Multi-Card Applet Loader
The factory tool that loads CAP files onto a stack of cards over a GlobalPlatform SCP03 secure channel. The step that turns a generic chip into an AmbiSecure-personalised product. Designed to run on a personalisation line, not a developer laptop.
Bulk SCP03 CAP loading without the foot-guns.
SCP03 secure channel
GlobalPlatform 2.3.1 with Amendment D SCP03. Per-issuer master keys derive per-card session keys. The CAP file lands inside the secure element, not in a log file.
CAP load
Loads the 12 components of a JavaCard CAP file (Header through Debug). Walks the post-load INSTALL sequence per applet AID.
Multi-reader
Drives 1..N readers in parallel. The line works on a stack, not a card.
Per-card uniqueness
Per-card key derivation and per-card credential injection where the applet expects it.
Audit
Per-card load log with chip serial, applet AIDs, key version, and outcome. SIEM-friendly export.
Recovery
Failure handling, partial-load detection, retry policy. Cards do not get bricked silently.
What the loader supports.
| Card OS target | JavaCard 3.x with GlobalPlatform 2.3.1 + Amendment D SCP03 |
|---|---|
| Applet matrix | Any AmbiSecure applet (FIDO, PIV, OpenPGP, NDEF, IoT, custom); third-party CAP files where issuer keys allow |
| Readers | PC/SC contact readers; ISO/IEC 14443 contactless readers |
| Concurrency | 1..N readers in parallel; per-reader job queue |
| Key management | HSM-backed issuer master keys; per-card derivation; key-version tracking |
| Audit | Append-only load log; SIEM export; per-card chain-of-custody record |
| Integration | MES integration via REST or message queue |
Standing up a personalisation line?
Tell us your chip, your applet, your reader fleet, and your HSM. We will tune the loader for your line and deliver the audit hooks.