Overview
The Enigm Key security model supports:- Account-bound device association.
- Device authentication.
- Encrypted communication.
- Request integrity.
- Signed emergency requests.
- Rejection of unauthenticated device traffic.
- Replay-resistant request validation where required.
- Device lifecycle revocation when the key is lost, stolen, retired, or replaced.
Device Authentication
Enigm Key uses device-bound authenticated signing material for platform authentication. At a public architecture level, this includes a unique per-device HMAC-based credential used to authenticate signed requests so the platform can verify that communication is associated with an authorized Enigm Key. The platform should reject unauthenticated device traffic and should evaluate request integrity before processing emergency events.Request Integrity
Emergency event requests are designed to be protected against unauthorized modification. Request integrity supports:- Verification that the request originated from an authorized Enigm Key.
- Detection of tampered emergency event requests.
- Account-bound association checks.
- Replay-resistant validation where required.
- Lifecycle rejection for revoked or retired devices.
Encrypted Communication
Enigm Key platform communication is designed to be encrypted in transit. Encrypted communication protects emergency event transport. It does not replace device authentication, account association, request integrity, revocation, emergency contact configuration, or lawful-use boundaries.Account Association
Enigm Key is associated with a user’s Enigm account through an explicit synchronization workflow in Enigm App. Account association is intended to:- Bind the device to an authorized Enigm account.
- Allow the user to configure emergency contacts from Enigm App.
- Support device lifecycle review.
- Support revocation or replacement if the device is lost or retired.