General Purpose HSM as a Service
The HSM designed for multi-cloud security strategies

General Purpose HSM as a Service

Utimaco’s Hardware Security Module as a Service - hosted in a Secure, Certified Datacenter

Our General Purpose HSM as a Service provides access to a FIPS 140-2 Level 3 HSM that is fully hosted by Utimaco and under your sole remote control. This enables secure key generation, storage, and management without the need for setup, maintenance, or implementation efforts, ultimately reducing the total cost of ownership.

  • HSM as a Service – hosted by UTIMACO in a secure, certified datacenter
  • Secure key generation and storage in a FIPS 140-2 Level 3 certified HSM
  • Works with all major cloud service providers

The HSM as a Service includes a dedicated HSM for each customer, ensuring exclusive access and full administrative privileges while providing optimal security. By opting for HSM as a Service, you significantly reduce capital and labor costs without the need for a dedicated server room, secure environment set-up, or data center selection.

Our General Purpose HSM as a Service seamlessly integrates with all major cloud service providers, making it an ideal solution for your existing cloud applications. Benefit from multiple migration options without the constraints of vendor lock-in, ensuring flexibility and ease of transition.

Try it now with our free, fully functional HSM simulator

Product Type:


Delivery Time:

Key Benefits

Key Benefits


No Implementation Effort

By combining HSM service, maintenance, and hosting, we eliminate the requirement for hardware deployment or software management required on your end. This enables you to shift from capex to opex, enhancing flexibility and efficiency while significantly reducing management overhead.



Provides the highest security with a FIPS 140-2 Level 3 validated HSM hosted in a secure, certified data center within dedicated racks. The HSM can be remotely managed from any location.


No CSP Vendor Lock-in

Ideal for multi-cloud strategies: works with all major cloud service providers (including Amazon AWS, Microsoft Azure, Google Cloud, and more) without vendor lock-in.


High Availability

The Shared Service gives you access to 3 slots, each on a different physical HSM across 2 data centers (99.999% availability).

The Dedicated Service grants you access to 4, 8 or 12 slots in each HSM with a minimum of 2 HSMs in 2 data centers (99.95% availability).


24/7 Support

Leverage a team of crypto experts with knowledge directly from the HSM vendor – available 24/7.



Cryptographic algorithms

  • RSA, DSA, ECDSA with NIST and Brainpool curves, EdDSA
  • DH, ECDH with NIST, Brainpool and Montgomery curves
  • Edwards curves Ed25519 and Ed448
  • AES, Triple-DES, DES
  • SHA-1, SHA-2, SHA-3, RIPEMD
  • Hash-based deterministic random number generator (DRG.4 acc. AIS 31)
  • True random number generator (PTG.2 acc. AIS 31)
  • Chinese Algorithms
  • Can be upgraded with blockchain-specific algorithms such as BIP32/44 and SLIP-010 on request

Cryptographic Interfaces (APIs)

  • PKCS #11
  • Java Cryptography Extension (JCE)
  • Microsoft Crypto API (CSP), Cryptography Next Generation (CNG), and SQL
  • Extensible Key Management (SQLEKM)
  • OpenSSL
  • Utimaco‘s comprehensive Cryptographic eXtended services Inter-face (CXI)


Hosted in a secure, carefully selected datacenter

  • Hosted in an ISO/IEC 27001, HIPAA, PCI, and GSMA SAS-SM compliant data center
  • Provision of all hardware and software in the datacenter
  • Maintenance of equipment in the datacenter and replacing failed units
  • Setup and additional hardware included
  • Secure server room with dedicated HSM per customer
  • All relevant security and regulatory certifications
  • Current regions: Europe & Americas
  • Data Encryption
  • Document Signing
  • Code Signing
  • Certificate Issuing
  • Public Key Infrastructure
  • Chip and Device Personalization
  • User and Device Authentication
  • Blockchain Processes
  • Subscriber Authentication in Mobile Networks
  • Key Agreement in Mobile Networks
  • Timestamp Creation
  • PQC applications
  • And many more

As a service

Our as-a-service options are hosted by UTIMACO in certified datacenters and include everything from set-up to deployment to maintenance.

Quantum ProtectApplying Quantum-resistance to applications and use cases.
Blockchain ProtectSecuring sensitive assets in blockchain processes
Double Key EncryptionTwo-tier security for the most sensitive data in Azure
Software Development KitEnables custom firmware development based on algorithms and functions of choice

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.