MIFARE Classic, DESFire, iCLASS, SEOS, and Prox cards let organizations transition to passwordless authentication
HID has announced a new integration with Microsoft Entra ID that enables organizations to use their existing physical access cards for multi-factor authentication (MFA) to Entra ID and Microsoft 365.
Microsoft mandates MFA for certain user categories, and now organizations can utilize their physical access cards as the MFA token. Employees use the ID they already carry to access both physical and digital resources, making the transition to passwordless authentication smoother, faster, and more cost effective.
Microsoft Entra ID – formerly known as Azure Active Directory – is the company’s cloud-based identity and access management (IAM) solution. It provides secure access to external resources like Microsoft 365, Azure services, external SaaS applications, and on-prem resources on corporate networks.
Entra ID’s External Authentication Method (EAM) allows organizations to use third-party MFA solutions with Entra ID. With EAM, businesses can choose their preferred authentication method.
HID's Authentication Service lets organizations to take advantage of their existing physical access cards that support open standards like ISO 14443A.
“HID’s integration offers flexibility with its many authenticator choices and the convenience of using existing physical cards to access both facilities and digital resources as an MFA factor,” says Eleanor Falla, Senior Product Manager for Microsoft Security.
HID’s cloud-based Authentication Service lets organizations meet Microsoft’s MFA requirements. It provides passwordless MFA to deter phishing and other attacks, supporting both cloud and on-premise deployments via a range of authentication methods including FIDO Passkeys, smart cards, biometrics, and OTP tokens.
An HID spokesperson told CampusIDNews, “Microsoft created the opportunity to enable integration to Entra ID EAM for organizations that aren’t yet ready to implement a full passwordless journey. HID did an integration with the Authentication Service that now empowers organizations to take advantage of their existing physical access cards that support open standards like ISO 14443A CSN (MIFARE Classic, MIFARE DESFire EV1-3, iCLASS, SEOS, Prox). This is not limited to cards provided by HID. The big value add in this case is that organizations can be enabled from day one with MFA without having to distribute new cards or devices for their users to carry.”
If an organization is ready to go passwordless for their full workforce, there is no need for the EAM integration. It can be done using passkeys or certificate-based authentication which are available as part of the HID’s Crescendo card or key product lines.
Key highlights of HID’s Authentication Service include:
According to a company release, HID’s integration with Microsoft Entra ID is part of a broader effort to drive the adoption of phishing-resistant, passwordless authentication. The collaboration supports enterprises at every stage of their journey to eliminate passwords.
“If an organization is ready to go passwordless for their full workforce or part of their workforce, there is no need for the EAM integration to access Entra ID applications,” the HID spokesperson told CampusIDNews. “That can be done as a primary authentication factor with passkeys or certificate-based authentication which are available as part of the HID’s Crescendo card or key product lines.”