HID DigitalPersona (formerly Crossmatch) provides a comprehensive multi-factor authentication solution. The vendor’s value proposition is that their solution frees users from cumbersome login activities while making it easy for an IT Team to secure access to their networks, data and applications.
$3.75
per user per month
SecurID
Score 9.0 out of 10
N/A
SecurID, a company and solution suite from RSA, is an identity and access management suite supporting access management, authentication, and identity governance.
After evaluating several solutions we chose HID DigitalPersona because it is an extensible platform and an initial roll-out was extremely successful, proving that it could have the widest adoption. Using HID DigitalPersona, our company was able to streamline password management …
HID DigitalPersona and RSA SecurID Suite are both user authentication and identification products. Both software allow for multifactor authentication, including physical and biometric identification methods.
RSA SecurID Suite may be more scaled for enterprises, based on greater flexibility to integrate with a larger range of cloud applications. HID DigitalPersona may provide more functionality for midsize and large businesses with its deep integration with Active Directory environments and cross-application password management.
Features
HID DigitalPersona and RSA SecurID Suite both provide multifactor authentication capabilities for businesses. However, they each have unique specializations that standout.
HID DigitalPersona deploys on Windows Active Directory. This functionality enables simple password management across applications and networks. It also provides effective biometric authentication, such as fingerprint recognition.
RSA SecurID stands out for its support for remote authentication and access. RSA enables remote access through convenient end-user setup and heavy investment in integration with cloud-based applications.
Limitations
Both products have distinct strengths, but they also come with some weaknesses.
HID DigitalPersona users have struggled with the implementation process, particularly in certain network environments or browsers. Post-implementation, some users have not received sufficient support from the vendor when troubleshooting or scaling up their deployment.
RSA SecurID users have experienced some problems with mobile device authentication, both from administrative and end-user experiences. The biometric authentication has also been lacking for some users.
Pricing
HID DigitalPersona is priced separately for the software and the hardware for biometric authentication. The hardware can range from $50-100 per reader, and the software’s pricing is available by quote from the vendor.
RSA SecurID offers some features, such as multifactor authentication, in a free trial for new users. Hard tokens are frequently priced between $1-2 per month. Other authentication tokens and software pricing is available by quote from the vendor.
Features
HID DigitalPersona
SecurID
Identity Management
Comparison of Identity Management features of Product A and Product B
During the onboarding process, remote workers can enroll their fingerprints or create secure PINs. This eliminates the need for complicated passwords and enables them to safely access company resources and critical apps from remote locations. HID DigitalPersona's robust authentication techniques and access control features can assist you in adhering to data security laws.
Easy to implement and support. Flexible platforms and user-friendly interface. Not a lot of customization is available to customers and response time of support could be better. There are now competing products that utilize new features like facial recognition. Using camera and fingerprint sensors are becoming standard in smartphones so RSA SecureID should offer those as options.
Speeding up the login process with fingerprint in PIN rather than having to remember a long password. Our IT department has seen a huge decrease in the amount of account lockout and forgot password calls.
It is highly customizable to meet the needs of remote or on-premises workers. It is all configurable through group policy, so it is very easy to set specific requirements on certain groups.
Setup was quick and the administration guides are very easy to follow if you need to go back in and adjust things.
I find that sometimes I have had to delete a users fingerprints and re-add them. There must be something going on where the software believes that the user has changed their fingerprints.
I have on occasion come across a person where the reader was unable to create fingerprints for that user. It would be interesting to see if the sensitivity of the 4500 reader could be improved on.
I find that using the DigitalPersona software makes the users ultimately forget their passwords. Maybe every once in a while the software could require the user to type in their Windows password to help them remember it.
Slow to provide updates to latest operating system versions.
While the GUI is clean and easy to use, it does look very dated.
There is not an option for a temporary code to log in. It would be nice for situations where you are at a remote site but don't have your device (laptop, phone, etc.) with you, as well as other situations.
It is wonderful for multifactor authentication and gives us many options for what we use to authenticate. All of our users use it and it is engrained into our group policies and people would be very disappointed if it went away.
Long story short, does the job. Can use company credentials to setup and access the account for SecurID. Easy to setup and implement. Doesn't have a high learning curve.
I think there are still fundamental enhancements needed to be added to the management consoles and I think there ought to be a Centralized, Windows Based "Thick" Management Application instead of individual utilities which vary from MMCs, Scripts, Wizards, etc.
Using it very frequently, it's important that its straight forward and I do not have to go through unnecessary hoops to achieve something seemingly simple. Can setup using the company credentials and do not have to setup up a separate account. Setup was fast and easy. GUI is very straight forward and quick.
Extremely poor; I've never encountered such. Professional Services completely dropped us for months. Crossmatch tech support seems like it has 3 techs tops! No response to emails, calls, the absolute worst! I will never recommend DP to anyone.
Their support for onboarding and set-up is quite good. The only issues we tend to have are obtaining new user devices. These need to be planned ahead of time.
Could use tools to audit license usage at a more granular level as to allow an administrator to free up licenses from users whom seldom use their biometrics to login.
We have used One Identity for software tokens. The Defender software tokens were originally included with our bundle and work pretty well for integration into the AnyConnect VPN client with Cisco. All that said, we use the two products for different applications and DP does what it does very well.
Overall MS AAD is good but we have had a few too many reliability issues with the product that have lead to enterprise authentication outages over the last year. The Senior executives have a preference on Securid to be more reliable than MS AAD. SecurID does a better job in Integration for legacy on-premise applications for instance.
I'm happy to say I'm not involved in budgeting or finance, but the financial benefits are easy to state: Less helpdesk time - helpdesk staff don't have to spend time resetting people's passwords.
Users don't have to wait for Helpdesk to get around to helping them log in.
Implementing RSA SecurID has allowed us to help our clients understand we are committed to compliance.
Implementing RSA SedcurID has, however, negatively impacted employee productivity. Employees need to be aware of the additional steps they need to take to authenticate to a protected system.
RSA SecurID has helped us with our compliance audits.
