Mobile Service Architecture - JSR 177

JSR 177 - Security and Trust Services API for J2ME 1.0


The Security and Trust Services API (SATSA) provides access to security services for mobile devices, including secure storage to protect sensitive data, cryptographic operations to support payment transactions and data integrity, and a secure execution environment that allows deployment of custom security features. Developers may rely on these services to support a wide variety of applications, from banking and payment to user identification and authentication.

SATSA consists of four packages:

  • SATSA-CRYPTO (mandatory) to support cryptographic operations such as message digest, signature verification, and encryption or decryption
  • SATSA-APDU (conditionally mandatory) for communication with smart card applications
  • SATSA-PKI (continually mandatory) to support digital signatures
  • SATSA-JCRMI (optional) to support remote invocation of a Java Card device

Beyond the security model already supplied in Java ME applications, SATSA enables developers to easily add security services that support features such as user identification, data integrity, and payment transactions. These services facilitate digital rights management and commerce on mobile devices, potentially creating new business models. For more on SATSA visit




System Properties

Name Description
microedition.smartcardslots Comma separated list of smart card slots used in the string.

microedition.satsa.apdu.version Version of the SATSA-APDU API supported, for example " 1.0".

microedition.satsa.crypto.version Version of the SATSA-CRYPTO API supported, for example " 1.0".

microedition.satsa.pki.version Version of the SATSA-PKI API supported, for example " 1.0".



The Security and Trust Services API for J2ME, Part 1 - This article gives an overview of JSR 177, Security and Trust Services API (SATSA) optional packages which provides APIs for communication with security elements, as well as security APIs for the management of digital signatures, digital certificates, and cryptographic operations. The article also covers the communication APIs, and presents some information about the reference implementation.

The Security and Trust Services API (SATSA) for J2ME: The Security APIs - SATSA (JSR 177) is a relatively new standard intended to provide a Java ME platform access to secure storage and cryptographic operations provided by a security element. SATSA Part 1 introduced concepts, communication APIs and reference implementation, this article covers the security APIs in detail, including use-cases and code examples. These two articles will become your definitive reference on all things SATSA.