The first step you are doing is authenticating host with the Mifare SAM. It is a mutual 3-pass authentication between the MIFARE SAM AV2 and host system.
In this procedure both the PICC as well as the MIFARE SAM AV2 prove that both the MIFARE SAM AV2 and the host contain the same secret, a DES, TDEA or AES key.
This procedure not only confirms that both entities are permitted to do operations on each other but also automatically creates a session key which can be used to keep the further communication path secure. As
the name ‘session key’ implicitly indicates, each time a new authentication procedure is successfully completed a new key for further cryptographic operations is obtained.