HID® ActivID™ Authentication Server
Versatile multi-factor authentication
Secure Authentication Server
HID Global’s ActivID Authentication Server is used by governments, enterprises and banks worldwide to secure access to critical infrastructures, so organizations can stay ahead of an ever-changing threat landscape, without disrupting user workflow and productivity. The solution helps achieve compliance with updated FFIEC guidance, PCI DSS, as well as other mandates, policies and guidelines related to online commerce and banking.
The solution is ideal for:
- Medium to large organizations deploying a single enterprise-wide, multi-factor authentication platform.
- Providers of multi-tenant authentication and/or cloud-based services, enabling different user communities and/or lines of business on a single platform.
- Governments, banks and healthcare providers securing access to online services for citizens, customers and patients.
- Organizations seeking to reduce costs by deploying a single platform that enables users to connect securely from any location, at any time, via their preferred device.
The ActivID Authentication Server supports multi-factor authentication with all leading mobile phones and tablets and provides a flexible platform that can grow with the authentication needs of any business. It also supports HID Approve™, a push-notification based multi-factor authentication solution that delivers a simple and secure way for you to validate transactions and authenticate. Additionally, the HID Risk Management Solution is a threat and fraud detection solution that can enhance the functionality of the ActivID Authentication Server. Based on data analytics, it protects against traditional, as well as modern, threats targeting online and mobile banking, transaction systems and sensitive applications.
The solution’s templates and easy-to-define policies simplify user authentication and enable organizations to deploy a flexible authentication solution tailored to their unique requirements.
ActivID Authentication Server
The ActivID Authentication Server is a leading choice for large scale deployments. Its unique multi-tenant architecture enables it to support different user communities and/or lines of business on a single platform.
Versatile: Supports a full range of multi-factor authentication methods including mobile push authentication with HID Approve, biometry (fingerprint and face recognition), hardware and software based One Time Password (OTP) tokens, PKI credentials, out-of-band (SMS or email) codes, and static credentials such as passwords, PINs and questions and answers.
- Provides convenient mobile-based, out-of-band transaction verification, leveraging the mobile device push notification capabilities of HID Approve.
- Supports genuine HID credentials including: ActivID OTP Tokens, ActivID ActivKey™ SIM, Crescendo® cards and pivCLASS® cards.
- Offers seamless integration with HID Risk Management Solution enabling adaptive step-up authentication and account take-over protection.
- Supports third-party tokens compliant with the OATH and FIDO.
- Validates generated transaction signatures using OATH OCRA, EMV CAP, ActivID SKI and PKI credentials.
- Delivers out-of-band authentication via SMS One-Time Passcodes or email ensuring secure connectivity when other methods are not available.
Configurable: Supports different policies by authentication method, user group and access channel. Integrates a rule engine for adaptive authentication and an authorization module for enhanced access control.
Interoperable: Native support for SCIM, SAMLv2, OpenID Connect / OAuth2, proprietary web service-based API, and RADIUS.
Secure: Uses FIPS-140-2 (Common Criteria) certified Hardware Security Modules (HSM) for encryption of data at rest and when signing all audit logs.
Scalable: Designed for deployment in a highly available, high throughput infrastructure.