LoRaWAN offers end-to-end security, at both network and application level:

• Authentication: each device is authenticated when it joins the network. This certifies that the network traffic has not been altered and can only come from a legitimate device authorised to join an authentic network, is not intelligible to a spy, and has not been recorded and replayed by a malicious actor. LoRaWAN uses a 128-bit Network Session Key for authentication.

• Data confidentiality: LoRaWAN is one of the only IoT networks to implement end-to-end encryption of user data exchanged between terminal devices and application servers, using a 128-bit Application Session Key. Guaranteeing this end-to-end security is why APB pre-provisioning has been replaced with OTAA (over-the-air-authentication), enabling dynamic and reliable authentication of objects via the Join Server.