key bridge ukm
The single platform solution for all keys and data

KeyBRIDGE Payment HSM Key Manager

Securely manage and store all keys and sensitive data in one single, centralized location

  • Manages and stores all keys and sensitive data of a company or group
  • Provides a single solution with integrated HSM
  • Includes built-in support for 3rd party HSMs
  • Certified for Payment and General-Purpose Keys

Delivery Time:

About 2-4 weeks
Key Benefits

Key Benefits


Central solution

Manage and store all keys and sensitive data in one single, central location.


Built-in HSM

Logical and physical security provided by the integrated HSM as the root of trust.



Securely manage and store all keys and sensitive data in a single, centralized location

KeyBRIDGE UKM is a standalone platform solution that stores all keys and sensitive data for an entire organization. This ensures that the organization has complete control of the key inventory and is not dependent on the availability of a database, service vendor or employee. Its simple key management functionality spans the full key lifecycle from generation through to escrow and termination.
The central user interface provides complete visibility of the entire key inventory at any time.

KeyBRIDGE UKM secures all keys and maintains support for the generation, import, and distribution of any key type.

All keys within KeyBRIDGE UKM are protected under a 256 Bit AES System Master Key, which can be used immediately, distributed as a cryptogram or broken down into component parts or shares.

KeyBRIDGE UKM adds additional value by allowing integration of further Utimaco HSMs as well as third party HSMs like Atalla, Thales and SafeNet, enabling the user to perform key management functions using a single, easy-to-use interface with both local console or RESTful API access.

Detailed Key Inventory

  • Tracks generation, import, export, termination details and optional key expiration dates

Full life-cycle key management

  • Tracks all instances of imported and exported keys
  • Maintains key history even if a key has been terminated and removed from the system

Certified for Payment and General-Purpose use cases

  • FIPS 140-2 certified
  • PCI-HSM certified

High physical and logical security

  • Provides intrusion-resistant and tamper-evident hardware
  • Enables role-based access control (RBAC) enforced with dual control and split knowledge

Best-in class entropy and high-quality keys

  • NIST SP 800-90B
  • AIS 31DRG.4 compliant hash based DRNG
  • AIS31 PTG.2 compliant TRNG

Third party HSM integration

  • Enables integration of CryptoServer, Atalla, Thales and SafeNet HSMs

Supporting various algorithms and mechanisms

  • RSA, DSA, ECDSA with NIST and Brainpool curves
  • DH, ECDH with NIST and Brainpool curves
  • AES, Triple-DES, DES
  • SHA-1, SHA2-Family, SHA3

Easy integration and use

  • Through UI & RESTful API interface
  • Central interface


Our on-premise options allow hosting the product directly on-site in your own network or data center.

  • LAN Appliance


Atalla AT1000

Secure the Payment Ecosystem with Atalla AT1000 with its Unique Speed and Global Support

Find more details

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      Your collection of download requests is empty. Visit our Downloads section and select from resources such as data sheets, white papers, webinar recordings and much more.