards will not contain the
correct code.
Issuer Zone
IZ (64 bits)
The 64-bit Issuer Zone is programmed by the card issuer during the personalization phase. It will
contain issuer-specific information, such as serial numbers and dates. This area becomes read-only
after the ISSUER FUSE has been blown. Read access is always allowed in the Issuer Zone.
Security Code
SC (16 bits)
The card Security Code is initially set by Atmel, to protect the card during transportation to the card
issuer. During personalization, this code must be verified by the AT88SC102 to allow access to the
EEPROM memory. After the Security Code has been verified, the code itself may be changed in either
security mode. While in personalization mode (Security Level 1), the Security Code gives ERASE and
WRITE access to both the Application Zones and the Code Protected Zone. In Security Level 2, the
Security Code gives WRITE access to both the Application Zones and the Code Protected Zone.
ERASE access requires verification of both the Security Code and the Erase Key (EZ1 or EZ2).
Verification of the Security Code will set the internal flag SV to “1”. Atmel ships the device with a
Security Code (transportation code) pre-programmed. This protects against the unauthorized use of
an unpersonalized device, and should be written to a new value during initialization.
Security Code Attempts
Counter SCAC (16 bits)
The protocol for verification of the Security Code requires that the user write one of the first eight bits
of the SCAC to a logic “0”. This allows the SCAC to count the number of consecutive incorrect
presentations of the Security Code. After eight consecutive incorrect Security Code presentations, the
first eight bits of the SCAC will all be written to “0”, and the user is permanently blocked from access to
the Application Zones, as well as other areas controlled by the Security Code. After a successful
presentation of the Security Code, the entire 16-bit SCAC, including the eight active bits, should be
erased. This verifies that the correct Security Code has been presented, since an erase operation in
this area is not allowed without SC verification. It also clears the SCAC bits in preparation for the next
use of the card. This erase operation will also clear the remaining eight bits of the 16-bit SCAC word.
These eight bits may be used in an application, although the entire 16-bit word will be erased if any bit
in the SCAC is erased.
Code Protected Zone
CPZ (64 bits)
READ access to this area is always allowed, and does not require SC validation. The Security Code
must be correctly presented to allow WRITE or ERASE access to the Code Protected Zone.
Application Zones 1 and 2
AZ1 and AZ2
(512 bits each)
The Application Zones (AZ1 and AZ2) are intended to hold user application data. P1 (address 176)
controls WRITE access, and R1 (address 177) controls READ access within AZ1. P2 (address 736)
controls WRITE access and R2 (address 737) controls READ access within AZ2. In Security Level 1,
an entire 16-bit word will be erased if an erase is performed on any single bit within that word. In
Security Level 2, erase operations are controlled by both the SV flag and the Erase Keys (EZ1 and
EZ2). See the Device Operation ERASE definition for specific details. The number of erase operations
performed in AZ2 may be limited by leaving the EC2EN Fuse set to “1”. The AT88SC102 allows
unlimited erase operations of AZ1.
Application Zone
Erase Keys
EZ1 (48 bits)
