NIST SP 800-63 · FIDO2 · eIDAS

Identity you can prove.
Access you can trust.

NIST SP 800-63 identity, FIDO2 passwordless authentication, and eIDAS e-signatures for regulated healthcare, fintech, and public-sector systems — engineered cloud-native on AWS.

100K+ Daily authentications handled
10+ yrs Hands-on IAM experience
SP 800-63 IAL / AAL / FAL conformance
eIDAS AdES / QES signatures

About

A specialist IAM consultancy for high-assurance environments

Proximasus designs, builds, and operates NIST-compliant Identity and Access Management — from identity proofing and passwordless authentication to cryptographic signatures and cloud security — for organizations where assurance is a regulatory requirement, not an afterthought. Backed by 10+ years of hands-on experience across healthcare, financial services, and the public sector.

Services

Specialized capabilities across every assurance level

NIST-Compliant IAM

End-to-end IAM aligned to NIST SP 800-63 — identity proofing (IAL), authentication (AAL), and federation (FAL) with risk-based access controls.

Passwordless & FIDO2

Phishing-resistant, AAL3-capable authentication with FIDO2 security keys, passkeys (WebAuthn), and platform authenticators — Touch ID, Face ID, Windows Hello.

Cryptography & E-Signatures

Advanced and Qualified Electronic Signatures (AdES/QES) under eIDAS, plus PKI and certificate lifecycle management for legally binding documents.

AWS Cloud Security

Cloud-native security on AWS — Cognito, API Gateway, WAF, and Secrets Manager — with OAuth 2.0 and JWT validation for scalable, protected APIs.

Secure Application Development

Web, mobile, and desktop applications with authentication built in — OAuth 2.0 / OpenID Connect, passkeys, native biometrics, and secure token storage.

Risk Assessment & Compliance

Assurance-level determination and compliance mapping to NIST and sector regulations, with risk-based authentication strategies for high-assurance environments.

Live demo

Try passwordless authentication — right here

Register a passkey with your device — Touch ID, Windows Hello, or a FIDO2 security key — then sign in. This runs a genuine WebAuthn (FIDO2) ceremony in your browser and verifies the returned signature on-device with the Web Crypto API.

Checking browser support…

Your passkey is stored on your device. “Forget passkey” only clears this site’s copy — to remove the passkey itself, delete it in Windows Hello or your password manager.

Experience

Delivered where conformance is a regulatory necessity

Healthcare

NIST-compliant IAM for UK healthcare — IAL2+/AAL2+ assurance and qualified e-signatures for patient-consent workflows, deployed on AWS.

Mission-Critical Systems

Passwordless authentication and federation in production systems handling 100K+ daily authentications, with multi-factor authentication across AAL levels.

Full-Spectrum IAM

From FIDO2 authenticators and cryptographic signing to cloud-native API security — across sectors where NIST conformance is both a business and regulatory requirement.

Methodology

A structured path from requirements to compliant delivery

  1. 1

    Consultation

    Assess your systems, security requirements, and regulatory obligations; determine the target assurance levels.

  2. 2

    Architecture

    Design an IAM architecture that conforms to the required NIST assurance levels.

  3. 3

    Development

    Build with modern, security-first tooling — AWS, Infrastructure as Code, CI/CD, and automated compliance checks.

  4. 4

    Deployment

    Integrate, configure, and security-test the solution across your environments.

  5. 5

    Maintenance

    Ongoing support, monitoring, and updates that keep the solution compliant over time.

Contact

Let's discuss your requirements

Get in touch to talk through your identity, authentication, or compliance needs.

Address

Proximasus s.r.o.
Maše Haľamovej 4409/5
036 01 Martin
Slovakia