This document proposes a new secure channel protocol based on AES keys and specifies: - A new mechanism to generate session keys. - The schemes to be used with AES for C-MAC, R-MAC, command data field encryption and response data field encryption. - The format of PUT KEY for AES. This new protocol is based on existing SCP01 and SCP02 protocols. It supports AES-based cryptography in lieu of TDEA. The protocol protects bidirectional communication between the Host and the card (decryption/MAC verification for incoming commands, encryption/MAC generation on card response). In addition, the document defines the formats and requirements for DAPs, Tokens and Receipts if AES is used for card content management activities.