EZ2 (32 bits)
(Enabled in Security Level 2 only.) The Erase Keys are passwords used to control ERASE operations
within the Application Zones, after the Issuer Fuse has been blown (Security Level 2). The Erase Key
passwords are written by the Issuer during personalization (Security Level 1), after verification of the
Security Code. EZ1 and EZ2 can not be changed after the Issuer Fuse is blown. In Security Level 2,
the AT88SC102 allows only block erasure of an entire Application Zone. AZ1 can be erased only after
both the Security Code and the EZ1 password have been validated. Verification of EZ1 will set the
internal flag E1 to “1”. AZ2 can be erased only after both the Security Code and the EZ2 password
have been validated. Verification of EZ1 will set the internal flag E1 to “1”. Verification of EZ2 will set
the internal flag E2 to “1”.
Application Zone 2
Erase Counter EC2
(128 bits)
(Enabled in Security Level 2 only) The Application Zone 2 Erase Counter (EC2) is enabled only in
Security Mode 2 and only when the EC2EN fuse is set to “1”. If both of these conditions are true, the
user will be limited to 128 erase operations in Application Zone 2. EC2 is used to count these erase
cycles. The erase protocol for the AT88SC102 Application Zone 2 requires one bit in EC2 to be written
to “0”. After 128 erase operations, all 128 bits in EC2 will be “0” and the user will be blocked from
erasing AZ2. The Erase Counter is only writeable and cannot be erased. When the EC2EN fuse = “0”,
the EC2 operation is disabled. In that case there is no limit to the number of times AZ2 can be erased,
and EC2 has no function.
Memory Test Zone
MTZ (16 bits)
All operations are allowed for this zone (WRITE, ERASE, READ). The purpose of this zone is to
provide an area in the product memory which is not restricted by security logic. It is used for testing
purposes during the manufacturing process, and may also be used in the product application if
desired, although no security protection exists for the MTZ.
Manufacturer’s Zone
MFZ (16 bits)
The MFZ is intended to hold data specific to the smart card manufacturer (like assembly lot codes,
dates, etc.). Read operations within this zone are always allowed. Write or Erase operations within this
zone are allowed after the Security Code has been verified. After the data is entered by the Card
Manufacturer, the Manufacturer’s Fuse can be blown and the data within the MFZ will become readonly.
Blowing the Issuer Fuse will also lock the data in the MFZ.
EC2EN Fuse
(1 bit)
This single bit EEPROM fuse selects whether the EC2 counter is used to limit the number of AZ2
erase operations in Security Mode 2. If the EC2EN Fuse is unblown (“1”), the number of erase
operations allowed in AZ2 is limited to 128. If the EC2EN Fuse is blown (“0”), there is no limit to the
number of erase operations in AZ2. After the Issuer Fuse is blown, the state of the EC2EN Fuse is
locked and cannot be changed.
Issuer Fuse
(16 bits)
This EEPROM fuse is used to change the security mode of the AT88SC102 from Security Mode 1
(“1”) to Security Mode 2 (“0”). Initialization of the AT88SC102 for use by the end customer occurs in
Security Mode 1. Access conditions in Security Mode 1 are described in Table 1. Access conditions in
Security Mode 2 are described in Table 2.
Manufacturer’s Fuse
(1 bit)
This single bit EEPROM fuse is used to lock the data stored in the Manufacturer’s Zone after
personalization has been completed.

