Mobile electronic devices know an expansion which goes together with miniaturizing. Today, electronic devices can be hand-held, and have more computational ability than a few years old desktop computers.
This concomitant evolution in miniaturizing devices and enhancing their capacity opened up new horizons as regards applications.
Today, a mobile phone or a music player can execute cryptographic operations, and encode or decode information.
As the spearheads of the evolution of embedded electronic devices, microchips experience this evolution in their applications.
Microchips are currently embedded in a large number of devices. They can be found in smart cards of course, and also in electronic identity documents, in smart self-adhesive labels, etc.
Such microchips (also commonly called “computing unit”) provide particularly high security performances, which of course made it possible to concentrate the utilization thereof on security, or at least secure applications.
Microchips are thus commonly used for governmental or bank operations, etc.
All these applications are based on a particularly important step: personalizing. This step is the one during which data, and more particularly secrets, are inserted into the chip.
Some of these secrets may be linked with the final user. Such a secret may also be a secret code, for instance. The secret code, also called PIN CODE (for Personal Identification Number CODE) enables the legitimate user to identify with the chip. In the case of a bank card, requesting the user to give his/her secret code prior to a transaction is a common practice, in order to make sure he/she is entitled to request said transaction.
To carry out such operation:                the card is inserted into a terminal,        the terminal prompts the user to input his/her secret code        the terminal sends the input code to the card and requests therefrom the identification of the code,        the card verifies the code and informs the terminal of the result of such verification.        
To be able to verify the code submitted, the card must know all or part of such code. In a naive implementation, the card knows the code as such and compares it with the input code. In a more advanced embodiment, the card has some information on the code (for instance a hash-based code) and searches for the same information in the input code.
In any case, the card needs to know all or part of the code to be able to verify it.
The significant diversification of the electronic devices as well as the applications thereof induced a remarkable increase in the number of secret codes to be memorized by each user. This phenomenon among other things favoured the necessity, for the users, to choose their secret codes by themselves, in order to memorize these more easily.
Then the problem consists in having the user participate in an extremely secure personalizing process, most often centralized in protected places.
The first considered solution consisted in establishing a remote communication between the personalizing centre and the user. For this step, as the user was generally in a branch, for instance a bank or a governmental branch, this meant establishing a secure communication between the personalizing centre and all the branches.
This solution was soon discarded because of the major risk entailed in so many potential entries into a secure personalizing system.
The second studied solution was the equipment of each branch, with a secure encryption unit, generally called HSM, for Hardware Security Module. Such hardware security module makes it possible to encrypt data in a secure environment, and thus to be able to transmit same subsequently.
In a broader sense, a HSM (Hardware Security Module) is a device considered as tamper-proof providing cryptographic functions. This device is an electronic item of equipment providing security service which generally consists in generating, storing, using and protecting cryptographic keys.
In this case, the data to be encrypted are data provided by the final user, for instance his/her secret code.
After the transmission of data to the personalizing centre, the latter has resources to decrypt these (most often another HSM) and can thus analyze and process such data.
The problem met by this solution lies in the extremely high cost of such HSMs.
Besides, using new devices in the personalizing chain requires a new certification of said chain. As a matter of fact, such extremely secure processes are submitted to a set of tests and validations called “certification”. Such a “label” guarantees all the participants that experts checked the security of the whole system.
Yet, the insertion of the HSM, or of any other device into such chain requires a new certification, which is extremely expensive.