HID DigitalPersona - bolstering security with multi-factor authentication
My daily ogin process is made easier by HID DigitalPersona in a safe and practical way. I can quickly scan my fingerprint to gain access …
Starting at $3.75 per user per month
View PricingOverview
What is HID DigitalPersona?
HID DigitalPersona (formerly Crossmatch) provides a comprehensive multi-factor authentication solution. The vendor’s value proposition is that their solution frees users from cumbersome login activities while making it easy for an IT Team to secure access to their networks, data and…
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
- HID DigitalPersona offers multi-factor authentication which goes beyond the conventional username and password logins. By requiring user to provide a ...
- It is essential to store fingerprint biometric data securely. A security risk could arise fro any possible flaws in the encryption and storage of this...
Pricing
HID DigitalPersona
$3.75
On Premise
per user per month
Entry-level set up fee?
- Setup fee required
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Product Details
- About
- Competitors
- Tech Details
- Downloadables
- FAQs
What is HID DigitalPersona?
The HID DigitalPersona multi-factor authentication software offers a new way to provide authentication services to users. Whereas traditional 2FA/MFA solutions are stuck on “what you have/what you know”, DigitalPersona leverages an array of authentication methods to access public and corporate network resources. Enterprise users can gain access to their cloud applications, such as Microsoft 365, VPNs, corporate networks, Windows desktops, and Citrix applications . Consumers can confirm their identity and authenticate transactions.
Balancing security and usability, HID DigitalPersona boasts one of the widest arrays of authentication factors in the industry. This includes one-time passwords, mobile-based push, smartcards, security keys, risk- and context-based methods, and biometrics, such as fingerprint, face, and behavioral keystroke.
HID DigitalPersona Competitors
- The Okta Identity Cloud
- Imprivata OneSign
- Idaptive Next-Gen Access (formerly Centrify)
HID DigitalPersona Technical Details
| Deployment Types | On-premise |
|---|---|
| Operating Systems | Windows |
| Mobile Application | Apple iOS, Android, Windows Phone |
| Supported Countries | Most Countries except companies included in US Embargo |
HID DigitalPersona Downloadables
Frequently Asked Questions
HID DigitalPersona (formerly Crossmatch) provides a comprehensive multi-factor authentication solution. The vendor’s value proposition is that their solution frees users from cumbersome login activities while making it easy for an IT Team to secure access to their networks, data and applications.
The Okta Identity Cloud and Imprivata OneSign are common alternatives for HID DigitalPersona.
Reviewers rate Usability and Support Rating and Implementation Rating highest, with a score of 9.
The most common users of HID DigitalPersona are from Mid-sized Companies (51-1,000 employees).
Comparisons
Compare with
Reviews and Ratings
(177)Attribute Ratings
Reviews
(1-5 of 5)Companies can't remove reviews or game the system. Here's why
February 20, 2024
Easy Biometric Secure Login
We are using HID DigitalPersona primarily for multifactor domain authentication on workstations across our entire organization and are using it a little bit for password management. With this, it allows very quick access to our desktops without compromising the complexity of our passwords. It also cuts down on the IT department constantly having to reset forgotten Active Directory passwords and saves time when it comes to resetting their own forgotten passwords to websites and applications.
- Extremely good at domain authentication
- Extremely good at security
- Great at multifactor authentication
- Biometric authentication
- Password manager; credentials for websites must be set in IE, not Chrome or Firefox
- Nothing can be done about it, but you must understand Active Directory and Group Policy to use this product
- It is a little difficult to contact tech support but once you do, they are very good
- It couldn't calculate the ROI but certainly makes logins (domain and otherwise) MUCH faster while still allowing for complex passwords.
- Keeps IT department from constantly having to reset forgotten passwords.
- Not sure how to get a good metric on actual ROI but it does exist.
We haven't taken advantage of all HID DigitalPersona has to offer. We are looking forward to exploring other things we can take advantage of.
We use HID DigitalPersona to log into our Active directory accounts and even a shared Kiosk account. Even when logging into the shared account, the credentials of the persona accessing that account are logged. It has very flexible multifactor authentication. It has a very extensive list of authentication methods you can use (fingerprint, face, smart card, pin, OTP, etc.).
We use HID DigitalPersona password manager to log into our accounting and utility billing software if that is what is being asked. It is just password substitution, though. It just makes access easier, not necessarily more secure. We also use the password manager via biometric login to access our bank accounts and such.
Not using MS Azure AD other than for MS Office login, not using HID DigitalPersona for this other than for a simple password manager.
I haven't tried any other vendors.
16
Everywhere from upper management all the way down to our field crews.
1
General computer skills and familiarity with Active Directory Group Policy.
- Multifactor authentication
- Password managment
- Many multifactor options (face, fingerprint, PIN, etc)
- We just use it as designed. No innovation.
- Would like to be able to use it to log into local, non-web based apps
No
- Ease of Use
Needed to move to multifator authentication and very strong passwords, but wanted to make it as easy and smooth as possible for our end users.