AT88SC102, 1K EEPROM Security Logic with Two Application Zones

Definition of AT88SC102 Internal Flags
Zone Definition
SV Security Validation Flag
OPERATION:
The SV flag is set by correctly matching the 16-bit Security Code bit-by-bit from address 80 through 95, as CLK
increments the address counter. The security code matching operation must be followed immediately by a validation
operation within the Security Code Attempts Counter (SCAC). This validation operation requires the user to find a bit
in the first eight bits of the SCAC (addresses 96 – 103) which is a logic “1”. A WRITE operation is performed, followed
by an ERASE. The AT88SC102 will validate that the comparison was correct by outputting a logic “1”, and SV will be
set. After the ERASE, all 16 bits in the SCAC will also be erased. The SV flag remains set until power to the card is
turned off. If the comparison was in error, or part of the validation was not performed correctly, the AT88SC102 will
output a logic “0”, showing that the SV flag has not been set. After eight consecutive incorrect Security Code
presentations, the card is permanently locked.
FUNCTION:
This flag is the master protection for the memory zones. See Tables 1 and 2.
P1 Application Zone 1 Write Flag
OPERATION:
If bit 176 has been programmed to a logic “1” this flag is set after bit 176 has been addressed. The flag remains set
until power to the device is turned off, even if this bit is written to “0” by a subsequent operation.
FUNCTION:
P1 and SV must both be set in order to enable a WRITE command in the Application Zone (Security Mode 2).
R1 Application Zone 1 Read Flag
OPERATION:
If bit 177 has been programmed to a logic “1” this flag is set after bit 177 has been addressed. The flag remains set
until power to the device is turned off, even if this bit is written to “0” by a subsequent operation.
FUNCTION:
R1 or SV must be set in order to enable Application Zone 1 to be read.
P2 Application Zone 2 Write Flag
OPERATION:
If bit 736 has been programmed to a logic “1” this flag is set after bit 736 has been addressed. The flag remains set
until power to the device is turned off, even if this bit is written to “0” by a subsequent operation.
FUNCTION:
P2 and SV must both be set in order to enable a WRITE command in Application Zone 2 (Security Mode 2).
R2 Application Zone 2 Read Flag
OPERATION:
If bit 737 has been programmed to a logic “1” this flag is set after bit 737 has been addressed. The flag remains set
until power to the device is turned off, even if this bit is written to “0” by a subsequent operation.
FUNCTION:
R2 or SV must be set in order to enable Application Zone 2 to be read.
E1 Application Zone 1 Erase Flag
OPERATION:
The E1 Flag is set by correctly matching the Application Zone 1 Erase Key (EZ1) bit by bit as pin CLK increments the
address counter. To complete an ERASE operation of AZ1 in Security Level 2, an ERASE operation must be
performed on bit 736 after E1 is set. The E1 Flag is reset when the address counter = 0.
FUNCTION:
Application Zone 1 (bits 176 – 687) will be erased when E1 is set and an ERASE is performed on bit 736. This
operation erases all bits in Application Zone 1. There is no limit to the number of erase operations which can be
performed on AZ1.
E2
EC Enabled
Application Zone 2 Erase Flag with Erase Counter operation enabled. (EC2EN FUSE = “1”)
OPERATION:
This flag is set by correctly matching the Application Zone 2 Erase Key (EZ2) bit by bit as pin CLK increments the
address counter. Then a validation operation must be completed. This operation requires the user to find a bit in
Application Zone 2 Erase Counter (EC2), addresses 1280 – 1407, which is a logic “1”. A WRITE must then be
performed, followed by an ERASE. The AT88SC102 will validate that the comparison was correct and Application
Zone 2 will be erased. This flag is also reset when the address counter = 0.
FUNCTION:
Application Zone 2 (bits 736 -1237) is erased when E2 is set and an ERASE is performed after the validation
operation in EC2 described above. This operation erases all bits in Application Zone 2.
E2
EC Disabled
Application Zone 2 Erase Flag with Erase Counter operation disabled. (EC2EN FUSE = “0”)
OPERATION:
E2 is set when the Application Zone 2 Erase Key comparison is valid. It is reset when the address counter = 0.
FUNCTION:
Application Zone 2 (bits 736 -1247) is erased when E2 is set and an ERASE is performed on bit 1280.
This operation erases all bits in Application Zone 2, but does not affect the word containing bit 1280.
 Definition of AT88SC102 Passwords  
Password Definition
Security Code (SC)
bits 80-95
(16 bits)
This password is used to set the SV (Security Validation) flag and is used in determining what
operations are allowed in each zone (see Tables 1 and 2).
Application Zone 1 Erase Key (EZ1)
bits 688-735
(48 bits)
This password must be programmed during issuer personalization. It is used to erase
Application Zone 1 in Security Level 2. Verification of EZ1 will set the internal flag E1 to “1”.
Application Zone 2 Erase Key (EZ2)
bits 1248-1279
(32 bits)
This password must be programmed during issuer personalization. It is used to erase
Application Zone 2 in Security Level 2. Verification of EZ2 will set the internal flag E2 to “1”.

Definition of AT88SC102 Fuses
MANUFACTURER FUSE: This fuse is used to control writes and erases of the Manufacturer Zone (MFZ). When the security code has been validated and both the Issuer Fuse and the Manufacturer Fuse are unblown, writes and erases of the MFZ are allowed. Blowing the Issuer Fuse will also disable the Manufacturer Fuse if it has not been blown previously.
EC2EN FUSE: This fuse selects whether the EC2 counter is used to limit the number of Application Zone 2 erases allowed in security mode 2. If EC2EN FUSE is “unblown”, then the Application Zone 2 erases are limited to 128. If the EC2EN FUSE is “blown” the Application Zone erases are unlimited. After the Issuer Fuse is blown the state of the EC2EN FUSE is locked and cannot be changed.

