In the context of L2 specifications (Book I, II, III, IV, A, B, Cx), EMVCo doesn’t specify any security mechanism beyond the PKI scheme proposed by the ODA. Hence, sensible data protection is not in EMV’s scope.
Consequently, Agnos Framework logical architecture doesn’t integrate security features beyond SDA, DDA, and CDA. But, that Framework may be deployed onto different kind of physical architectures. However, Agnos components are not altered.