End-to-end security

End-to-end protection of your data in transit

Ensure the end-to-end privacy, integrity and authenticity of your data in transit, powered by a proven scalable key management system

  • Vastly increase the security level by generating an infinite number of keys per device, per session and per message
  • Entirely remove the need for keys (PKI or PSK) management and delivery.  No certificates creation, delivery, renewal and revocation
  • Simplify with out-of-the-box ability to encrypt and transfer any type of application data securely from device to server/platform in cloud (and vice versa)
  • Save power and cost of your constrained device by reducing data overhead and packet flights

Product variants

E2E Data Integrity

Application data is signed in the module and verified in the cloud via REST API.

E2E Data Protection

Application data is encrypted in the module and decrypted in the cloud via REST API.

E2E Symmetric KMS

The data session is secured end-to-end from device to cloud through a scalable symmetric key management system.

u-blox services are delivered by the Thingstream IoT service delivery platform. Discover more with the IoT Security-as-a-Service getting started guide.

Contact Thingstream support

Services Description and Price
Documentation & resources

Protecting your data in transit means that the privacy of your data is safeguarded all the way from the device to the cloud. The confidentially of your data needs to be ensured. Additionally, you need to be able to establish the integrity and authenticity of your data at all times. In IoT settings, which often involve thousands, if not millions, of devices, this requires highly efficient and scalable cryptographic methods. 

The u-blox end-to-end security package provides methods to encrypt and transfer every type of applicable data from the device to its own server/platform in the cloud with a few simple operations. This eliminates the need to implement a complex solution on the device microcontroller in order to establish secure communications. 

u-blox end-to-end symmetric key management system provisioning is a disruptive approach for secure key management that replaces the current public key infrastructure (PKI) approach or typical PSK systems. 

The significant advantage of u-blox E2E Symmetric KMS is that session unique keys are available out-of-the-box both in the module and in your cloud via REST API, which allows the generation of an infinite number of keys per device. Keys are uniquely tied to the hardware and can be triggered on the module side and on the server/cloud side. This entirely removes the need for creation, delivery, renewal, and revocation of certificates. Development and operations are simplified by delegating the complexity of key management to a proven scalable system. 

E2E Symmetric KMS is well suited for LPWA constrained devices, optimizing secure communications to achieve up to 8x reduction in the data overhead and up to 2x the packet flights. These optimizations translate to reductions in data usage, power consumption and cost.


We believe that you should focus on your business without wasting time checking your bills.  That is why we adopt a very simple pay-as-you-go approach: pay only for the services you need, for as long as you use them, without requiring long-term contracts, complex licensing or set-up fees.


security price plans 01

An API call to u‑blox Thingstream platform is requested each time you derive a key or encrypt and transfer data to/from your device. Refer to the documentation in the "Document and resources" tab to learn how to use the API. 

Please refer to detailed pricing page for the complete IoT Security-as-a-Service pricing.

No results have been found for .