Standard and individual HSM solutions

[Translate to English:] HSM Firmwareentwicklung

Whether standard or customised, always secure and certified

achelos offers extensive expertise in the successful use of standard HSMs as well as customised, certifiable HSM firmware developments for the effective protection of your data. We support you at every stage of your HSM project – from analysis and development to the commissioning and operation of your new HSM solution.

Often one of our trusted partners can provide an appropriate standard HSM solution. Should your needs go beyond those of a standard HSM solution, our experienced architects and developers can expand the functionalities of the standard HSM (PKCS#11, Microsoft CAPI) by developing additional firmware and interfaces tailored to your specific needs. We offer comprehensive support throughout the planning, architecture and development phases of your project. 

Additionally, we are available to assist during the new firmware’s (PCI PTS HSM) certification process. With extensive expertise in certifying security-critical products and applications, our team at achelos is well-equipped to guide you through this process. Furthermore, with our own CC site certification, we can provide holistic support with advanced development projects.

Unsure if a typical HSM solution is right for you? Or perhaps you need a custom-made HSM firmware solution? At achelos, not only do we offer HSM Consulting, but also provide expert advice to help you make the best decision for your needs.

  • Expansion and re-engineering of firmware modules
  • PCKS#11 vendor defined mechanisms as an add-on to the PKCS#11 API
  • Use of existing key management functionality and/or productive functions
  • Implementation and execution of conformity tests
  • Development of (G)UI for Key Management Software
  • Preparation of documentation
  • Support with certification, e.g. PCI, PTS, HSM, CC

  • Bank-Verlag Group: Firmware development, documentation and support for certification of the qualified remote signature service.

Press Release


  • Multifactor authentication via FIDO tokens for a provider in the field of critical infrastructures.
    Development of user management within the HSM for the use of FIDO tokens, ensuring compliance with the dual control principle for role-based authentication of functions.
    • HSMs are integral to managing critical infrastructures. The challenge lies in discovering a straightforward approach to secure access and facilitate a simplified HSM configuration with multi-factor authentication.
    • Smartcards and pin pads are commonly used for multifactor authentication in contemporary HSMs.
    • FIDO tokens offer a convenient and cost-effective alternative, eliminating the need for bulky authentication devices.

Do you have any questions? Your contact in this area is:

Holger Volke

Technical Director +49 5251 14212-302