Compare · Trustonic
Two approaches to device security for finance and operator deployments. Trustonic operates as an integration layer over OEM-native and Google DLC substrate locks. Lockia operates a Sovereign UEM platform with its own DPC and Lockia-operated MDM. Both are valid; the architecture you choose depends on the sovereignty posture your customers require.
Kevin Fernandez
Co-Founder & CTO, Lockia Technologies
01 · Why this comparison exists
Most published comparisons between MDM vendors and Trustonic obscure the architectural reality of what each company builds. Trustonic operates in device security, and so does Lockia, but they operate at fundamentally different layers of the stack. This page is a layer-by-layer architectural comparison sourced from each vendor's own public-facing materials and from the device-management protocols Google and Apple publish.
The goal is decision support for engineers, procurement reviewers, and integration leads — not advocacy. Both architectures are valid. Both serve real customer segments. The right choice depends on the sovereignty posture, OEM coverage, and integration commitments a given deployment requires.
The article is bylined by Lockia's CTO. It is written with the obvious bias of a Lockia employee, while sticking strictly to architectural facts drawn from public sources. Where it characterizes Lockia's position, it does so as a vendor. Where it describes Trustonic, it describes what they build, not why they build it.
02 · Architecture
Competitor
Trustonic publicly describes its platform as offering customers multiple locking backends: Google's Device Lock Controller (DLC), Trustonic's own Device Policy Controller, or 1st-party OEM solutions such as Samsung's Knox platform. This positions Trustonic as an integration layer connecting financiers, carriers, and retailers to whichever underlying lock technology fits the deployment.
Trustonic is one of three certified integrators worldwide authorized to integrate Google's Device Lock Controller for smartphone locking at scale. Trustonic publicly describes itself as "an approved global partner for the Google Device Locking Program." Source: Trustonic opinion piece, January 2026, ["Why Google's New Device-Locking Rules Benefit Consumers & Businesses"](https://www.trustonic.com/opinion/why-googles-enforcement-of-stricter-controls-on-device-locking-benefits-consumers-and-businesses-alike/).
Trustonic's commercial value to customers comes from the integration layer, the OEM relationships built over a decade in the TEE space, and the Google Device Locking Program partnership. The underlying lock mechanisms in any given deployment are operated by Google (DLC), by the OEM (e.g., Samsung Knox), or by Trustonic's own DPC, depending on the customer's chosen backend.
On the iOS side, Trustonic is primarily an Android-focused company. iOS device management is not their architectural focus.
Lockia
Sovereign UEM platform · USPTO 63/940,826 · Multi-region infrastructure across the Americas, expanding globally
Lockia operates Cipher DPC — a Device Policy Controller built on the public Android Enterprise APIs that ship in every Android Enterprise–capable handset. Cipher DPC enrolls as Device Owner at first boot. The command channel is Lockia's own push transport, independent of Google services as a transport layer.
For iOS, Lockia operates Cipher MDM in your deployment region — no third-party MDM SaaS in your data path. Your Apple Business Manager tenant federates with the Lockia-operated MDM using Apple's published MDM protocol.
The hardware anchor across both platforms is Cipher Protocol, Lockia's patent-pending architecture for TEE-backed device identity and reset-resistant enforcement (USPTO provisional 63/940,826, "Bypass-Resistant Device Locking", December 2025). Cipher Protocol is independent of any specific OEM lock vendor, independent of Google DLC, and operates on any device that supports Android Enterprise Device Owner mode.
03 · Side-by-side
Each row is sourced from public vendor materials and the device-management protocols Google and Apple publish. No characterization of either vendor's business or strategy — just what each platform builds and how each platform routes data.
| Capability | Lockia | Trustonic |
|---|---|---|
| Android control mechanism | Public AOSP DevicePolicyManager APIs (Cipher DPC, Device Owner mode) + Cipher Protocol TEE attestation | Three backends per Trustonic's own marketing: Google DLC (one of three certified worldwide integrators), Trustonic's own DPC, or 1st-party OEM solutions such as Samsung Knox |
| iOS control mechanism | Lockia-operated Cipher MDM, in your deployment region, integrated with customer ABM via Apple's published MDM protocol | Not the primary focus (Android-focused company) |
| OEM dependency | No — runs on any AOSP-compliant device with public DPM APIs | Yes — depends on OEM-specific lock implementations and their respective roadmaps |
| Google service dependency | No — independent push, identity, and policy layer | Yes — Google DLC 2.0 substrate where applicable |
| Hosting model | Lockia-operated, in your deployment region — multi-region infrastructure across the Americas, expanding globally; customer-region deployment available for sovereignty-bound contracts | Trustonic-managed cloud |
| Hardware anchoring | TEE-backed key attestation, consistent across Android Enterprise devices | OEM-specific (varies by lock provider implementation) |
| Customer profile | Operators, OEMs, regulated and emerging-market enterprises | Established at ~350M devices across 36 countries; broad operator and OEM base |
| Patent position | USPTO provisional 63/940,826, "Bypass-Resistant Device Locking" (December 2025) | OEM lock providers hold the respective patents on their lock mechanisms |
| Customer data path | Lockia-operated, in your deployment region | Trustonic cloud + Google + OEM-native substrate |
04 · Sovereignty
Lockia is a Sovereign UEM platform. The sovereignty claim is specific: customer data flows through infrastructure deployed in jurisdictions and under terms the customer's procurement contracts can govern — typically a sovereign-cloud-hosted or dedicated-tenant deployment in the customer's required region. No third-party SaaS provider sits in the command path between the customer and their fleet.
Integrators whose platforms depend on OEM-specific lock mechanisms inherit roadmap risk from those OEMs. When an OEM evolves its enterprise framework, alters its TEE attestation surface, or changes its lock product strategy, integrators built atop those mechanisms must adapt on the OEM's timeline. The Google Device Locking Program partnership adds an additional roadmap-dependency on Google's certified-partner framework. Lockia's Cipher DPC, built on public AOSP DevicePolicyManager APIs, has a different exposure profile — Google has maintained AOSP DPM as a stable public contract since Android 5.
Neither posture is wrong. They serve different customer requirements. For an enterprise with no sovereignty constraint and existing deep OEM-native lock deployments (e.g., Samsung Knox), Trustonic's integration layer is genuinely valuable — it abstracts the underlying OEM lock differences behind a single API surface. For an enterprise with sovereignty requirements, multi-OEM fleet heterogeneity, or contractual constraints on third-party SaaS in the data path, Lockia's independent architecture is the only viable answer.
05 · When Trustonic is the right answer
Trustonic's commercial value is well-established in specific deployment patterns. We name them here because the comparison is unhelpful if it does not acknowledge where the competitor wins.
06 · When Lockia is the right answer
Lockia is the right choice when the customer requirements include sovereignty, broad OEM coverage, or unified Android and Apple device management under a single control plane.
Next Step
If your evaluation has reached the architectural-comparison stage, the most useful next step is a technical call with Lockia's engineering team. We will walk through your specific OEM portfolio, your sovereignty constraints, and how Lockia's architecture maps to the procurement contract your buyer is signing.
Trustonic is a registered trademark of Trustonic Limited. Samsung Knox is a trademark of Samsung Electronics Co., Ltd. Google and Google Device Lock Controller are trademarks of Google LLC. This comparison reflects publicly available information published by each company about its own architecture, and is provided for evaluation purposes only.