ISSUER FUSE: This fuse is used to personalize the AT88SC102 for end use. It is an additional EEPROM bit which can be programmed to a logic “0”. This is its “blown” state. Security of the device when Issuer Fuse is a logic “1” is described in Table 1. The device is in Security Level 2 when the Issuer Fuse is blown. The device can also be placed in Security Level 2 by taking the FUS pin low independent of the state of Issuer Fuse. Memory access rules of the device in Security Level 2 are described in Table 2.

Micro Operations
The AT88SC102 circuit operation modes are selected by the input logic levels on the control pins PGM, CLK and RST and
by the internal address. Timing for these operations is specified in the AC Characteristics section.
Operation Definition
RESET This operation will reset the internal address to 0. After the
falling edge of RST, the first bit of the Fabrication Zone
(Address 0) will be driven on the I/O contact. The erase
flags (E1 and E2) will be reset.
INC/READ The address is incremented on the falling edge of CLK. If
READ operations are enabled, the addressed bit will be
driven on the I/O pin after the falling edge of CLK. When
READ operations are disabled, the I/O will be disabled and
pulled to a high state by the external system pull-up
resistor.
INC/CMP The INC/CMP operation will compare the value of the data
driven by the system host on the I/O pin, to the value of the
bit already written into the EEPROM memory at that
address location. This process is used during validation of
the AT88SC102 Security Code and Erase Keys. The data
must be stable on the I/O pin before the rising edge of CLK,
when the data will be latched internally. Comparison occurs
on the next falling edge of CLK. The internal address is also
incremented on the falling edge of CLK.
ERASE/WRITE The I/O pin must be driven to a “1” for an ERASE, and to a
“0” for a WRITE operation before the rising edge of CLK
(see tDS)
STANDBY The device is placed in standby mode when FUS pin = “0”
and RST = “1”. The address will not increment when RST is
high.
   
