A secure communication channel between an open system and a portable IC device
is established. An application running on the open system desiring access to the
information on the portable IC device authenticates itself to the portable IC device,
proving that it is trustworthy. Once such trustworthiness is proven, the portable
IC device authenticates itself to the application. Once such two-way authentication
has been completed, trusted communication between the open system and the portable
IC device can proceed, and private information that is maintained on the portable
IC device can be unlocked and made available to the application.