Security FAQs

Is it secure?

The AmbiSecure Card as well as the AmbiSecure key is certified by the FIDO Alliance for FIDO U2F as well as the FIDO2.0 standards. The FIDO specifications defines the gold standard of security for MFA.

Where can I use it?

One can use it on any Windows laptop along with an NFC card reader, a iPhone which is later than iPhone 8, any Android device which supports NFC.

What if it’s lost or stolen?

We suggest the user to always have another security factor enabled on their account in case the key or the card gets misplaced. We offer a card pair so that you will always have one more card which will help you get access to your account (if you have configured both of them)

Is it waterproof and durable?

Yes, the key and the card are waterproof and highly durable. The hardware chips are designed to resist physical attacks like brute force to extract sensitive information stored in the chipset.

How do I get started?

Please go to this link’ to connect with us and order your AmbiSecure card. For International customers the cards will be Ex-Works Ahmedabad. Hence we request you to share your preferred freight forwarder account number to ship the cards or keys over to you.

How does it keep my information from getting hacked?

Once you have registered the AmbiSecure card or key with your account, no one can log in to your account without the key or the card. They need your password as well as the key or card for second factor authentication. Hence the chances of your information getting hacked slim to none.

How is it better than other tokens?

AmbiSecure provides an end to end solution. This includes the authenticator as well as the backend FIDO server. Hence we are a one stop solution to not just tokens but for the entire system as a whole. This also makes our solution infinitely scalable and deployable in any on-premise or cloud server infrastructure.
One doesn’t need to use any separate hardware. As a part of a corporate everyone is mandated to carry an employee ID card. AmbiSecure makes this very card FIDO compliant using their certified FIDO technology.

Our cost is also within range for a corporate to do a complete mass roll out and yet not bother about the budget.

Last but not the least we provide custom white labelling of the card to get your logo on the card for a minimum order.

What about government backdoors?

Our FIDO Validation server is only an authentication server. This server doesn’t store any passwords or personal information. The only information that is stored is what is necessary to recognize the device that next time you log in.

How is it better than using sms codes/two step verification?

Modern hackers are sophisticated, but much of the technology to ward them off is not. OTP are no longer considered secure as they’re heavily attacked in recent years.

The two foundations on which OTP over SMS is built — cellular networks and mobile handsets — were completely different when the method is introduced. Security depends on the confidentiality of text messages and the network’s security, neither of which can be guaranteed. Hackers have created specialized Trojans to get around OTP over SMS security. These trojans hijack mobile phones.
OTP Requires a reliable cell phone signal and battery life.
May result in occasional SMS delivery failures
The use of 3rd Party Messaging providers often incurs a per text charge.

Why is a security key or card more secure than an authenticator app?

An authenticator app lives on your phone and generates a time-based numerical code. It is a better second factor than text messaging, but not as good as a security key or card. An attacker can easily trick you into entering your password and an authenticator code into a website they control. Further, they can get into your email account very easily. This is not the case if you log in using a security key or card.