MFA Guides

Magstripe Method

The Magstripe content area enables administrators to establish, configure, assign and maintain magstripe so that users can authenticate to a system using magnetic stripe cards or 2-D Barcodes for authentication.

method_25.png

There are four Magstripe content areas.

Table 21. Magstripe

Content area

Description

Profile List

Provides an overview of the configured Magstripe Profiles, including the configured PIN policy, card behavior options, and the settings for whether a PIN is required.

PIN Policies

Provides the ability for organizations to establish PIN usage policies and selection criteria for securing Magstripe protected with a PIN.

New Profile

Provides the ability for organizations to create custom profiles that can pair PIN policy with Sets and assigned to users.

New PIN Policy

Provides the ability to create custom PIN policies for Magstripe authentication.



Magstripe - Profile List

By default, RapidIdentity Server has a single profile for Magstripe cards with these settings.

Table 22. Magstripe setting

Setting

Value

3

Minimum PIN Length

4

Maximum repeated characters

3

Maximum consecutive characters

3

Card Behavior

Set to Tap in/Out and also Lock workstation

PIN Use Policy

Require PIN

Secure Logon Password

No.



Administrators can remove a profile by clicking Delete or edit a profile by clicking Edit.

Magstripe - Edit Profile

After updating the profile, click Save or Discard to cancel.

method_26.png
Magstripe - PIN Policies

The PIN Policies content area enables organizations to create custom PIN policies and edit out-of-the-box PIN policies.

By default, there are four PIN policies with varying degrees of security from High to Low.

method_27.png

Initially, there are four PIN policies with varying degrees of security and the default PIN Policy is based on best practices.

Each PIN Policy can be edited or administrators can create new PIN policies and each PIN policy is assigned to a Profile that can then be assigned to a Set. Sets are then assigned to users.

PIN Policies can be removed by clicking Delete or edited by clicking Edit.

Magstripe - Edit PIN Policy

To edit a Magstripe PIN Policy, click Edit.

method_28.png

After updating the policy criteria, click Save or Cancel to discard.

Magstripe - New Profile

Creating a new Magstripe Profile is similar to creating a new Biometric Profile.

Follow these 3 steps to create a new Contactless Profile:

  1. Click New Profile.

  2. Enter a name and description. Modify the default settings as desired.

    method_29.png
  3. Click Save or Cancel to discard.

Table 23. creating Magstripe Profile

Setting

Description

Select Require a PIN for Workstation Logon

Do NOT Require PIN for Workstation Unlock

When the system is locked and user presents their authentication method, the user will NOT be asked to enter a password.

Secure Logon Password

Default is No. If enabled, when the card is presented to the reader the user’s password will be randomized and unknown to the user.



Magstripe - New PIN Policy

Creating a new Magstripe PIN Policy follows the same new PIN policy sequence described in the preceding methods.