Ambisecure Fido Validation Server
AmbiSecure’s Fido Validation server is a solution enabling multi-factor authentication. It enables an enterprise to securely and seamlessly authenticate its users without hassle of recalling or typing passwords. The server manages the user’s key and verifies the signed transactions of the end users’ device. It’s a security guaranteed process, the fact that the server does not hold on to the client’s private key. The underlying protocols are governed by standards published by the FIDO Alliance.
Features:-
Privacy
AmbiSecure uses FIDO protocols that are designed to protect user privacy. As per the protocols, information cannot be collaborated from different online services to avoid tracking of users. Biometric information doesn’t leave the devices.
Scalability
AmbiSecure can be easily enabled on websites using a simple JavaScript API that supports the leading browsers and platforms on devices daily used by the consumers
Security
AmbiSecure uses cryptographic keys which are unique at every website to avoid password attacks and theft. The login credentials never leave the users device and aren’t even stored on the server to eliminate the risk of phishing.
Convenience
Simple and user-friendly techniques like finger-print readers, cards, cameras (face recognition) or voice recognition using the built-in tools in our smartphones can also be used by the users to unlock securely. The communication channel most suitable to the user; Wireless Technology, NFC or USB; can be used.
Applet
FIDO
The AmbiSecure FIDO product is a hardware authentication solution that is FIDO Alliance certified. It helps organizations accelerate to a password-less future by providing support for the FIDO2 protocol.
Secure Authentication. Clear Billing. Full Control.
Passwords are one of the biggest security risks for modern businesses. Phishing
attacks, leaked credentials, OTP fraud, and account takeovers cause financial
loss and erode user trust.
AmbiSecure FIDO Validation Server is a FIDO-based passwordless authentication platform
designed for enterprises that demand strong security, a seamless user
experience, and fully controlled, transparent billing.
How AmbiSecure FIDO Validation Server Is Used by Companies
AmbiSecure FIDO Validation Server is built as a B2B authentication service. Companies
integrate it into their websites or applications, while end users experience
secure, passwordless login without added complexity.
Company Onboarding & Subscription
1. Company Creation
When a company subscribes to AmbiSecure FIDO Validation Server:
- A unique API Key is generated
- A subscription plan (Basic, Plus, or Pro) is selected
- Monthly authentication tokens are allocated
- Billing cycle start and end dates are defined
The service is fully billing-controlled from day one.
API Key & Integration
What Is the API Key?
The API key securely identifies which company is making authentication requests
to AmbiSecure FIDO Validation Server.
Who Receives the API Key?
- ✅ Company’s developer or IT team
- ❌ Never shared with end users
How the API Key Is Used
The API key is added to server-side code when calling AmbiSecure FIDO Validation Server authentication
APIs.
fetch("https://api.ambisecure.ambimat.com/auth/login/start", {
method: "POST",
headers: {
"Content-Type": "application/json",
"x-api-key": "YOUR_COMPANY_API_KEY"
},
body: JSON.stringify({
username: "user@example.com"
})
});
Security Note:
API keys must always be stored securely on the server and should never be
exposed in frontend code or public files.
End User Authentication Flow
Passwordless User Login
Once integrated, end users authenticate using FIDO standards such as:
- Fingerprint
- Face ID
- Device or hardware security keys
No passwords. No OTPs. No recovery risks.
Token-Based Usage Model
AmbiSecure FIDO Validation Server follows a transparent, usage-based billing system.
How Tokens Work
- Each successful user login consumes 1 token
- Tokens represent real authentication usage
- Non-authentication actions do not consume tokens
This ensures companies pay only for actual login activity.
Subscription Plans
Each subscription plan includes detailed features listed here:
Token Exhaustion Handling
If a company consumes all monthly tokens:
{
"error": "TOKENS_EXHAUSTED"
}
- Authentication requests are temporarily blocked
- Users cannot log in
- Access is restored immediately after tokens are added or the plan is upgraded
Billing Lifecycle, Grace Period & Suspension
Billing Cycle
Each subscription operates within a defined billing cycle with clear start and
end dates.
Grace Period
If payment is not completed by the billing end date, a grace period is applied
to prevent immediate service disruption.
Suspension
{
"error": "PAYMENT_REQUIRED",
"status": 402
}
- Login is blocked
- Authentication APIs are disabled
- Service resumes automatically after payment confirmation
No manual intervention is required.
Payment & Auto-Restore
Once payment is completed:
- Subscription status becomes ACTIVE
- Tokens are unlocked or reset
- A new billing cycle begins
- All authentication services resume automatically
Client Admin Panel (Company Side)
Each company receives access to an Admin Panel where they can:
- View total, used, and remaining tokens
- Monitor billing start and end dates
- Track grace period status and alerts
- View and download invoices
- Upgrade subscription plans
- Complete payments
- Track authentication usage in real time
Everything is updated in real time, giving companies full operational visibility.
Security & Business Benefits
Why Use FIDO Authentication?
- No passwords stored or transmitted
- Resistant to phishing and credential theft
- Built on industry-approved FIDO standards
Business Advantages
- Predictable, usage-based billing
- Automated access control
- Transparent invoicing
- Enterprise-ready scalability
Why Companies Choose AmbiSecure FIDO Validation Server
- Passwordless user experience
- Enterprise-grade security
- Clear and fair billing model
- Automatic grace and suspension handling
- Easy integration with existing systems
Download Ambisecure Fido validation server Brochure