Identity Provisioning from Root to Chip

SEAL SQ factory trust provisioning service called VaultiTrust ™ with optional secure programming provides a secure device identity certificate, analogous to a birth certificate, for each individual silicon die during integrated circuit (IC) manufacturing. Once generated by SEAL SQ or its customers, personalization data are entered into VaultiTrust secure web portal. 
Contact us

No video selected

Select a video type in the sidebar.

Applications

Simplify the Device Identity with pre-provisioned Secure Element or Secure Microcontroller

SEAL SQ Identity provisioning from root to chipKeys & Identity provisioning on wafer
Keys & Identity provisioning on wafer

Secure data generation and injection into secure elements at wafer level is at the heart of many connected systems such as IoT, anticounterfeiting or traceability of goods. VaultiTrust ™  takes advantage of our government grade security certified premises and end-to-end digital security management to generate keys and efficiently install them into chips.

Applications

SEAL SQ operates FIPS 140-2 Level 3 certified Hardware Security Modules (HSM) to efficiently generate secure data. These HSM are located in a SEAL SQ Common Criteria EAL5+ and ISO27001 certified backed up data center. Upon customer’s specifications, the HSM can be dedicated or shared.

Technical features
  • Flexible (customer data can be customized)
  • Scalable for large quantity
  • Secure (Common Criteria EAL5+ and ISO27001)
  • Ready for Identity Lifecycle Management
Download

Digital Identity & Keys provisioning on Wafer

VaultiTrust ™  has multiple advantages like, pre-manufacturing assembly security deployment, authentication of parts, cryptographic protection of secrets and firmware, and production equipment with integrated FIPS 140-2 Level 3 compliant hardware security module (HSM)
Diagramme dataflow for wafer

Key Benefits

  • Secure key provisioning
  • Secure key storage
  • Key lifecycle management
SEAL SQ Identity provisioning from root to chipKeys & Identity provisioning on package
Keys & Identity provisioning on package - Late provisioning

Secure data generation and injection into secure elements at package level is at the heart of many connected systems such as IoT . VaultiTrust ™  takes advantage of our government grade security certified premises and end-to-end digital security management to generate keys and efficiently install them into chips via our convenient and secure web portal. 

Applications

Use cases based on device functionality including device Identity, cloud onboarding, secure boot, authenticity verification, access control. Reduces cost with a per part as-a-Service model. Minimizes attack surface by securing devices at the earliest point of production. Suitable for high or low volume

Technical features
  • Flexible (customer data can be customized) and used for low volume
  • Scalable for large quantity
  • Secure (Common Criteria EAL5+ and ISO27001)
  • Ready for Identity lifecycle Management
Download

Keys & Identity provisioning on package - Late provisioning

The private key must be protected by the hardware RoT and the public part is held in a certificate, both of which are provisioned during manufacturing. Part of the provisioning service is to supply the customer with all the device certificates created during the manufacturing process
Diagramme dataflow for package

Key Benefits

  • Flexible CA hierarchy
  • Speed to market and flexibility
  • Cost effective

Certifications

Critère commun  ISO/IEC 15408 EAL 4+ ISO/IEC 27001
Logo-certificationCCC-eal-4+
ISO 27001 (2)
Logo-certificationFIPS-140-2-level-2
Vault I Trust Flyer

Digital identity provisioning and zero-touch onboarding for IoT

SEALSQ provides semiconductor and device manufacturers, and also IoT end-user companies a simple and best-of-breed solution during manufacturing for digital identity provisioning of IoT devices

seal-visual

Fill the form download our factsheet