Knowledge base 210: IDEMIA Enforced Security and Identity Access
IDEMIA have added a new feature to their biometric reader products called Enforced security, this turns on TLS 1.2 (Transport Layer Security) by default from the factory.
Enforced Security will be present in products fitted with the following firmware versions.
Sigma Lite V4.12.x and higher.
Sigma Lite + V4.12.x and higher.
Sigma V4.12.x and higher.
Sigma Extreme V4.12.x and higher.
Morpho Wave V2.09.x and higher.
Vision Pass V2.09.x and higher.
With "Enforced Security" enabled, these devices will have communication issues with Identity Access and MorphoManager V15 or below.
To enable communication with Identity Access and MorphoManager V15 or below , a feature called "On Demand Security" will need to be enabled.
This changes the communication method to allow the latest firmware supplied Biometric readers to communicate with the software.
To enable On Demand Security
To enable On Demand Security a connection must be made via the Morpho toolbox (MBTB) software to the reader.
If you already have MBTB installed, Ensure your version is V4.6.12 or above
Download the latest Version of Morpho toolbox MBTB
Open MBTB.
Select the terminal type from the drop-down box.
Enter the units ip (default 192.168.1.10)
Select TLS Configuration = Factory
Press Connection.
Press tools from the left column.
Under the diagnostic tab, press "Enable On-demand Security".
You will be presented with the following notice, read and tick the "I have and agree" then press "Enable On-demand Security".
The following prompt will appear, Press OK.
The unit will reboot, this will take 1-2 minutes.
Once complete you will get the following prompt, Press OK.
If you need to make further changes via MBTB and need to reconnect, ensure you connecting to the unit with None selected in TLS Configuration
The unit can be put back into "Enforced Security" by connecting back with TLS Configuration - None
Press tools from the left column.
Under the Diagnostic tab, press "Enable Enforced Security".
You will be presented with the following notice, read and press "Enable Enforced Security".
The following prompt will appear, Press OK.
Related Articles
Knowledge base 181: HID Asure ID Software with Identity Access 9
Controlsoft Identity Access 9 install includes a copy of HID Asure ID® 7. This is an ideal choice for organizations looking for affordable and easy-to-use photo ID card software with direct integration with the Controlsoft Identity Access database. ...Knowledge base 90: Using MorphoManager BioBridge & Identity Access 8
1. First install Identity Access (IA), follow the Installation Guide available with the download or IA USB Stick. 2. Next log into Identity Access to do this run the IA User Interface – Windows Start Button > All Programs/All Apps> Controlsoft ...Knowledge base 201: Moving Identity Access server to another machine
Checking your Identity Access License When moving Identity Access from one machine to another it is important to check if the current Identity Access server has a Professional or Enterprise license and what version the software is currently running. ...Knowledge base 178: Identity Access 9 - Sigma series reader with an LCD display for Pin & Biometric
This KB explains how to create a custom Biometric profile for a Sigma Series reader (LED Model required) for Pin & Bio using Identity Access version 9. This KB is based on the Biometric reader being wired into an i-Net Plus V3 door controller and ...Knowledge base 103: Moving Identity Access Professional license to a new PC
If Identity Access (v2016.3 or later) includes an IA-PRO or Enterprise license, it is possible to transfer the license to the new PC as described below Run the Licensing Utility on BOTH machines: Select Start > All Programs > Controlsoft > Identity ...