Machine identity at pairing
Every Privitty Edge generates an OpenPGP-verified cryptographic identity on first activation, bound to that device instance permanently. No IP address. No shared credential. The machine knows who it is.
Controlled file transfer
Send PLC programs, HMI packages, and recipe files with per-object access policy: allow view, download, or forward. Set time expiry. Revoke after delivery. QUIC peer-to-peer for large files; relay fallback for signalling.
E2EE remote sessions
SSH, RDP, and VNC tunnels run over the same identity-verified, end-to-end encrypted channel. Operator-initiated only. One active tunnel per session. No inbound firewall rules on the plant VLAN, ever.
True revoke & panic
Revoking a file makes it cryptographically unreadable — wherever it is, even if already opened. The panic button withdraws all access, kills all tunnels, and logs the event. One click. Immediate. Complete.
Software only · ~20 MB
Privitty Edge is a Windows service. It installs on your existing MELIPC or Windows IoT Enterprise industrial PC. No dedicated appliance. No rack space. No procurement cycle. Deploy in hours, not months.
MES / SCADA automation hook
Privitty Edge exposes a local JSON-RPC API on localhost:7200 and SSE stream. Mitsubishi integrators and MES platforms can auto-ingest decrypted packages into a controlled directory or workflow without manual engineer intervention.
01
Device registry
Onboard and manage MELIPC / Privitty Edge units as named factory assets with location, plant, and role metadata.
03
Activity monitoring
Real-time view of pairing status, file transfers, active tunnels, and revoke events — across every site in your fleet.
04
Policy & provisioning
Assign operators to edges, set access windows, manage licenses, and trigger immediate revoke from a single dashboard action.
02
Operator registry
Provision mobile and desktop engineers by role. Assign them to specific edges. Their access is scoped at provisioning time, not at the network level.
Decentralised architecture
No central data server. No single point of breach. Built on open, decentralised infrastructure so security is embedded in every data object, not dependent on a perimeter. Deploy on-premises, your cloud, or Privitty-managed infra.
Controlled file transfer
Revoke sent messages and shared files at any time, even after delivery and after the recipient has opened them. Access is removed instantly across all devices. No copies. No residual access. No exceptions.
End-to-end encryption
All communication is protected with strong E2EE. Only intended recipients can read messages or access files. Privitty cannot decrypt user data. Neither can the relay. The relay is transport-only by cryptographic design.
Time-limited access
Define exactly how long messages and files remain accessible. Content automatically expires and becomes cryptographically unreadable when your policy window closes, reducing data exposure and satisfying compliance requirements automatically.
QR / invite onboarding
Users onboard instantly using a QR code or secure invite link. No phone numbers. No email addresses. No identity leakage. Cryptographic identity is established at pairing, not through a central identity directory.
Drop-in integration
The SDK embeds directly into your existing application — ERP, MES, SCADA interface, field service app. No forklift upgrade. No separate communication product for your users to install. Your app, Privitty's security layer.
Decentralised architecture
No central server. No single point of breach. Security is embedded in every data object, not dependent on a perimeter. Deploy on-premises or use Privitty-managed infrastructure, your choice, your control.
True message revoke
Revoke any sent message or shared file, even after delivery, even after it's been opened. Access withdrawn instantly across all recipient devices. Real-time key withdrawal. Zero trace on servers.
Per-file access control
Every file shared carries its own access policy: view only, no forward, time-bound. A CAD file, KYC document, or patient record becomes cryptographically unreadable when your policy window closes, not deleted, unreadable.
Every platform, same security
Android, iOS, Windows, macOS, and Linux, a consistent secure experience without feature fragmentation. The same E2EE, same revoke capability, same access control on every device your team uses.
No identity leakage
Users onboard with a QR code or invite link. No phone number. No email address. Cryptographic identity is established at pairing, not through a central directory that can be harvested or breached.
Enterprise sovereign deployment
Deploy with your own relay, your own Watchtower governance instance, and your identity provider. Full fleet visibility for administrators. Operator provisioning by role. Immediate revoke from the admin console.
ONE STANDARD · THREE PRODUCTS
"Machine identity. Human access.
Start with what you need."
Whether it's a factory floor, an enterprise team, or an application, Privitty gives you the identity layer your workflow is missing.
