Unify Your MFA Approach with One Comprehensive IAM Platform

Streamline Security with Comprehensive MFA Solutions for Every Business

Multi-factor authentication (MFA) is essential for preventing unauthorized access. Many organizations have adopted various methods to ensure security, usability, and flexibility. However, using separate solutions complicates management and increases costs for IT teams.

With BIO-key PortalGuard, you can unify your MFA methods under one IAM platform and enhance security with advanced authentication options like biometrics.

PortalGuard Multi-Factor Authentication Demo

Enjoy this brief demo of PortalGuard MFA featuring biometric authentication and the BIO-key MobileAuth mobile app.

Biometric Authentication

MobileAuth app

View the PortalGuard datasheet
Book a custom demo

Benefits


Biometrics

Used for authentication and identification, IBB centrally stores biometric data in a non-reversible way, to create a unique biometric identity that’s used to verify the actual person taking action – not just their password, token, or approved device.


Hybrid Environment & Desktop Support

PortalGuard can be used to secure logins from both the browser and desktop with flexible options for multi-factor authentication and self-service capabilities.


Consolidation & Aggregation

Users enjoy adaptive MFA with PortalGuard allows businesses to consolidate existing authentication methods under a single, unified IAM platform to avoid unnecessarily high costs and unmanageable situations for IT teams.

Choosing the Right Authentication Method

Not sure which type of MFA is right for your business? Our latest eBook explores all the methods supported by PortalGuard, analyzes the pros and cons of each, and offers critical insight to help you make the right choice.

DOWNLOAD MFA RANKINGS EBOOK

PortalGuard MFA Use Cases

Multi-factor authentication with PortalGuard supports the following business use cases and authentication approaches:

Passwordless Authentication

With multiple web applications being accessed, IT staff often struggle to manage multiple user repositories while the help desk continues to receive more password-related tickets. BIO-key PortalGuard eliminates password prompts and gives users a single secure point of access to all their applications. In addition to lightening the load for IT staff, users do not need to struggle to remember long, complex passwords or adhere to unmanageable password policies.

Adaptive Authentication

Adaptive authentication is a form of multi-factor authentication that considers the context of the end user’s access request. The authentication process identifies contextual parameters like location, device, network, application, and time of day. PortalGuard’s Adaptive Authentication provides organizations with insight into user access scenarios allowing them to make security and usability adjustments transparently to the user and dynamically adjust the authentication method to what is appropriate based on the user’s situation.

Remote Workforce + Remote Access

While the shift to a more remote workforce offers great work-life balance and flexibility, it also offers cybercriminals an opportunity to successfully carry out an attack. Now more than ever, there are more potential points of attack – many of which have fewer cybersecurity protections than traditional office buildings. With biometrics, the person’s identity is verified, and IT teams can confidently and consistently ensure that only approved and legitimate users are accessing protected information.

Customer IAM Capabilities

Whether your business has 200 or 2 million customers, the priority is the same: provide all customers with a secure, seamless and easy-to-use security solution. With BIO-key PortalGuard, strong, reliable multi-factor authentication (MFA) supports single sign-on, self-service password reset, self-registration, and account management that’s ideal for securing your customers’ access.

Cyber Insurance

In 2022, the average cost of a ransomware breach is $4.26 million, and depending on the industry, this number may be higher (healthcare and finance in particular). PortalGuard is a great choice for MFA that fulfills cyber insurance requirements. It offers flexible authentication options and aggregates your current solutions under a single set of policies for your remote and on-premises users.

Supported Authentication Methods

Check out the Multi-factor Authentication methods that PortalGuard MFA supports

security-questions

Security Questions

Challenge Questions & Answers are one of the original and older methods of authentication. Users provide answers to previously enrolled questions. The enrollment is completed by either an admin or the user during the first-time logging into the system.

