New HSM On-Premise solution lets banks, sovereign funds, and institutions keep private keys on their own premises
Wednesday, March 25th, PARIS, France — Ledger, the global leader in digital asset security for individuals and institutions, today announced Ledger Enterprise HSM On-Premise.
Banks, sovereign wealth funds, regulated custodians, and stablecoin issuers have struggled to adopt digital asset infrastructure because providers could not guarantee keys never left their walls. For institutions responsible for safeguarding sovereign assets and regulated financial infrastructure, that level of control is non-negotiable: they cannot put their keys in someone else’s cloud. Ledger Enterprise On-Premise eliminates this barrier. It ensures your keys are generated offline and secured within certified, physical hardware deployed in your facility, giving you unbreakable data sovereignty and immediate regulatory peace of mind.
HSM On-premise is an enterprise digital asset solution that lets institutions keep their private cryptographic keys on their own hardware, in their own data center or facility, and under their own jurisdiction. Phase One is on track to be completed by the end of May 2026, with client integrations beginning in June.
Your Keys, Your Hardware, Your Facility.
Ledger Enterprise separates your most sensitive assets from the daily operations. You maintain direct, physical control over the signing layer where your private keys are generated and used—inside your own data center. Ledger manages everything else, including API connectivity, blockchain integration, and platform updates, meaning you get full data sovereignty without the operational burden of running complex nodes on-premise.
For uncompromising security, every transaction is locked down with hardware-enforced verification. Operators use a personal Ledger security device (Ledger Stax) to visually confirm the exact destination and amount before approval. This crucial step prevents both external manipulation (hacks) and internal mistakes (operational errors).
“We’ve been in conversations with some of the most significant financial institutions in the world, and the discussion consistently reaches the same point: We cannot put our keys in someone else’s cloud,” said Sebastien Badault, Executive Vice President of Enterprise at Ledger. “HSM On-Premise was built to meet that demand, enabling institutions to deploy enterprise-grade digital asset infrastructure with their keys in their own hardware, in their own facility, and under their own jurisdiction, while also benefiting from Ledger’s broader platform capabilities.”
Hardware Beats Software. Full Stop.
For thirty years, software has been the default security layer for our digital lives. That era is ending. As AI dramatically accelerates the discovery of software vulnerabilities and cyberattacks operate at machine speed, institutions are being forced to reassess security models that rely solely on software defenses. Many custody platforms rely on multi-party computation (MPC), which distributes keys across vulnerable software and cloud systems. This introduces significant compliance risks for institutions operating under mandates like Basel III and DORA. Moreover, these models are not ready for a Post-Quantum future. Ledger offers true future-proofing.
The threats facing financial institutions today operate on the same software layer as the defenses meant to stop them. In that environment, the attacker only needs to succeed once. Ledger’s solution offers unmatched physical isolation. Instead of distributing keys across software, they are stored in a physically separate, government-grade certified hardware module (FIPS 140-2 Level 3). This delivers the highest level of trust and assurance demanded by global regulators.
Ledger Enterprise HSM On-Premise is designed for institutions that require the highest levels of control over cryptographic infrastructure: banks, regulated custodians, sovereign wealth funds, central banks, and stablecoin issuers operating at a global scale.
ABOUT LEDGER
Founded in 2014, LEDGER™ is the global leader in digital asset security for individuals and institutions. Ledger Wallet™, the all-in-one crypto app, offers a complete, secure platform where users can securely buy, sell, swap, spend, and earn rewards with their crypto, secured by the iconic Ledger signers. With more than 8 million signers sold in 165+ countries and 10+ languages, Ledger is the trusted solution for individuals to exercise digital ownership, portfolio management, and control. Almost 30% of BTC and more than 30% of Dollar stablecoins held by retail investors is secured by Ledger.
Ledger is secure by design. Its world-renowned white-hat security team, Ledger Donjon, is a crucial resource for securing the entire digital asset space. With billions lost yearly to hacks, scams, and mismanagement, Ledger’s uncompromising security brings peace of mind and true control over their assets to its community.
Don’t buy “a hardware wallet.” Use the Ledger Wallet app with your Ledger signer.
LEDGER™, LEDGER WALLET™, LEDGER RECOVER™, LEDGER STAX™, LEDGER FLEX™ and LEDGER NANO™ are trademarks owned by Ledger SAS
*Crypto transaction services are provided by third-party service providers. Ledger provides no advice or recommendations to use any of these third-party services. Rewards are not guaranteed.
