The memory, offered in densities of 1 to 256 kbits, can be divided into as many as 16 configuration and user sections, each with a defined level of read and write access. Four levels of security can be implemented: free access, password protection using eight sets of read-write passwords, mutual authentication using a choice of four sets of 64-bit keys, and full data encryption. Thus one smart card could contain data readable to all systems, as well as data requiring authenticated access.

The four levels distinguish the memory from its nearest competitors—password-protected nonvolatile memories from Infineon Technologies and Gemalto. With a high-volume device price ranging from 15 to 85 cents each, Atmel is promoting the devices as economical for anti-counterfeit applications.

Within each 2-kbyte configuration memory section, there are four sets of 64-bit secret seeds and four sets of 64-bit session encryption keys. In mutual authentication mode, the host reads a cryptogram and ID information from the memory, combines that data with its own key information and a random number, and generates a challenge. If the memory can calculate the challenge with a random number received from the host, the host is deemed authentic, and information is shared.

User security preferences are stored in fuse bits, making sure they cannot be read. The $49.95 development kit includes a daughtercard with two-wire interface to link to common embedded development environments. The development library is made up of application programming interface calls to execute host operations and build a software model of host challenges and authentication operations.