Device Security

We have implemented comprehensive security protocols on our devices and software to protect against attacks on the integrity and confidentiality of your telematics data.


Authentication means verifying that the device is authentic, the server is legitimate, and verifying the data has not been tampered with. This protects against ‘spoofing’ attacks, or when malicious parties attempt to impersonate devices to steal data, spread malware, or bypass access controls.


Confidentially involves ensuring data is transmitted securely. Data is encrypted prior to transit, such that even if it were to be intercepted by a 3rd party, it cannot be deciphered.

Authentication and Encryption

Our devices operate in AES256CCM – CCM Mode using AES for block encryption with a 256-bit key.

The Advanced Encryption Standard (AES) was established by the US National Institute of Standards and Technology in 2001 and adopted by the US Government. Today its adoption is widespread and this, along with the scheme, provides several benefits:

  • Widespread adoption means the standard has been thoroughly field-tested, and it has proven itself as secure.
  • The algorithm does not require huge amounts of computational power and is quick to implement, so performance does not suffer.
  • We use a 256-bit encryption key as part of the scheme. The number of operations required to brute force such a cipher is 3.31 x 10^56 – which is roughly equal to the number of atoms in the universe. So, with current computing power, AES-256 can’t be cracked.

Put simply, AES works by jumbling up the device data (a lot!) using a key. It can only then be ‘unjumbled’ by using the key at the other end. Unjumbling without knowledge of the key is so impractical (it would take so long as above) that it is regarded as impossible.

AES-256 is regarded as ‘military’ spec encryption, as it is used by the US military. If it is good enough for them, we think that it must be pretty impenetrable. A key is stored on the device, and securely on the OEM Server. Each key is randomly different for every device, so if a device was to be compromised somehow then the key cannot be used to decrypt data from other devices. A rolling code forms part of the cipher, meaning it changes on each connection – making the system even more secure.

AES256CCM also fulfills the requirement for authentication. As part of the process, a Message Authentication Code (MAC) is generated and appended to the message. Then the entire message is encrypted. The MAC provides the benefit that it can be used on the server-side to identify whether the message is authentic and if any data in the message has been altered either intentionally or via errors in transmission.

On top of this, the microcontrollers we use in our products are programmed entirely by us – including the bootloader and main firmware. This means we are not relying on any other code that could be malicious or vulnerable to known exploits.

Third-Party Integration

The security discussed above covers the critical step of the transmission of data from the device to the OEM Server, our device management layer. In order to transmit data to a 3rd party server, we can send this data over HTTPS, providing a full end to end data security.


LoRaWAN® networks use AES-128 Encryption. Each LoRaWAN® device is personalized with a unique 128 bit AES key (called AppKey) and a globally unique identifier (EUI-64-based DevEUI), both of which are used during the device authentication process. Allocation of EUI-64 identifiers requires the assignor to have an Organizationally Unique Identifier (OUI) from the IEEE Registration Authority. Similarly, LoRaWAN® networks are identified by a 24-bit globally unique identifier assigned by the LoRa Alliance®.

LoRaWAN® application payloads are always encrypted end-to-end between the end-device and the application server. Integrity protection is provided in a hop-by-hop nature: one hop over the air through the integrity protection provided by LoRaWAN® protocol and the other hop between the network and application server by using secure transport solutions such as HTTPS and VPNs.

For more information on LoRaWAN® Security please visit

Engineered to Outperform

Our versatile range of GPS tracking devices is trusted globally to outperform with industry-leading reliability, powerful device management tools, and flexible integration options.


Extensive range of GPS and IoT devices for all tracking applications with Global Cellular 2G, 4G LTE-M / NB-IoT) LoRaWAN®, and Sigfox connectivity.


Industry-leading performance with uncompromising engineering – from R&D and prototyping to best-in-class components, housing, and firmware.


Secure and powerful device management and configuration tools with flexible integration options.


Expert technical assistance with device activation, installation, configuration, integration, troubleshooting, and a robust knowledge base.

Related Case Studies

Concrete Mixer Tip Detection and Utilization with VolkerFitzpatrick

VolkerFitzpatrick required a robust battery-powered GPS tracking device that is capable of collecting date, GPS location, and tip detection data.

View Case Study
Related Case Studies

Digicore and Iridium Satellite Fallback has Snowy Hydro Covered

Digicore, a Melbourne-based telematics company specializes in IVMS solutions in the mining, transport, and government sectors.

View Case Study
Related Case Studies

Rhino 911 – GPS Tracking for Poaching Prevention

Rhino 911 is using Digital Matter's Oyster2 GPS device and Telematics Guru to help prevent poaching and habitat destruction in South Africa.

View Case Study
Related Case Studies

Improving Farm Safety and Management with LoRaWAN and Farmdeck

Outcomex is improving productivity and safety across rural Australia with LoRaWAN®, Digital Matter devices, and their own in-house application, Farmdeck.

View Case Study
Related Case Studies

Asset Tracking & Sensor Monitoring with Restotracker

Learn how Restotracker uses the Remora2 and Bluetooth® Low Energy to remotely track and monitor high value assets and critical sensor data.

View Case Study
Related Case Studies

Where’s Julius?

To support WIRES, B Braun’s newest recruit Julius the Koala is visiting Vet Clinics and Institutions across the country to spread love and awareness for Australian Wildlife.

View Case Study
Related Case Studies

Pioneering IoT in Malaysia with Xperanti IoT

Digital Matter has partnered with Xperanti IoT, supplying over 11,000 Oyster Sigfox battery-powered GPS tracking devices for affordable asset tracking in Malaysia on the LPWAN Sigfox Network.

View Case Study
Related Case Studies

Train Tracking & Speed Monitoring with the Gisborne City Vintage Railway

The Gisborne City Vintage Railway Society installed an Oyster2 to a carriage on the WA165, to publish real-time locations whilst out on excursions.

View Case Study
Related Case Studies

Litter Tracking Solutions with RMIT

RMIT University in collaboration with Melbourne Water are on a mission: to educate their community about the environmental and financial implications of littering.

View Case Study
Related Case Studies

Asset Tracking in Zimbabwe with EzyTrack

Founded in 2009 in Harare, Zimbabwe, Ezytrack understands the unique solutions local residents and businesses require to protect their assets.

View Case Study
Related Case Studies

Increasing Safety and Visibility with LoRaWAN® and Meshed IoT

Established in 2015, Meshed IoT is providing innovative IoT solutions using the LoRaWAN® network to cities and industries throughout Australia.

View Case Study

Let’s Get Started

Submit the form below to get in touch with a Digital Matter representative from your region.


Looking for support? Check out our knowledge base.

Information on becoming a Digital Matter Partner.

Information on pricing, availability, and proof of concept.

Guidance on selecting the right products for your application.