Notes: 1. The output is disabled (hi-state) on all addresses where the READ operation is disabled.
2. The two instructions INC/READ and INC/CMP share the same control signal states.
3. The circuit will distinguish between the INC/READ and INC/CMP instructions by testing the internal address counter.
(CMP can only be done with the addresses corresponding to the Security Code or to an Erase Key).
4. The internal address counter counts up to 1567. An additional CLK pulse resets the address to 0.
Device Functional Operation
Function Functional Operation Sequence
POR OPERATION:
POR (power-on reset) is initiated as the device power supply ramps from 0V up to a valid operating voltage.
FUNCTION:
POR resets all flags, and the address is reset to 0.
RESET OPERATION:
With CLK low, a falling edge on the RST pin will reset the address counter to address 0.
FUNCTION:
The address is reset to “0”, and the first bit of the memory is driven by the AT88SC102 on I/O after a reset. Only
E1 and E2 are reset when the address is reset to 0. The RESET operation has no affect on any of the other flags
(SV, P1, R1, P2, R2).
ADDRESSING OPERATION:
Addressing is handled by an internal address counter. The address is incremented on the falling edge of CLK.
RESET must be low while incrementing the address. A falling edge of RESET clears the counter to address 0.
FUNCTION:
Addressing of the AT88SC102 is sequential. Specific bit addresses may be reached by completing a RESET, then
clocking the device (INC/READ) until the desired address is reached. The AT88SC102 will determine which
operations are allowed at specific address locations. These operations are specified in Tables 1 and 2.
EXAMPLE:
To address the Issuer Zone (IZ) execute a RESET operation, then clock the device 16 times. The device now
outputs the first bit of the Issuer Zone (IZ). After the address counter counts up to 1567 the next CLK pulse resets
the address to 0.
READ OPERATION:
RST and PGM pins must be low. If a READ operation is allowed, the state of the memory bit which is being
addressed is output on the I/O pin. The I/O buffer is an open drain and the output of a logic “0” therefore causes
the device to pull the pin to ground. The output of a logic “1” causes the device to place the pin in a high
impedance state. Therefore in order to sense a logic “1”, an external pullup must be placed between the I/O pin
and VCC. The address counter is incremented on the falling edge of CLK.
FUNCTION:
NON-APPLICATION ZONES:
As the address counter is incremented, the contents of the memory are read out on the I/O pin. The READ
operation is inhibited for addresses where security prevents a READ operation (see Tables 1 and 2).
APPLICATION ZONES:
Application Zone 1 can be read when: SV = “1” or R1 = “1”.
Application Zone 2 can be read when: SV = “1” or R2 = “1”.
WRITE A WRITE operation sets the bit(s) to a logic “0”
OPERATION:
CLK = “0”
PGM “0” → “1” (I/O switches to an input)
I/O = “0” (input = “0” for WRITE operation)
CLK “0”→ “1” (rising edge of CLK starts the WRITE operation)
PGM “1”→ “0”
I/O “0”→ “Z” (high-impedance)
Wait tCHP (see “AC Electrical Characteristics”)
CLK “1”→ “0” (falling edge of CLK ends the WRITE operation).
Note: The falling edge of CLK which ends the WRITE operation does not increment the address counter.
FUNCTION:
NON-APPLICATION ZONES:
The WRITE operation is inhibited for addresses where security prevents a WRITE operation
(see Tables 1 and 2).
APPLICATION ZONES:
The Application Zones can be written when:
Security Level 1: SV = “1”
Security Level 2: SV = “1”and P1 = “1” for AZ1. SV = “1” and P2 = “1” for AZ2
ERASE
Operation
Sequence
CLK = “0”
PGM “0” → “1” (I/O switches to an input)
I/O = “1” (input = “1” for ERASE Operation)
CLK “0” → “1”(rising edge of CLK starts the ERASE operation.)
PGM “1” → “0”
I/O “1” → “Z” (high-impedance)
Wait tCHP (see “AC Electrical Characteristics”)
CLK “1” → “0” (falling edge of CLK ends the ERASE operation.)
Note: The falling edge of CLK which ends the ERASE operation does not increment the address counter.
ERASE
(Non-
Application
Zones)
An ERASE operation sets the bits to logic “1”. The EEPROM memory is organized into 16 bit words. Although
erases are performed on single bits the ERASE operation clears an entire word in the memory (except for the
Application Zones in Security Level 2). Therefore, performing an ERASE on any bit in the word will clear ALL 16
bits of that word to logic “1”.
OPERATION:
Perform “ERASE Operation Sequence” as specified above.
FUNCTION:
The ERASE operation is inhibited for addresses where security prevents an ERASE operation.