SMS-OTP

SMS OTP

The SMS Delivery Method (often referred to simply as ‘Phone’) involves The SMS delivery method (often referred to simply as ‘phone’) involves sending an SMS text message to an enrolled mobile phone number. This SMS text message contains a One-Time Passcode (OTP) that can only be used once to validate the user for a specific action.

email-otp

Email OTP

The Email Delivery method involves sending an email to an enrolled email address. This email contains an OTP to validate the user to the PortalGuard System for a specific action. Administrators have full control over the length, character set, and validity of OTPs utilized by this option. These settings are shared by the ‘SMS’ OTP type as well.

mobile-authenticator

Mobile Authenticator App

These applications generate a Time-Based One-Time Passcode (TOTP) and are installed on the user’s device. When authenticating the user will be prompted to locate and open the app on their device and then enter in the TOTP that is shown.

mobile-push

Push Notifications

A push token is an ‘out-of-band’ second factor tied to a mobile device. This second factor allows end-users to confirm or deny an authentication request by interacting with their mobile device in real-time. No codes need to be remembered – just tap yes or no on the screen to confirm the authentication request.

hardware-tokens

FIDO2/WEBAuthn (Hardware Tokens)

FIDO2 (AKA WebAuthn) differs from FIDO U2F in that it is designed for a “password-less” approach to secure authentication. Functionally, FIDO2 tokens support the same usage as FIDO U2F, though utilizing a different industry standard and browser-based API. FIDO2 Tokens support one of two usage types: Click to Authenticate or On-Device Authentication. Click to Authenticate requires a tap/click of the token while On-Device Authentication detects the FIDO2 request and automatically responds, allowing the authentication action to proceed without any additional actions from the user.

WEB-key-IBB

WEB-key (Biometrics)

WEB-key is an enterprise-grade biometrics platform from BIO-key. IBB creates a centralized unique biometric identity that can be used to verify you anywhere. The primary method for capturing the biometric is by using a fingerprint scanner.

Learn more about WEB-key

BIO-key MobileAuth

As the only multi-factor authentication app to offer biometric authentication options, BIO-key MobileAuth™  safeguards access to critical data with authentication that verifies the user, offers multiple, easy to use authentication methods for users to choose from all while reducing operational costs for IT departments.

Learn more about MobileAuth

device-biometrics

Integrated Device-based Biometrics

Integrated device-based biometrics refers to biometric methods where all processing, matching, and authenticating of the biometric is completed on the device. This includes methods such as Touch ID and Face ID on iOS devices, biometric authentication on Android devices, and Windows Hello on Windows devices.

Proximity Cards

Proximity Cards (Prox Cards) are physical cards that allow authentication based off a stored encoded number. These cards can be used by holding them up to an electronic reader, which can detect and pull that encoded number, decode it, and pass that value to the connected device for authentication. Prox cards are contactless, meaning no contact needs to be made between the person holding the card and the reader. The cards support distances from 1 to 20 inches, depending on the version of the card.

Easy Administration

Self-Service Enrollment

Users can register themselves for both self-service password reset and MFA in one step.

Policy & Settings

Highly configurable policy management that allows authentication to be applied to specific users and/or groups.

Reporting & Auditing

Detailed audit reports of all login activity available to meet security and compliance requirements.

Integrations

New Integration!

BIO-key enhances MFA security for Microsoft Entra ID identities. 

Learn More

Enhance the PortalGuard solution with integrations from our partners:

google authenticator
microsoft authenticator app
fido
yubico yubikey
rsa secure ID
twilio
authy
voiceit
Available in AWS Marketplace

As an AWS Software Partner, BIO-key has successfully met the stringent criteria set by Amazon’s Well-Architected Framework. By partnering with AWS and BIO-key, you can trust that your Identity and Access Management (IAM) solution will be hosted on a highly secure, scalable, and redundant infrastructure. 

Learn More

AWS Partner
AWS Partner - Public Sector

Find out what PortalGuard can do for your business.