Configuring Contactless Card

The contactless cards offer a secure and convenient way to authenticate. The Administration Portal allows an administrator to configure and manage the contactless cards for authentication.

This explains how an OpenID application can specify the contactless card technologies to be used for enrollment and end-user authentication. You need to enable or whitelist the contactless cards before enrolling them for users.

In order to enable and configure the contactless cards, follow the below steps:

  1. Sign in to Administration portal.

  2. Click Settings in the left navigation bar to open the Settings page.

  3. Click Contactless Card on the Settings page, then contactless cards page opens.

    Click the toggle button to On to allow users to enroll contactless cards through the Self-Service Portal and display the card filters along with their associated card technology types.

    Important: If you click the toggle button to Off, it prevents users from enrolling contactless cards through the Self-Service Portal. It also prevents users from authenticating with any previously enrolled contactless cards.

  4. You can choose "Allow All" to use any of the card technology as an authentication method for enrollment and authentication.

    If you know the specific card technology type(s) you want to allow, you can manually select them from the drop-down menu and add them to the allowed cards list.

    Note: For better security, we suggest choosing the specific card technologies that your organization uses.

    Prerequisites: Make sure the "HID Authentication Device Client" application is installed on your system to add the contactless card. If not installed, please download and install the latest version of the device client.

  5. If you are unsure about the card technology that you want to add, click SCAN CARD and place a representative card on the card reader to detect it automatically.

    "Add Card" pop-up appears with card details, then click ADD to add the card technology.

    Important:

    • If the "HID Authentication Device Client" is not detected, then download and install the latest version of the device client.

    • If the installed version of the 'HID Authentication Device Client' is below the minimum supported version, a prompt will notify you that the device client is outdated and must be updated.

      Note: Users cannot add a card unless the device client is updated to the minimum supported version.

    • If the installed version of the 'HID Authentication Device Client' is below the latest available version, a prompt will notify you that a newer version is available.

      Note: Users can add a card even if a prompt notifies them that the device client is outdated. However, it is recommended to update the device client to the latest version for better security.

    • If the card reader is not detected, then connect the card reader to your system.

    • If the card is not detected, then place the card close to the card reader.

  6. Click SAVE and a message will appear confirming that the selected cards have been successfully whitelisted.

    Now, users can use the Self-Service Portal to enroll the added contactless cards.

    Important:

    • If the allowed cards list is configured with specific card technology types, only those card types will be permitted for enrollment and authentication.

    • If a previously enrolled specific card technology type is removed from the allowed cards list, it will no longer be valid for authentication using that card technology type.

    • If a user has lost or blocked MFA and requested you to remove the previously enrolled card technology type so they can re-register MFA, then you can remove the enrolled card technology type from the allowed cards list and also from the 'Devices' tab of that user’s account.