- DATASHEET -

PingID

PingID® is a cloud-based, adaptive multi-factor authentication (MFA) solution that is part of PingOne for Workforce, a comprehensive cloud authentication authority. It balances secure access to applications with ease of use for employees and partners while allowing businesses to define and enforce authentication policies that are tailored to their needs. 

PingID provides organizations with a fast and easy way to deploy MFA for a wide range of use cases without draining IT resources. From protecting workforce apps accessed via PingOne or PingFederate single sign-on (SSO) solutions, to integrating seamlessly with VPNs, Microsoft Azure AD, Active Directory Federation Services (AD FS), Windows Login or Mac login—PingID has you covered. 

PingID comes with multiple authentication methods, including the PingID mobile application for Apple and Android devices, which is fully managed by Ping Identity, the PingID desktop app and PingID APIs. PingID supports a wide range of authentication methods, can integrate in minutes and is versatile enough to secure all your applications and services regardless of where they’re hosted.

BALANCE SECURITY AND PRODUCTIVITY

When policy dictates the need for strong authentication, the PingID service will send a notification to the user’s smartphone through the PingID mobile app. On iOS and Android devices, this is sent via the Apple or Android notification service, preventing the expense of sending an SMS or voice call. The notification prompts the user to approve in the banner or swipe in the device’s PingID mobile app to be authenticated. PingID also includes native Apple Watch and iPad support. In the event a user is unable to get a signal to their mobile phone, an offline mode is available where PingID generates an OTP. Alternatively, the OTP can be delivered via SMS, voice, email or desktop application. Finally, FIDO-compliant security keys, such as YubiKeys, can also be used in sensitive environments or for users without device or phone access. The registration and authentication process is localized and branded.   

USE FACIAL RECOGNITION OR FINGERPRINT AS AN AUTHENTICATION FACTOR

To make it easy for employees and partners to authenticate, PingID can be configured to use facial recognition or the fingerprint reader on the registered device. It works on Microsoft Windows Hello devices, Apple’s iPhone, iPad and Mac devices, Android devices and supporting security key tokens.

DEFINE ADAPTIVE AND RISK-BASED AUTHENTICATION POLICIES TO MEET YOUR
ENTERPRISE’S NEEDS     

To meet your enterprise’s specific security needs, administrators can define advanced authentication, pairing and device posture policies, such as:
 

• Triggering intelligent step-up MFA based on access from a new device, “impossible travel” or IP reputation score.
• Limiting MFA and available authentication methods to specific groups, IP addresses or applications.
• Employing geo-fencing to skip MFA requirement if a trusted device is accessing from a “secure” location or network.
• Restricting users from sharing authentication devices and from using devices that are rooted or jailbroken through root detection.
• Defining sessions that allow users to avoid prompt for MFA if authenticated within a predefined amount of time (hours, minutes, days, etc.).
• Prompting users and bypassing sessions if an authentication is considered risky according to the organization user’s pattern.
   

To learn more about PingID, visit pingidentity.com/pingID.

Most enterprises will benefit from purchasing PingID along with other PingOne for Workforce capabilities. To learn more, visit https://www.pingidentity.com/en/solutions/workforce-identity/pingone.html.