Snowball

OnBoard™ IoT Security

OnBoard™ IoT Security (OBIS) binds a product's keys, firmware, SBOMs and production records into a single source of truth — governed alongside your factories and suppliers, traceable to every device in the field. CRA PSTI EO14028 compliance evidence accumulates as you operate.

Why OnBoard™ IoT Security

Four shifts in how your product's digital assets are governed.

Most IoT security stacks were assembled tool by tool. OBIS was built end to end — for the way connected products are actually developed, manufactured, operated, and maintained, across factories, suppliers, and partners.

Centralized governance

Assets scattered across tools and people

One panel — queryable, traceable, governed

Every key, certificate, firmware image and SBOM — for every product version, down to every individual device — queryable from a single panel. No reconciliation.

Cryptographic collaboration at scale

Collaboration or sovereignty — pick one

Both, by design

Replace process-based trust with cryptographic constraints — for keys and firmware that need to scale securely. Partners collaborate under cryptographic authorization — asset owners delegate use without surrendering sovereignty over their data, keys, and operations.

The full device lifecycle

“Shipped” means the job is done

Traceable for the full device lifetime

Development, manufacturing, vulnerability monitoring, certificate renewal, and firmware upgrade — every material event across the product's full service lifetime is traceable.

Compliance as a byproduct

An extra audit project

A daily operational output

EU CRA, UK PSTI and US EO 14028 — one closed loop covers all three. Evidence is generated automatically as you operate. Audit readiness becomes a state, not a scramble.

SEPTEMBER 2026 · CRA VULNERABILITY REPORTING

CRA isn't a reporting problem.
It's a data-model problem.

Most OEMs will hit the September 2026 deadline with SBOMs in one tool, production records in another, and OTA histories in a third — then scramble to stitch them together under a 24-hour window. OBIS keeps the evidence chain complete keeps the evidence chain complete before the question is raised.

Without OnBoard™

Glued tools, multiple data domains, no evidence chain

Days to weeks

· to produce one ENISA report

Glued tool chains can survive an audit. They can't survive a 24-hour early-warning window. Every CVE becomes a forensic project.

With OnBoard™

One evidence chain, one query, one compliance package

Minutes

· auto-generated from the same data model

SBOM, production batch, device record, and update status anchored on one chain. The 24-hour window becomes a query, not a project.

Explore the Platform

The OnBoard™ Fabric

Proven security foundation.
Every industry.Every device. Every credential.

OnBoard™ IoT Security and OnBoard™ Mobile Credentials are built on a proven security foundation that governs the lifecycle of device assets and mobile credentials. Every customer benefits from what's already been proven at scale.

For IoT Device OEMs

OnBoard^™IoT Security

Development

Manufacturing

Operations

Vulnerability Response

For Service Providers & Mobile OEMs

OnBoard^™ Mobile Credentials

Provisioning

Issuance

Transaction

Revocation

The Foundation

OnBoard^™ Secure Infrastructure

PKI · KMS · SEMS · HSM

For IoT Device OEMs

OnBoard^™ IoT Security

Governs the device asset lifecycle — keys, certificates, firmware and SBOMs for each product across development, manufacturing, operations and vulnerability response. Compliance evidence accumulates as you operate.

Device asset lifecycle

Asset governance

Compliance

OnBoard™ IoT Security

The Foundation

OnBoard^™ Secure Infrastructure

The cryptographic foundation under both platforms. PKI, KMS and SEMS, backed by HSM — from cloud to every edge.

PKI

KMS

HSM

OnBoard™ Secure Infrastructure

For Service Providers & Mobile OEMs

OnBoard^™ Mobile Credentials

Governs the mobile credential lifecycle — provisioning, issuance, transaction and revocation for transit cards, access credentials, enterprise badges and car keys, across every mobile wallet and acceptance network.

Mobile credential lifecycle

Interoperability

OnBoard™ Mobile Credentials

Latest Insights

Insights & Resources

Field notes from the teams shipping OnBoard™ — CRA readiness playbooks, technical deep-dives, and deployment stories from connected-product OEMs and mobile service providers.

Blog

The EU Cyber Resilience Act: An Overview for IoT OEMs

A working overview of the EU Cyber Resilience Act for IoT OEMs — what changed, what it costs, when the clock starts, and where it sits in the global regulatory landscape.

Read Article

Case STUDY

They Make a Million Matter Devices a Month. Zero Keys Out of Their Hands.

A leading European Matter OEM partnered with Snowball OBIS to ship more than a million devices a month from five ODM-operated factories across three countries — without a single private key ever leaving an HSM.

Read Article

Case STUDY

Bringing Dubai’s Transit Card into Samsung Wallet

With SNOWBALL OnBoard Transit, Dubai’s citywide transit card entered Samsung Wallet as a new mobile issuance and service channel. The service reached commercial launch in 4 months and issued 60,000 digital cards in the first 3 months, without changing validators, fare rules, or back office systems.

Read Article

View all Resources

Get Started

Ready to govern your product digital assets — or mobilize your service credentials?

Whether you're preparing for CRA compliance, scaling provisioning IoT devices, or issuing credentials across mobile wallets — let's talk about how OnBoard™ fits your roadmap.

Govern each product as one digital asset portfolio.
From factory to field.

From secure silicon to secure devices —
one trust chain