Secure your Smart City Infrastructure


Securing smart cities


The cities are vulnerable to threats such as signal jamming, remote systems or data manipulation, Denial of Service (DoS), malware attacks and the recent rampant ransomware and wiping attacks. There is a need therefore for comprehensive smart city plans to minimize cybersecurity risks and protect critical infrastructure in smart cities so as to defend stakeholders, ranging from residents to private and public service providers.


Smart cities’ virtual doors will need virtual keys and locks controlled through remote communications. In real sense, these virtual doors to smart cities are never fully locked, creating loopholes cyber attackers will sure attempt to exploit. This, then means smart cities are not safe until proven, hence measures must be put in place, spanning physical security and network security, to continuously ensure, guarantee and verify key components of the infrastructure never fail.


Security in LoRaWAN


The LoRaWAN specification has been designed from the outset with security as an essential aspect, providing state-of-the-art security properties that meet the needs of highly scalable low-power IoT networks. Unlike many other IoT technologies, the LoRaWAN specification already offers dedicated end-to-end encryption:


The specification defines two layers of cryptography:

  • Using a unique 128-bit network session key shared between the end-device and network server
  • Using a unique 128-bit application session key (AppSKey) shared end-to-end at the application level

AES algorithms are used to provide authentication and integrity of packets to the network server and end-to-end encryption to the application server. By providing these two levels, it becomes possible to implement “multi-tenant” shared networks without the network operator having visibility of the users’ payload data. The devices can be activated by Personalization on the production line or during commissioning, or can be over the air activated (OTAA) in the field. OTAA allows device sessions to be rekeyed if necessary.

LoRaWAN relies on symmetric cryptography, which requires sharing keys in a safe and secure way. To further aid with this process, LoRa Alliance members have developed:

  • LoRaWAN backend interfaces that isolate the storage of root keys in the join server, so that becomes a trusted player, regardless of network
  • Secure element solutions that provide additional hardware physical protection against tampering

Though LoRaWAN is inherently secure, the LoRa Alliance is constantly reviewing, designing and implementing security enhancements and best practices to ensure LoRaWAN stays ahead of the changing security landscape and Ambimat offers itself as an aide in this process with a value added solution.

Ambimat’s solution for your LoRaWAN

Ambi-Secure is a hardware-software solution based on 3 decades of experience in the field of IoT. The solution is a combination of a System on Chip (SoC) and Ambimat’s firmware residing on it which helps cater to almost all of the challenges present on your IoT (read: LoRa) device

Our Ambi-Secure acts as a secure hardware memory to help customers store their AppKey, NwkKey, AppSKey and other keys used for the communication in a secure location outside the memory of the main controller

Our Ambi-Secure can also help generate the most secure keys for your application while communicating with the gateway or the network server.

Ambi-Secure can confirm the authenticity and the validity of the source of the Firmware sent over the air for updation.

Ambi-secure implements the encryption algorithms in itself taking away the need to implement such algorithms in the main controller thereby providing more security to the solution as well as more flexibility to choose the controller of choice.

Ambi-Secure protects your infrastructure as well as your customers’ infrastructure from any challenges arising from a security perspective for the entire lifetime of your product.

Ambisecure key

AmbiSecure Key – Security Digital USB Key


The AmbiSecure Key is a hardware-based authentication solution that is FIDO2 standard compliant. The Key is used to provide a simple and highly secure sign-in feature to any online server supporting FIDO authentication algorithm and enables compliance requirements for strong authentication.

Now that passwords are fast becoming obsolete and your privacy, as well as the security of your digital profile, is very often compromised it is necessary to up the anté with hardware security.


Strong Authentication:


The AmbiSecure Key Series offers superior security by combining hardware-based authentication and public key cryptography to effectively defend against phishing attacks and eliminate account takeovers. It offers support for FIDO U2F v1.2.


Passwordless Enabled:


The AmbiSecure Key Series helps organizations accelerate to a passwordless future by providing support for the FIDO2 protocol. FIDO2 supports not only today’s two-factor authentication but also paves the way for eliminating weak password authentication, with strong single factor hardware-based authentication.


Easy, Fast, and Reliable:


The AmbiSecure Key Series provides a simple and intuitive authentication experience that users find easy to use, ensuring rapid adoption and organizational security. Ambisecure Keys do not require a battery or network connectivity, making authentication always accessible.



Easy to Use

Easy to Use

No battery or network connectivity required, users simply insert and tap to authenticate



Establish user presence, and prevent remote takeovers, with a simple touch on the AmbiSecure Key during login



AmbiSecure Key provides the user a secure authentication



Reduce password reset or account lockout queries.



AmbiSecure Key fits into any standard USB port



Fit AmbiSecure Key on a keyring and carry without any worry



Supported Operating Systems: Windows, Linux, macOS, iOS, Android
NFC-enabled: Yes
Authentication Methods: Passwordless, Strong Two Factor Authentication
Identity & Access Management: Any FIDO compliant cloud
Password Managers: Can be provided on request
Function: FIDO2, U2F
Certifications: FIDO2 Certification (Underway)
Cryptographic Specifications: ECC P256
Design & Durability: Rugged enclosure, No batteries required, No moving parts
Device Type: USB HID Device
Single Sign ON: Supported (Currently under development)


Download Ambisecure key Brochure