(See Tables 1 and 2).
ERASE
(Application
Zones)
Security Level 1
Security level 1: (ISSUER FUSE = “1” and FUS pin = “0”)
The Application Zone can only be erased when SV = 1.
OPERATION:
Increment address counter to any bit within AZ1 or AZ2. Perform “ERASE Operation Sequence” as specified
above.
FUNCTION: This operation will erase the entire 16-bit word containing the bit.
ERASE
(Application
Zone 2)
Security Level 2
EC Mode
Enabled
Security level 2: (ISSUER FUSE = “0” or FUS pin = “0”)
EC Mode is Enabled. Erase Operations within AZ2 are limited to 128.
Application Zone 1 can only be erased when SV = “1” and E1 = “1”.
OPERATION:
Set SV = “1” by validating the Security Code (see definition of SV internal flag).
Increment address counter to the first bit of the Application Zone 2 Erase Key (EZ2 = bit 1248).
Execute 32 INC/CMP operations, correctly verifying each bit of the 32-bit Erase Key.
Increment the address counter through the Application Zone 2 Erase Counter (EC2 = bits 1280 – 1407) until a bit
is found which is set to “1”.
Perform a WRITE operation on this bit (this WRITE will not increment the address counter).
Perform an ERASE operation on the same bit.
FUNCTION:
This operation will erase the entire Application Zone. One additional bit of Erase Counter 2 will now be written to
“0”. The ERASE operation in EC2 will initiate the AZ2 erase, but will not affect the state of the bits within EC2.
ERASE
(Application
Zone 1 or 2)
Security Level 2
EC Mode
Disabled
Security Level 2: (ISSUER FUSE = “0” or FUS pin = “0”)
EC Mode is disabled in AZ2. Unlimited Erase operations in AZ2. AZ1 always allows unlimited Erase operations.
Application Zone 1 can only be erased when SV = “1” and E1 = “1”.
Application Zone 2 can only be erased when SV = “1” and E2 = “1”.
OPERATION:
Set SV = “1” by validating the Security Code (see definition of SV internal flag).
Increment address counter to the first bit of the Application Zone Erase Key (EZ1 = bit 688, EZ2 = bit 1248).
Execute 32 or 48 INC/CMP operations, correctly verifying each bit of the 32 or 48 bit Erase Key.
Increment the address counter to the next bit (bit 736, to erase AZ1, bit 1280 to erase AZ2).
Perform an ERASE operation on this bit.
FUNCTION:
This operation will erase the entire Application Zone, but does not affect the word containing bit 736 or 1280.
Block
Write/Erase
Enabled in Security Level 1 only.
OPERATION:
Set address counter between address 1440 and 1455.
SV must be set.
FUS pin must be high.
Perform a WRITE or ERASE operation.
FUNCTION:
The entire memory excluding the Fabrication Zone (FZ), Memory Test Zone (MTZ) and Manufacturer’s Zone
(MFZ) will be written to “0” (WRITE) or “1” (ERASE).
The BLOCK WRITE/ERASE modes are used to quickly personalize the device.
Blowing
Manufacturer
Fuse
Valid in Security Level 1.
OPERATION:
Set address counter between address 1456 and 1471.
SV must be set.
The FUS pin can be either a “0” or a “1”.
RST pin = “1”
Perform a WRITE operation.
FUNCTION:
The MANUFACTURER FUSE will be at a logic “0” state.
Note: The address will not change as long as RST is high. CLK should be low when RST is brought low.
This will reset the address counter to 0.
Blowing
EC2EN Fuse
Valid in Security Level 1.
The EC2EN FUSE must be blown before the ISSUER FUSE is blown.
OPERATION:
Set the address counter to address 1529.
FUS pin = “1”
RST pin = “1”
Perform a WRITE operation
FUNCTION:
EC2EN Fuse will be written to a logic “0” state.
Note: The address will not change as long as RST is high. CLK should be low when RST is brought low
This will reset the address counter to 0.
Blowing Issuer
Fuse
OPERATION:
Set address counter between address 1552 and 1567.
SV must be set.
The FUS pin can be either a “0” or a “1”.
RST pin = “1”
Perform a WRITE operation
FUNCTION:
ISSUER FUSE will be set to a logic “0” state. This operation will convert the AT88SC102 from Security Level 1 to
Security Level 2. The action is irreversible.
Note: The address will not change as long as RST is high. CLK should be low when RST is brought low.
This will reset the address counter to 0.
Function of FUS and RST Pin
FUS Used for personalizing the device. FUS must be high to be able to personalize the device when ISSUER FUSE is
unblown. In Security Level 1, the FUS pin may be forced low to simulate Security Level 2. In Security Level 2, the
FUS pin has no function.
RST This pin is used to reset the address counter address to 0. It is also used in writing the Issuer Fuse and the
EC2EN FUSE low. When the FUS pin is low and the RST pin is high, the part is in stand-by mode.