Probably wouldn't change a thing. Digital Persona is a good fit for us.
April 21, 2020
DigitalPersona biometrics is the future
Across the whole organization. It helps employees keep track of passwords and easy access for logging into the computer/site.
- Easy login access. No need to look for password as DigitalPersona does that for you.
- Its biometrics (finger reader).
- Password Keeper
- Safe and secure
- Ability to access more website to save passwords.
- It gets dirty fast. Since it is Biometric if fingers are dirty it won't read them.
We are able to use it for Windows logon, biometrics and single sign-on. Its great and safe. Easy to support.
Yes, our institution has benefited for Microsoft Active Directory by facilitating single sign-on for applications other than Windows.
We use the application in the Banking field. Example: Jack Henry, Online websites and VMware vSphere Client.
No
- Allows multiple users to utilize the same workstations
- Allows users to cache multiple applications passwords
- Less tickets requesting password updates
It's great with password keeping. It's secure and safe. Has different options of how you want to use it. You can use pin, finger or for keeping passwords.
50
Banking
2
Anyone can support. Not much of a task .
- Login to Network
- Login to website
- Password keeper
- login to systems quicker
April 12, 2019
DigitalPersona stands by their product and their level of support and quality of product is exceptional.
Digital Persona is used to speed up the login process for transactions processed by the application operators as well as to collect biometrics (fingerprint) for customers. In addition to that, in both (operator or applicant) processing of fingerprints, we use Digital Persona to store, match and compare fingerprints as to avoid fraud on the operator side and the applicant side.
- Digital Persona does particularly well on fingerprint matching to authenticate users' credentials via Fingerprint against Active Directory.
- Digital Persona does well on providing active directory tools for troubleshooting problematic fingeprints.
- DigitalPresona provides intuitive wizards for enrolling, re-enrolling and un-enrolling users' fingerprints from active directory.
- Digital Persona authentication process is quite fast. It takes less than 1 second from the time one captures the fingerprint to the time the user is authenticated.
- Digital Persona does not have a granular auditing method for generating reports of active users and the last time a specific user or users were last successfully authenticated or attempted to authenticate in active directory. This functionality can provide significant value to customers, especially for customers where the number of licenses ranks in the thousands. This would allow customers to revoke a license from users who do not use their fingerprint for authentication.
- Digital Persona does not have the ability to purge stale fingerprints to free up licenses that have been assigned to users who do prefer not to use their biometric login, users who have left the company or moved on to a different department. Having the ability to purge stale users' biometrics (and licenses) can potentially save customers licensing fees.
- Digital Persona does not have the ability to run reports for stored biometrics. It could potentially prove useful to be able to run reports of say 5000 users and have a breakdown of fingerprint quality spectrum. This could potentially alleviate administration overhead by identifying stored problematic low-quality fingerprints for users.
- Digital Persona should have its own GUI Based Administration Utility to have one central point of administration including identifying which accounts have not used fingerprint login as to free up unused licenses, license reporting and type of DigitalPersona Feature used.
Having multiple authentication methods provides wide versatility for the enterprise. A corporation can opt for using simply windows fingerprint logins, use API feature to capture fingerprints for applicants via web-based browser applications, use API to design custom windows applications and use API to authenticate users into the application itself as well as use the fingerprint reader to capture customer biometrics and use this to accomplish the desired software functionality.
We use several DigitalPersona features, Active Directory integration allows us to use Windows Biometric (Fingerprint) login on workstations where more restricted access is required.
We are using DigitalPersona to protect Windows based systems and in-house web-based Microsoft .NET applications. The DigitalPersona platform does extend to Unix/Linux but for our implementation requirements, we initially did not need their alternate solution but we now have a Unix/Linux implementation and having DigitalPersona's versatility paid off by allowing us to incorporate and extend the usage and close the gap between Windows & Unix Systems, allowing our applications to exchange biometric data between multiple platforms.
- For our situation, Digital Persona for processing applicants is not an option but a requirement. For the system operators DigitalPersona is also an auditing requirement and a necessity in order to automate processing of applicant transactions throughout the day.
- Digital Persona having joined forces or I should say, merged with Crossmatch has helped standardized the software engineering process for transacting applicants and authentication of operators as well as streamlined the software engineering effort required for performing fingerprint matching.
- Digital Persona has gone above and beyond in providing us customized support to allow us to tailor their software to our specific needs.
DigitalPersona initially had issues in the fingerprint quality aspect and live view functionality for capturing fingerprints. This was initially a setback when we had to use new SDKs(Drivers) for fingerprint readers we had already writing software for. Instead of DigitalPersona rewriting features and functionality already provided by Crossmatch, they started, in my opinion, from scratch and this created a delay in our software delivery process as it required hours of software engineering and testing.
Overall however, DigitalPersona's service and support at all levels, was exceptional. They stood by their product, supported us day after day and provided software engineering support every time it was requested.
4500
Unable to disclose the specifics functions due to security matters.
10
Software Engineers, System Engineers, System Administrators, Help Desk Support Engineers.
