About ActivID AS
The HID® ActivID®
It secures a wide range of enterprise and commercial applications and is the ideal solution to meet compliance requirements and industry-standard guidance for strong, layered authentication and auditing (including the Payment Card Industry Data Security Standard (PCI-DSS) and the Federal Financial Institutions Examination Council (FFIEC).
ActivID AS simplifies ongoing credential management through a single point of administration. It ensures segregation of data between different applications, making various information types extremely secure. It also provides centralized, tamper-evident auditing capabilities.
The overall solution supports multiple authentication methods which can be configured using highly flexible and customizable policies and be assigned to different user populations. With ActivID AS, it is possible to adjust the authentication policy used (for example, static or one-time passwords) − based on specific profiles and risk factors.
Supported Environment and System Requirements
ActivID Authentication Services and Portals
The table below defines the environments supported for the ActivID Authentication Services, and the ActivID Management Console and ActivID Self-Service Portal.
| Item | Environment |
|---|---|
|
Operating System |
|
|
Application Server |
|
|
JDK |
|
|
Cryptography |
|
ActivID RADIUS Front End
| Item | Environment |
|---|---|
| FreeRADIUS server | Version 3.0.13-x |
| OpenSSL | Version 1.0.1e-34 (or later) (1.0.2k-16 is recommended for security reasons) |
If you plan to use an ActivID RADIUS Front End (RFE), then you must install it after you install ActivID AS. Some of the settings in the RFE installation process must match the corresponding settings in your ActivID AS.
Databases
- Oracle:
- Oracle 12c Release 1
- Oracle 12c Release 2
- Oracle 18c
- Oracle 19c
LDAP Directories
- Microsoft® Active Directory® 2008 R2, 2012 R2 x64, and 2016
- Novell® eDirectory 8.8 SP1
- Oracle Directory Server (Enterprise Edition 11g Release 1)
Web Browsers
- Microsoft Internet Explorer® 11 and later
- Microsoft Edge 40 and later
- Google® Chrome® 60.x and later
- Mozilla® Firefox® 55.x and later
- Apple® Safari® 8 and 9 on MacOS®
- JavaScript™ and cookies must be enabled.
- By default, the authentication server is configured to only accept TLS v1.2 connections. It is recommended that you use this setting for security reasons. This configuration can be changed if you need to support web browsers that do not support TLS v1.2.
HID Approve Application
Supported operating systems:
- Apple iOS®
- Google Android®
- Microsoft Windows 10
- HID Approve for Windows 10 does not support biometric authentication.
- Fingerprint authentication is only supported on Android 6 and later.
Supported Migration
ActivID AS 8.5 supports the following migration paths (listed by ActivID AS version and application server/cryptographic configuration combination).
Migration from ActivID AS 7.3.1
| Application Server Type | Cryptographic Configuration |
|---|---|
| IBM WebSphere | Soft Crypto |
| IBM WebSphere | nShield HSM |
Migration from ActivID AS 7.3
| Application Server Type | Cryptographic Configuration |
|---|---|
| IBM WebSphere | Soft Crypto |
| IBM WebSphere | nShield HSM |
| IBM WebSphere | SafeNet HSM |
| Red Hat JBoss EAP | Soft Crypto |
| Red Hat JBoss EAP | nShield HSM |
| Red Hat JBoss EAP | SafeNet HSM |
Migration from ActivID AS 7.0.2
| Application Server Type | Cryptographic Configuration |
|---|---|
| IBM WebSphere | Soft Crypto |
| IBM WebSphere | nShield HSM |
| Red Hat JBoss EAP | Soft Crypto |
| WebLogic | Soft Crypto |
| WebLogic | nShield HSM |
For further information, refer to the ActivID Authentication Server Migration Guide available from the ActivID Customer Portal.
