plusID Manager Operators Manual for use with plusID 60 devices Version 1.
Privaris plusID Manager Operators Manual V1.0 Table of Contents Section I: GETTING STARTED ................................................................................................... 3 Introduction................................................................................................................................ 3 What is a plusID Device? .......................................................................................................... 3 What is Enrollment? ....................
Privaris plusID Manager Operators Manual V1.0 Credentials: Using the plusID for Door Access ...................................................................... 26 Overview ........................................................................................................................................... 27 Loading a Card Format onto a plusID from an idBank ..................................................................... 27 Loading a Card Format from the Database ............................
Privaris plusID Manager Operators Manual V1.0 Section I: GETTING STARTED 1. Introduction plusID Manager is the software application used to issue plusID™ personal biometric devices. It enables the enrollment and configuration of devices by an authorized Enrollment Administrator, or other designated personnel. 2. What is a plusID Device? The plusID personal biometric device is a universal credential that replaces access cards used to enter secured buildings and passwords used to log on to computers.
Privaris plusID Manager Operators Manual V1.0 6. Securing plusID Devices a. The Administrator PIN & Device Registration plusID devices are secured to a specific organization through the assignment of an Administrator PIN. It is what prevents the manipulation of issued plusID devices by outside organizations and malicious or otherwise non-authorized parties.
Privaris plusID Manager Operators Manual V1.0 Figure 1 Security Advisory The only way for a registered device to be updated from a different workstation than the one on which it was registered is for the device to be reset (see Section III, 9.c.). Resetting device erases all stored fingerprint templates, restores its factory default settings, and enables a device to be registered to a new user.
Privaris plusID Manager Operators Manual V1.0 Follow the screen prompts to install the software: • Component selection: There are two available components, the plusID Manager software and the minidriver that is required to use the plusID device for computer logon and to issue credentials for computer logon to other device recipients. Select from an Administration Installation (plusID Manager and minidriver), Client Installation (minidriver only) or Custom Installation (either).
Privaris plusID Manager Operators Manual V1.0 9. Starting the Application To start the application from the Windows taskbar click Start>Programs>Privaris>plusID Manager (or elsewhere if you modified the default file destination during installation), or double-click the plusID Manager desktop icon shortcut, if created during setup. The plusID Manager home page and main menu tree will be displayed (Figure 3). Figure 3 Main Menu The main menu tree has three branches. 1. plusID Manager 2. Devices 3.
Privaris plusID Manager Operators Manual V1.0 Section II: PLUSID MANAGER MENU OPTIONS 1. Application Settings The “Application Settings” screen (Figure 1) contains three tabs: Settings, Utilities and About: Figure 1 Application Settings Settings Enter the issuing organization’s name on this screen and it will be included on every report that is run from the plusID Manager software. This field is not mandatory.
Privaris plusID Manager Operators Manual V1.0 About The “About” screen lists the version number of the plusID Manager software application. 2. Default Device Settings The “Default Device Settings” screen (Figure 2) contains the settings that will be applied to all plusID devices enrolled with the plusID Manager software. These settings can be changed at any time, but changes will apply only to devices enrolled, re-enrolled, or re-configured, after the Default Device Settings have been modified.
Privaris plusID Manager Operators Manual V1.0 a. Timeout Settings Pre-Verification The Pre-Verification timeout setting determines how long the device will wait for a verification (fingerprint swipe) before powering off. The timeout can be set from 5 to 255 seconds. The default setting is 10 seconds. Note: This setting only applies to verifications performed after enrollment, during normal device usage, and when the device is not connected to a computer.
Privaris plusID Manager Operators Manual V1.0 PIN + Biometric requires a personal identification number (PIN) and a biometric verification (using the plusID device). Note: If this option is selected, a User PIN must be assigned. (See Section III, 7.b. for more information.
Privaris plusID Manager Operators Manual V1.0 Jones, enter “Mary” or “Jones” or “Mary Jones” or “Mar” or “Jon” or “M” or “J.” The more specific the search criteria, the more narrow the results will be. To retrieve all data records, do not apply any filters. Select “Ignore Date” and leave the user name filter blank. This will run the report for all users or devices (respectively) regardless of the date registered. Page 12 of 54 07.20.
Privaris plusID Manager Operators Manual V1.0 Section III: DEVICES MENU OPTIONS The “Devices” branch of the main menu tree is only visible when a plusID device is connected to the plusID Manager computer via USB. To expand or collapse the “Devices” branch of the menu tree, click the arrow to the right of “Devices.” With a plusID device connected, the main “Device” screen will appear (Figure 1). This screen provides a snapshot of the device(s) connected to the plusID Manager.
Privaris plusID Manager Operators Manual V1.0 1. plusID Device Registration a. Overview When a device is connected to the plusID Manager software for the first time the “Register plusID Device” screen will appear (Figure 3). This screen registers the device to its user as well as to the issuing organization. Figure 3 Device Registration Screen The device is registered to the user by entering the user’s first and last name.