- Authenticating system operators into our management stations.
- Capturing customer biometrics for customized use.
- Application Authentication
- Fingerprint Matching
- Unable to disclose the specific methods we use the software for.
- Web Application credential biometric caching and authentication.
No
- Product Features
- Product Usability
- Product Reputation
- Prior Experience with the Product
- Vendor Reputation
- Existing Relationship with the Vendor
We purchased DigitalPersona primarily because it was the most familiar vendor and their hardware was already widely used in the technology industry.
I was quite pleased on the proof of concept and pilot phase when evaluating and selecting the vendor and hardware. Our company has had experience with Digital Persona vendor and other software and hardware vendors. Opting for going with DigitalPersona was the obvious choice as they are already an established vendor and they stand behind their hardware and software products.
- Implemented in-house
Yes
We used industry standard implementation process or our implementation, they were:
Development
QA
Integration Testing
System Testing (Stress Testing)
User Acceptance Testing
Production "Pilot"
Production Full Deployment
Change management was minimal
- We encountered typical software challenges when brewing our in-house software to interface with DigitalPersona API and Hardware.
- Driver issues which were later corrected with new driver releases tailored to address our specific problems.
Yes
Premium support is necessary as part of our ongoing customer support contract.
Yes
Understandably so, the troubleshooting spanned over a couple weeks but eventually the identified issues were resolved.
Last quarter of 2016 and we are currently working to reach out to Crossmatch again as part of a revamp to our software.
- Active Directory Authentication
- Fingerprint Enrollment
- Auditing and purging of seldomly used fingerprints
We use it as a single authentication software across the entire organization.
- DigitalPersona provides fast and accurate support. When looking for a solution to a problem, their support team knows exactly who to engage with in order to give us our fastest results.
- Because the software is encrypted in our Active Directory, changing out a user to a new workstation is simple. We just install the software, and then re-add the users finger prints. All of their passwords are safely and securely stored and come right back once the user is identified.
- I tested the Altus product on the new Microsoft Surface keyboard with a finger print reader, and it does work.
- DigitalPersona Altus can make their renewal process better. Last time we had to renew, we did not get a notification to renew, and actually had to reach out to Crossmatch after we tried to get support and found out we were out of warranty. We would have easily paid our renewal, if we knew that the expiration was coming.
We mainly use this to log into our computers and websites.
We can change computers and because of the Active Directory integration we don't have to worry about losing our bio-metric history. It's all stored in AD securely.
We use DigitalPersona Altus to get into our main website, log into our timeclock website, access the myriad of other websites our staff needs to get into, etc.
- Our users needed a product just like DigitalPersona Altus, but all the other products we looked at saved all of the data to the local computer. Having a central storage location that is not saved on the local computer allows for simpler migration and that saves IT staff time.
We used to use the finger print readers that came on the Dell computers, but the Digital Persona finger print reader works much more accurately. I will say, it has a problem in direct sunlight, but other than that, it really works well.
35
It's really a crossfunctional group of people ranging from member facing to IT and Administrative support.
3
Knowing how to support the Microsoft Server environment and group policy is really the main technical part of the program you'll need to know to use it.
- Staff do not have to remember all of their passwords.
- When we reimage computers the passwords are remembered.
- Administrator accounts can be quickly and easily assigned to a different finger so when you are supporting a user you can just quickly sign in with that account and not have to type a password in front of them.
- We hope to be able to use the facial recognition availability in the Microsoft Surfaces at some point.
- Passwords
- Web add on for Chrome
- Loging into Windows
- Cannot get facial recognition working
June 05, 2018
Useful solution for beefing up security posture
We have been able to randomize most of our users' AD passwords so that they are more secure. Most users now authenticate using only their fingerprint.
Right now, only Windows authentication and 3rd party website logins.
- We have not done any integrations. We only use DP to authenticate to 3rd party websites.
- We have done as much integration as we plan on doing for right now.
None of the above
None, we do not have any integrations.
All users authenticate to Windows using biometric fingerprint readers. We also use password manager through the Altus console to authenticate to 3rd party websites. We have over 120 3rd party logins that we manage, so this solution saves us time logging in to 3rd party websites and applications, and also gives us a secure way to store passwords.
- Windows authentication
- Password management
- multifactor authentication
- We have issues with fingerprint misreads with our users who do not have as defined of a fingerprint
- We also have issues with the Agent not loading in Internet Explorer consistently on some workstations.
We have struggled to get it working with VPN due to the fact that VPN is mostly used on laptops. Getting the built in fingerprint reader on laptops to work with DP is shaky at best.
- Positive impact is for the users for which the solution works they love it and it saves them time.
- We don't have any benchmarks, but, anecdotally, users report that the solution saves them time logging into websites and frustration with managing passwords.
75
AD authentication, storing passwords and authenticating to 3rd party websites using fingerprint
1
Understanding of password management and SSO authentication, AD
- AD authentication
- Password management
- Authentication to 3rd party websites using fingerprint
- We use the standard functionality
- We don't have plans to expand the functionality in any way