In the context of L2 specifications (Book I, II, III, IV, A, B, Cx), EMVCo doesn’t specify any security mechanism beyond the PKI scheme proposed for the ODA. Hence, sensible data protection is not in EMV’s scope. Consequently, Agnos Framework logical architecture doesn’t integrate security features beyond SDA, DDA, and CDA.

On the other hand, GPI/DEVICE layers propose a set of services called ‘'SRED” allowing Agnos Framework to deleguate sensible data manipulation outside a L2 applicative area. This is appropriate for specific phyiscal architectures where L2 is not protected and its execution issplit into 2 parts: an applicative node and a secured node. In that case, ‘'SRED’' services are encapsulated in the secured node and exposed to L2 through RPC calls.