HID has announced a new integration with Microsoft Entra ID that enables organizations to use their existing physical access cards for multi-factor authentication (MFA) to Entra ID and Microsoft 365.

Microsoft mandates MFA for certain user categories, and now organizations can utilize their physical access cards as the MFA token. Employees use the ID they already carry to access both physical and digital resources, making the transition to passwordless authentication smoother, faster, and more cost effective.

What is Microsoft Entra ID

Microsoft Entra ID – formerly known as Azure Active Directory – is the company’s cloud-based identity and access management (IAM) solution. It provides secure access to external resources like Microsoft 365, Azure services, external SaaS applications, and on-prem resources on corporate networks.

Entra ID’s External Authentication Method (EAM) allows organizations to use third-party MFA solutions with Entra ID. With EAM, businesses can choose their preferred authentication method.

HID's Authentication Service lets organizations to take advantage of their existing physical access cards that support open standards like ISO 14443A.

“HID’s integration offers flexibility with its many authenticator choices and the convenience of using existing physical cards to access both facilities and digital resources as an MFA factor,” says Eleanor Falla, Senior Product Manager for Microsoft Security.

Using HID cards and technology with Entra ID

HID’s cloud-based Authentication Service lets organizations meet Microsoft’s MFA requirements. It provides passwordless MFA to deter phishing and other attacks, supporting both cloud and on-premise deployments via a range of authentication methods including FIDO Passkeys, smart cards, biometrics, and OTP tokens.

An HID spokesperson told CampusIDNews, “Microsoft created the opportunity to enable integration to Entra ID EAM for organizations that aren’t yet ready to implement a full passwordless journey. HID did an integration with the Authentication Service that now empowers organizations to take advantage of their existing physical access cards that support open standards like ISO 14443A CSN (MIFARE Classic, MIFARE DESFire EV1-3, iCLASS, SEOS, Prox). This is not limited to cards provided by HID. The big value add in this case is that organizations can be enabled from day one with MFA without having to distribute new cards or devices for their users to carry.”

If an organization is ready to go passwordless for their full workforce, there is no need for the EAM integration. It can be done using passkeys or certificate-based authentication which are available as part of the HID’s Crescendo card or key product lines.

Key highlights of HID’s Authentication Service include:

1. Unified Access with Physical Cards: Employees can use their existing physical access cards as the authentication factor for accessing digital resources. This eliminates the need to carry additional devices, making MFA easier to deploy and adopt.
2. Flexibility in MFA Options: The HID Authentication Service provides a range of authentication methods, including hardware OTP tokens, security keys, and smart cards equipped with FIDO technology.
3. Simplified Security Management: Designed for highly regulated industries, the cloud-based HID Authentication Platform secures user identities by leveraging advanced cryptography, ensuring data protection while streamlining identity management.
4. Convenience and Efficiency: By offering the ability to use physical access cards for both physical and digital security, HID helps organizations reduce reliance on passwords. This solution allows businesses to meet Microsoft’s security requirements without compromising productivity.

HID and Entra ID's efforts to kill passwords

According to a company release, HID’s integration with Microsoft Entra ID is part of a broader effort to drive the adoption of phishing-resistant, passwordless authentication. The collaboration supports enterprises at every stage of their journey to eliminate passwords.

“If an organization is ready to go passwordless for their full workforce or part of their workforce, there is no need for the EAM integration to access Entra ID applications,” the HID spokesperson told CampusIDNews. “That can be done as a primary authentication factor with passkeys or certificate-based authentication which are available as part of the HID’s Crescendo card or key product lines.”