 

Ordering Information      
Ordering Code Package Voltage Range Temperature Range
AT88SC102 – 09AT – xx – 2.7
AT88SC102 – 09BT – xx – 2.7
AT88SC102 – 09CT – xx – 2.7
AT88SC102 – 09DT – xx – 2.7
AT88SC102 – 09ET – xx – 2.7
AT88SC102 – 09GT – xx – 2.7
AT88SC102 – 09HT – xx – 2.7
M2 – A Module
M2 – B Module
M4 – C Module
M4 – D Module
M2 – E Module
M3 – G Module
M3 – H Module
2.7V to 3.3V Commercial
0°C to 70°C
AT88SC102 – 09AT – xx
AT88SC102 – 09BT – xx
AT88SC102 – 09CT – xx
AT88SC102 – 09DT – xx
AT88SC102 – 09ET – xx
AT88SC102 – 09GT – xx
AT88SC102 – 09HT – xx
M2 – A Module
M2 – B Module
M4 – C Module
M4 – D Module
M2 – E Module
M3 – G Module
M3 – H Module
4.5V to 5.5V Commercial
0°C to 70°C
Package Type
M2 – A Module M2 ISO 7816 Smart Card Module
M2 – B Module M2 ISO 7816 Smart Card Module with Atmel Logo
M4 – C Module M4 ISO 7816 Smart Card Module
M4 – D Module M4 ISO 7816 Smart Card Module with Atmel Logo
M2 – E Module M2 ISO 7816 Smart Card Module
M3 – G Module M3 ISO 7816 Smart Card Module
M3 – H Module M3 ISO 7816 Smart Card Module with Atmel Logo
       
Notes: 1. “xx” must be replaced by a security code. Contact an Atmel Sales Office for the security code.
2. Formal drawings may be obtained from an Atmel Sales Office.

Smart Card Modules

M2 – A Module – Ordering Code: 09ATM2 - A Module - Ordering Code: 09AT,ATMEL AT88SC102 Smart Card Modules,AT88SC102,

Module Size: M2
Dimension: 12.6 x 11.4 mm
Glob Top: Black, Square: 8.6 x 8.6 mm
Thickness: 0.58 mm max.
Pitch: 14.25 mm

M2 – E Module – Ordering Code: 09ETM2 - E Module - Ordering Code: 09ET,ATMEL AT88SC102 Smart Card Modules,AT88SC102,

Module Size: M2
Dimension: 12.6 x 11.4 mm
Glob Top: Clear, Round: Ø 7.5 mm max.
Thickness: 0.58 mm max.
Pitch: 14.25 mm

M2 – B Module – Ordering Code: 09BTM2 - B Module - Ordering Code: 09BT,ATMEL AT88SC102 Smart Card Modules,AT88SC102,

Module Size: M2
Dimension: 12.6 x 11.4 mm
Glob Top: Black, Square: 8.6 x 8.6 mm
Thickness: 0.58 mm max.
Pitch: 14.25 mm

M3 – G Module – Ordering Code: 09GTM3 - G Module - Ordering Code: 09GT,ATMEL AT88SC102 Smart Card Modules,AT88SC102,

Module Size: M3
Dimension: 10.6 x 8.0 mm
Glob Top: Clear, Round: Ø 6.5 mm max.
Thickness: 0.58 mm max.
Pitch: 9.5 mm

M4 – C Module – Ordering Code: 09CTM4 - C Module - Ordering Code: 09CT,ATMEL AT88SC102 Smart Card Modules,AT88SC102,

Module Size: M4
Dimension: 12.6 x 12.6 mm
Glob Top: Black, Square: 8.6 x 8.6 mm
Thickness: 0.58 mm
Pitch: 14.25 mm

M3 – H Module – Ordering Code: 09HTM3 - H Module - Ordering Code: 09HT,ATMEL AT88SC102 Smart Card Modules,AT88SC102,

Module Size: M3
Dimension: 10.6 x 8.0 mm
Glob Top: Clear, Round: Ø 6.5 mm max.
Thickness: 0.58 mm max.
Pitch: 9.5 mm

M4 – D Module – Ordering Code: 09DTM4 - D Module - Ordering Code: 09DT,ATMEL AT88SC102 Smart Card Modules,AT88SC102,

Module Size: M4
Dimension: 12.6 x 12.6 mm
Glob Top: Black, Square: 8.6 x 8.6 mm
Thickness: 0.58 mm max.
Pitch: 14.25 mm

Note: The module dimensions listed refer to the dimensions of the exposed metal contact area. The actual dimensions of the module after excise or punching from the carrier tape are generally 0.4 mm greater in both directions (i.e. a punched M2 module will yield 13.0 x 11.8 mm).