BIIM Support     Overview Installation Using the BIIM MFA Authentication - TPM - Biometrics - SmartCards / Tokens Windows Client Logon Single Sign On Secure eWallet Document Manager Managing My Identity BioCert BIIM Settings AD & LDAP Integration

BioCert® Intelligent Identity Manager Support

Help Documentation for the BioCert BIIM.

Getting Started

BioCert® Intelligent Identity Manager improves system security and productivity by consolidating user passwords and network accounts within a single data unit called User Identity. Strong Multifactor Authentication and encryption protect User Identity and allow secure and convenient access to registered applications after logon to the BioCert® Identity.

Users have full control over their user identities from BioCert® Intelligent Identity Manager.

The following major topic sections are provided to get you started with BioCert® Intelligent Identity Manager:

• Product Installation
• Using BioCert® Identity
• Multifactor Authentication
• Windows XP Client Logon
• Single Sign On for Applications, Websites and Terminal Emulators
• Secure e-Wallet for eCommerce Transactions
• Document Manager
• Managing My Identity
• BioCert® Identity Settings

Overview

BioCert® Identity is designed to provide a secure and convenient computing environment. A user can consolidate all passwords and network accounts into a single data unit called User Identity. Security and privacy are strictly enforced with BioCert® Identity, so all private data is available only to its owner. User identity is always encrypted and can be protected with Multifactor Authentication

BioCert® Identity enhances user convenience and productivity with Single Sign On (SSO) functionality. SSO can store user names and passwords for an unlimited number of applications and automatically submits them when required. With SSO the user no longer needs to remember the growing number of passwords for Internet and Windows applications.

BioCert® Identity increases system security through the use of Multifactor Authentication Policy. Multifactor authentication policies define authentication methods and credentials that are required to log on to the system and BioCert® Identity. Authentication methods include password, TPM password, fingerprint, smart card, or virtual token. Policy can force single or multiple authentication methods or can let the user select from a defined list of authentication methods.

Multifactor Authentication

BioCert® Identity increases system security through the use of Multifactor Authentication Policy. A system administrator can assign multifactor authentication policies to other users and administrators. Multifactor authentication policies define authentication methods and credentials that are required to log on to the system and BioCert® Identity.

The following authentication methods are supported in multifactor authentication functionality:

• Password
• Fingerprint
• TPM
• Smart card
• USB token
• Virtual token

System Administrators may configure multifactor authentication policy using any combination of supported authentication methods or select one of predefined authentication policies in BioCert® Identity. BioCert® Identity also provides the possibility for multiple user access privileges for the same application or service.

Services and Applications

BioCert® Identity features meet customer needs in many fields. Based on the levels of access granted by the administrator, the user could access many protected network resources.

The following services and applications are supported:

Windows Logon

BioCert® Identity Logon enables multifactor authentication technology to log on to the Windows operating system. This raises the security of the standard Windows password logon by requiring strong multifactor authentication. This also enhances the convenience of the everyday logon experience by eliminating the need to remember user passwords. A unique feature of BioCert® Identity Logon is its ability to aggregate multiple account credentials into one user identity, which allows the use of Multifactor authentication only once and multiple access to different Windows accounts with the same set of credentials.

Single Sign On

In any client/server relationship, Single Sign On (SSO) is a session/user authentication process that permits a user to enter one name and password or other authentication method in order to access multiple applications. SSO automates access to applications and services by recording, protecting, and properly releasing user credentials (such as account names and passwords) to applications, which supports automation of Web and Windows applications. SSO is an adaptive learning technology that automatically detects applications requesting user logon and records user names and passwords while the user types the logon credentials. The adaptive learning feature of the SSO engine allows for automatic recognition of logon dialogs and dialog boxes, providing a transparent and unobtrusive application registration process.

Smart Cards and Tokens

Smart Cards and Tokens service allows the use of smart cards and tokens as authentication devices. With this service, the system supports Identity Backup and Identity Restore operations using smart cards and tokens as identity storage devices.

e-Wallet

 e-Wallet service is designed to provide convenience and security to online transactions. The e-Wallet conveniently stores all of the required information for an online purchase and allows the data submission when "check out" page in Web browser is detected.