They Make a Million Matter Devices a Month. Zero Keys Out of Their Hands.

A leading European Matter OEM partnered with Snowball OBIS to ship more than a million devices a month from five ODM-operated factories across three countries — without a single private key ever leaving an HSM.

Client

Top European Matter OEM

Product Line

IoT Security

Industry

Smart Home

Published

2026-04-07

At a Glance

A top European Matter OEM needed to ship more than a million Matter devices a month from 5 ODM-operated factories — without a single private key ever leaving an HSM. None of the three industry-standard answers fit.

1. The Customer

A top European Matter OEM, headquartered in Europe, with global retail presence — 400+ retail stores across 50+ markets.

The customer is both a Matter device manufacturer and a VID-scoped Product Attestation Authority (PAA) — operating their own root CA at the top of the Matter device attestation trust chain.

Production footprint today:

Products

Devices / Month

Factories

SoCs

Vendors

Cleartext Keys

‍

The customer began Matter commercial production in 2025 and launched to market in January 2026. Monthly volume crossed 1M during 2026 and continues to grow, with more products in active development.

2. Why This Was Hard

The OEM's security team set two red lines. Neither was negotiable.

No private key or symmetric key may exist in cleartext anywhere on the factory floor. Not in memory on a programming station. Not in transit between systems. Not even momentarily.

Device private keys must be generated inside the device and never leave it. No external generation followed by injection.

Agreeing on the principles was easy. Executing on them was the hard part.

The challenge wasn't just keeping the OEM's signing keys safe — it was keeping signing keys and per-device keys safe simultaneously, which meant the provisioning process itself had to be safe:

in factories operated by ODM partners
with five ODMs, most without cryptography expertise
on silicon whose security features varied significantly across four vendors
across three countries connected by uneven cross-border networks

That combination is what took the team through three approaches that didn't fit.

3. Why the Traditional Answers Didn't Fit

The three approaches the team worked through were each a sound model in the right context. None matched this customer's combination of constraints.

Chip vendor pre-provisioning.

Each vendor's service has its own profile format, submission flow, and lead time — and the customer's portfolio spanned 21 products across 4 silicon vendors. With non-returnable inventory and multi-week customization cycles, the cost of getting any one product wrong was high, and the cost of running 21 of them in parallel was higher. The model also ends at the chip facility: re-provisioning, credential rotation, and other post-production operations that need the OEM's cryptographic authority have nowhere to live.

Cloud PKI service.

The architecture assumed real-time cloud connectivity throughout mass production — but across the Thailand–Vietnam–China network, where cross-border links degrade routinely and recover unpredictably, any disruption stops every line that's mid-batch. A single cloud outage would halt all five factories at once. It also assumed someone on the factory floor owned the integration between cloud PKI and secure provisioning. Most ODMs lack cryptography specialists — they can neither build it nor maintain it.

Per-factory PKI + HSM deployment.

Never left the spreadsheet. Each new key — for a new product, a new SoC, a new use case — would have meant someone from the OEM's security team traveling to each factory and performing an injection ceremony. It would also have meant handing day-to-day custody of the key material to factory teams the OEM didn't directly manage. Not a one-time deployment cost. A permanent stream of recurring travel, recurring ceremonies, and recurring loss of cryptographic control.

APPROACH	OEM CONTROL OVER KEY USE	AUDIT VISIBILITY	WHY IT DIDN'T FIT
Chip vendor pre-provisioning	Delegated to silicon vendor	Vendor-reported, after the fact	SKU and forecast burden across 4 vendors; non-returnable inventory; no post-production lifecycle
Cloud PKI service	Real-time, via cloud PKI policy	Real-time, centralized in cloud	Cloud as single point of failure; cross-border instability halts mid-batch lines; on-floor integration had no ODM owner
Per-factory PKI + HSM	Set at injection, then drifts to factory	After the fact, scattered across 5 sites	Recurring on-site key ceremonies; OEM loses day-to-day custody once keys are injected

4. The Reframe

SNOWBALL came in, recommended independently by one of the OEM's ODMs and one of the silicon vendors.

What SNOWBALL proposed wasn't "a better PKI service" or "a better factory HSM." The OEM's problem couldn't be solved by any single tool — because the constraint wasn't tooling, it was the operating model.

The three approaches the team had worked through shared one hidden assumption: that the decision to perform a cryptographic operation, and the execution of that operation, must happen in the same place.

OBIS — SNOWBALL's OnBoard IoT Security platform — is built on a different assumption. It ships as one system: a cloud portal where the OEM governs, a Factory Service at each ODM site, programming-station software on the line, and EdgeHSM — the on-premise appliance that anchors trust in the factory. Decision-making stays with the OEM. Execution runs locally. The two are bound by a scoped authorization the OEM issues and the factory enforces.

That decoupling shows up in three architectural properties, plus one delivery property that made it adoptable.

OEM authority lives in the cloud.

