About the DigitalPersona LDS v4.3.0 Release

HID Global is pleased to announce the release of HID DigitalPersona v4.3.0, which includes security, flexibility, usability, and deployment enhancements.

As with every release, HID DigitalPersona continues to build on its reputation as a leading advanced multi-factor authentication solution that supports the widest array of authentication factors in the industry.

What’s New in the 4.3.0 Release

  • Transparent screen lock — Enables locking the computer while maintaining desktop visibility

    This feature allows users to monitor real-time data or diagnostics without granting access to the Windows session, enhancing security for sensitive programs.

  • Support for External Authentication Method (EAM) for Microsoft Entra ID — Integrate DigitalPersona Identity Provider with Microsoft Entra ID, expanding authentication options beyond native Entra ID methods

    This enables the use of additional factors, such as contactless cards or fingerprints, thereby enhancing security and flexibility in user authentication.

  • Support of HMAC-SHA256 generated TOTP — Supports hardware security tokens that use the SHA-256 algorithm for time-based one-time password (TOTP) generation

    This update enhances security and increases support for modern authentication devices, complementing existing support for the SHA-1 algorithm.

Improvements and Changes

  • Mandatory credential for enrollment — Proactively guides and prompts credentials enrollment based on enrollment policies specified by the administrator

    This proactive approach expedites enrollment and ensures the timely completion of security setups, facilitating smoother transitions to stronger authentication policies.

  • Updated DP Web SDK for integrators to notify about authentication methods used at Windows logon — Updated Web SDK enables browser applications to retrieve Windows logon authentication methods used with DigitalPersona

    This allows customers to implement the desired authentication flow in their applications considering the user’s authentication at Windows logon.

  • Support for DigitalPersona PIN in DigitalPersona NPS plug-in for RADIUS — Enables the use of DigitalPersona PIN instead of Windows password for RADIUS authentication via the DigitalPersona NPS plug-in

    This feature enhances security for remote connections when using DigitalPersona MFA, particularly in scenarios where Windows passwords are often randomized.

  • FIDO identification in DigitalPersona Identity Provider — Uses device-bound or synced passkeys, eliminating the need for username entry in the DigitalPersona Identity Provider interface

    This streamlines the log-in process while maintaining strong security through FIDO standards.

  • Support for Multifactor Authentication (MFA) enforced by the federated Microsoft Entra ID — DigitalPersona Identity Provider now complies with Microsoft Entra ID conditional access policies for multi-factor authentication

    This integration ensures seamless enforcement of MFA requirements in federated environments, strengthening security while maintaining user experience across both platforms.

  • Removal of two deprecated features, HID Guardian™ Tenprint scanners and Nexmo SMS provider for SMS OTP — Removed support for HID Guardian Tenprint scanners and Nexmo SMS provider for SMS OTP, based on customer feedback and evolving technology needs

    This streamlines our product offering and focuses resources on more widely used, current features.

  • Removal of Firefox support in DigitalPersona Password Manager — Due to a decline in customer usage of the Mozilla Firefox web browser, the Password Manager feature will no longer support this browser and will only work with Google Chrome and Microsoft Edge web browsers

    DigitalPersona Web Management Components, including DigitalPersona Identity Provider, will still support the Firefox browser.