diff --git a/src/cmd.c b/src/cmd.c
index fd960e1..2ff3680 100644
--- a/src/cmd.c
+++ b/src/cmd.c
@@ -489,11 +489,21 @@ static void set_appskey(atci_param_t *param)
 
 static void get_appkey(void)
 {
-    atci_print("+OK=");
-    atci_print_buffer_as_hex(find_key(APP_KEY), SE_KEY_SIZE);
-    EOL();
+    if ( sysconf.appkey_readable ) {
+        atci_print("+OK=");
+        atci_print_buffer_as_hex(find_key(APP_KEY), SE_KEY_SIZE);
+        EOL();        
+    } else {
+        abort(ERR_UNSUPPORTED);
+    }
 }
 
+static void protect_appkey(atci_param_t *param) 
+{
+    sysconf.appkey_readable = 0;
+    sysconf_modified = true;
+    OK_();
+}
 
 static void set_appkey_10(atci_param_t *param)
 {
@@ -2147,6 +2157,7 @@ static const atci_command_t cmds[] = {
     {"$CW",          cw,      NULL,             NULL,             NULL, "Start continuous carrier wave transmission"},
     {"$CM",          cm,      NULL,             NULL,             NULL, "Start continuous modulated FSK transmission"},
     {"$NVM",         NULL,    set_nvm,          NULL,             NULL, "Store / Read data from Non Volatile Memory"},
+    {"$APKACCESS",   protect_appkey, NULL,      NULL,             NULL, "Protect AppKey against read access"},
     ATCI_COMMAND_CLAC,
     ATCI_COMMAND_HELP};
 
diff --git a/src/nvm.c b/src/nvm.c
index 90f4d11..e77bc1b 100644
--- a/src/nvm.c
+++ b/src/nvm.c
@@ -85,7 +85,8 @@ sysconf_t sysconf = {
     .sleep = 1,
     .device_class = CLASS_A,
     .unconfirmed_retransmissions = 1,
-    .confirmed_retransmissions = 8
+    .confirmed_retransmissions = 8,
+    .appkey_readable = 1
 };
 
 bool sysconf_modified;
diff --git a/src/nvm.h b/src/nvm.h
index 0f42e87..d481b77 100644
--- a/src/nvm.h
+++ b/src/nvm.h
@@ -53,6 +53,11 @@ typedef struct sysconf
      */
     uint8_t confirmed_retransmissions;
 
+    /* This is allowing to read the appKey from the serial line of not
+     * once set to false (0) it will not be possible to retrieve the appKey
+     */
+    uint8_t appkey_readable:1;
+
     uint32_t crc32;
 } sysconf_t;