Every operation a factory performs — issuing a DAC, provisioning an OTA encryption key, re-opening Secure Debug for rework, even programming firmware — happens under a cryptographically signed authorization object the OEM issues from the cloud portal. Each authorization is scoped to a specific product version, factory, quantity, and time window.

EdgeHSM enforces it at the edge.

EdgeHSM, deployed at each factory, is built on an EAL5+ certified secure element. It verifies every authorization before performing any operation, and refuses anything outside its scope. All cryptographic material in the factory lives inside the EdgeHSM boundary at every moment of its existence. Device key pairs are generated inside the SoC and the private keys never leave it; only the CSR is sent to EdgeHSM, which returns the signed certificate. No private key is ever injected into the device from outside. No factory operator, no ODM partner, and no system in the factory ever sees a private key in cleartext.

The line keeps running when the cloud doesn't.

Once an authorization package reaches EdgeHSM, the factory needs no further cloud round-trips. Authorized production runs continue for the full window the OEM granted, regardless of network conditions. Multiple authorizations can run in parallel. When connectivity returns, audit logs and production records sync within minutes.

The whole system arrives as one.

ODMs install the factory side of OBIS — they don't develop it. The Factory Service, EdgeHSM, and programming-station software ship as a single bundle. This is what made the model adoptable by ODMs, and what lets a new factory come online in days.

5. The Workflow

Here's how this actually runs in production.

The OEM sets up the product. In OBIS, the OEM creates the product, configures the cryptographic keys it requires, and sets the rules for how it can be produced — most importantly, the total quantity that may ever be produced. The OEM then invites the ODM into the Product Workspace.

The ODM prepares the version. The ODM uploads the firmware, signed with the secure boot key the OEM specified, and configures the Matter factory data, commissioning parameters, and chip security features. When everything is in place, the ODM creates a new Product Version — a snapshot of exactly what this product will be in production.

The OEM approves the version. The OEM reviews and approves the Product Version, locking it as the authoritative reference for production.

The ODM creates a batch. Based on the approved version, the ODM creates a Production Batch and assigns it to a factory — defining the quantity for this run and the production window. Over time, the ODM creates as many batches as production requires, but the running total can never exceed the quota the OEM set at the start.

On the line. The encrypted Production Batch lands in EdgeHSM at the factory. Programming Stations execute device-by-device provisioning under EdgeHSM's control. Each device gets its keys generated on-chip, its certificates issued, and a production record written.

Records flow back. Records sync to the cloud portal within minutes. The OEM's security team in Europe sees production across all five factories from a single dashboard — every batch, every device.

Secure Debug rework, weeks later. A factory finds a unit that needs rework. Re-opening the Secure Debug port requires the OEM's Secure Debug authentication key. Under traditional models, this either means handing the key to the factory or escalating every rework to the OEM. In OBIS, the authority is already in place — defined when the original batch was authorized. The factory triggers the rework within that scope. EdgeHSM uses the key, kept inside its hardware boundary, to re-open the port.

6. The Honest Math

No platform is free. Three real costs the OEM accepted going in, worth naming.

TRADE-OFFS

Enabling a new SoC is not plug-and-play. Bringing up the first product on a new SoC requires integration work. Reused across all products on the same SoC, across any ODM.
EdgeHSM is physical hardware. Each factory needs the appliance installed, networked, and operated. Per-factory deployment itself takes only a few days.
Light integration with factory systems is needed. Per-device records often flow to the ODM's MES, SAP, or test systems for traceability.

Set against those, here's what the OEM got.

Outcomes

21 products in production
1M+ devices/month, crossed during 2026
5 factories deployed remotely — no on-site SNOWBALL or OEM presence
5 SoCs adapted across 4 silicon vendors; integration reused across products and ODMs

Outcomes

All device private keys generated on-chip — never leave the silicon
All OEM signing keys held inside HSM boundaries — never in cleartext anywhere in the supply chain

Operating model, scaled

New factories, SoCs, and products onboard without rebuilding the security foundation — no silicon lock-in
OBIS arrives integrated — new factories come online in days
No recurring on-site key ceremonies, no recurring OEM travel
Production runs uninterrupted by cloud connectivity
Every device traceable from authorization to batch to unit, across all 5 factories from a single dashboard

Want to go deeper?

Read — Our Blog What IoT OEMs Need to Know about the EU Cyber Resilience Act — the architectural framework this case study is one piece of.
Read — Our whitepaper The OBIS architecture in detaili — From Cloud Authority to Edge Execution →
Watch — Request a 30-minute walkthrough of OBIS in action.
Talk — Schedule a technical conversation about your supply chain →

Snowball Team

Team Member

LinkedIn

Founded in 2013, committed to driving scalable and sustainable industry growth through a trusted, future-ready security infrastructure. Snowball Technology’s core team comes from NXP’s security services group, bringing over a decade of experience in device security. The company currently has more than 100 employees, with over two-thirds in R&D. Snowball Technology is certified under international standards including ISO 9001, ISO 14001, and ISO 27001.