AmbiSecure IoT Solution
An IoT and enterprise cybersecurity platform with FIDO-enabled MFA. Hardware-rooted device identity, key management, attestation, and the back end that ties it together.
A device is not secure until the back end agrees it is.
Hardware root in the device
AmbiSEC Module — the IoT security co-processor — gives every device a non-extractable identity key. Provisioning happens on our line.
Key manager service
Set/Get Master Key, Generate Key Pair, Sign data — with proprietary extensions for specific use cases. The service the device calls.
FIDO MFA for operators
Operators and integrators authenticate to the platform with phishing-resistant FIDO2 credentials, not passwords.
Attestation pipeline
Each device proves its identity to the back end. The back end never has to trust the network.
Lifecycle keys
Operational keys rotate over the air. The root remains. Devices stay in field through their full life.
OEM-friendly
Reference SDK for the host MCU; provisioning tooling for the factory; APIs for the cloud.
How an AmbiSecure-protected IoT system fits together.
Three layers, all rooted in hardware.
Device
AmbiSEC Module IoT security co-processor, host driver, attestation.
Field
Operational key rotation, signed update, audit log.
Cloud
Key Manager service, attestation verifier, PKI.
Operator
FIDO MFA login to the management plane.
What ships under one umbrella.
| Hardware | AmbiSEC Module — IoT Security Co-Processor (separate product page); dual-domain secure-element platform |
|---|---|
| Embedded SDK | Reference C driver for Linux, RTOS, bare-metal MCU; Python tooling for provisioning lines |
| Key Manager service | REST endpoints for key operations; per-device unique key wrapping; audit log |
| Operator MFA | FIDO2 / WebAuthn integration via the AmbiSecure FIDO Validation Server |
| Provisioning | Per-device unique key injection at our personalisation line, or in-field |
| Compliance path | Designed for industrial / consumer IoT cyber resilience requirements (EU CRA, IoT cybersecurity baselines) |
Where this fits in the bigger picture.
Product: IoT Security Co-Processor
The hardware tier of the IoT Solution — AmbiSEC Module’s dual-domain co-processor.
Service: FIDO Validation Server
The MFA tier for operators and integrators.
Solution: Secure Element Integration
How to integrate the SE into a connected product.
Blog: EU Cyber Resilience Act for IoT
What the CRA means for connected-hardware and IoT manufacturers — scope, secure-by-design, lifecycle, deadlines.
Blog: secure by design under the CRA
Why hardware-backed trust matters for CRA-aligned connected products.
Designing a connected product line that needs a real security model?
We can deliver the chip, the firmware integration, the provisioning line, and the cloud-side key manager — or any subset.