Privaris plusID Manager Operators Manual V1.0 2. Device Registration When a new or reset device is connected to the plusID Manager for the first time the “Register plusID Device” screen is displayed (Figure 3). The three steps below must be repeated each time a new plusID device is connected. 1. Enter the first and last name of the user (mandatory). Note: This information is not stored on the user’s device. It is stored only in the plusID Manager’s database for record keeping purposes.
Privaris plusID Manager Operators Manual V1.0 Figure 4 Admin PIN Entry The Administrator PIN is requested only once per plusID Manager session, per device. It will not be requested again during the same session, but will be required each time a new device is connected. In the case of a device that has been reset, the Device Registration screen will be presented just as with a new unregistered device.
Privaris plusID Manager Operators Manual V1.0 4. Device Status Figure 6 Device Status Screen The “Device Status” screen (Figure 6) provides a snapshot of the technical specifics of the device that is connected, including: Battery Status The plusID device is powered by a rechargeable battery. The Battery Status portion of the screen indicates whether or not the device is currently being charged, and includes a progress bar to indicate the device’s current battery level.
Privaris plusID Manager Operators Manual V1.0 Manufacturing Information Manufacturing Information lists the device’s model number, serial number, and date of manufacture. This information is typically only needed for customer service inquiries. Revision Information Revision Information lists the version information of the hardware and software specific to each device.
Privaris plusID Manager Operators Manual V1.0 b. Device User Guidelines 1. Fingers should be free of excessive dirt or grease but otherwise do not need to be washed prior to enrollment. 2. The plusID device should be held with one hand - just as it will be held during normal device use. 3. Review the “How to Swipe” instructions that follow to ensure the proper positioning of the fingerprint relative to the sensor.
Privaris plusID Manager Operators Manual V1.0 How to Swipe Fingerprint Sensor Instructions Review the instructions below with each user and let them practice swiping with their device. Not doing so will result in a poor quality enrollment and difficulty using the plusID device. (These images are also linked from the “Help” section of the plusID Manager.) Page 20 of 54 07.20.
Privaris plusID Manager Operators Manual V1.0 c. Enrollment Set-Up 1 Open the plusID Manager software application. 2 Hand the user their new plusID device. 3 Review the “How to Swipe” instructions with the user, letting them practice swiping until they can do so properly and comfortably (see section 2.b.
Privaris plusID Manager Operators Manual V1.0 ! The device has no way of distinguishing which finger is swiped, so be certain that the finger selected on the screen is in fact the same finger that the user is actually applying. 4. Convey the instructions from the on-screen prompts to the user. The prompts will appear above the “Enroll” button and will specify when to swipe a finger as well as provide feedback on the quality of the swipe.
Privaris plusID Manager Operators Manual Continuous Solid Green V1.0 A successful enrollment Brief Solid Red, then Blinking Green The sensor did not get sufficient information from the fingerprint to process the swipe. This often happens if the sensor is touched before a swipe is begun, as opposed to placing the finger and swiping in one continuous motion. Continuous Solid Red Enrollment failed. See “Troubleshooting” (Appendix A, or under “Help” in the menu tree).
Privaris plusID Manager Operators Manual ! V1.0 If access credentials were loaded prior to enrollment, device issuance is complete. Disconnect the plusID device from the computer and hand it to the user with the USB cable and plusID Quick Start Guide that was enclosed in their device box. g. Verification Verification (the last fingerprint swipe during enrollment) confirms a user’s identity by matching their live fingerprint to their stored fingerprint template.
Privaris plusID Manager Operators Manual V1.0 Modify the user’s swiping technique accordingly, erase the finger and re-enroll it. i. Erasing a Finger/Enrollment This option erases the selected finger’s fingerprint template from the plusID device. Only an enrolled finger can be erased.
Privaris plusID Manager Operators Manual V1.0 Before a device is enrolled, the first and last name of the user to whom the device is being issued must be entered during device registration (see 1.a.). Selecting “User Info” from the menu tree displays this information and gives the Enrollment Administrator access to edit it as well as provide additional user specific information, such as an employee number (unique ID), a phone number, and comments.
Privaris plusID Manager Operators Manual V1.0 formats that are securely transferred to plusID devices using the plusID Manager software. a. Overview If the plusID device will be used in place of access cards or fobs to access doors and facilities, a physical access credential, in the form of a card format, must be loaded onto the plusID device via the plusID Manager.
Privaris plusID Manager Operators Manual V1.0 Figure 8 Credential Loading Screen When credential generation is complete the card format will be shown in the selected location (Figure 8). Different card formats can be loaded for each of the device’s four buttons for access to multiple doors and facilities. For user convenience, the same card format can be loaded onto multiple buttons, if desired.
Privaris plusID Manager Operators Manual V1.0 d. Loading a Card Format from the Device Tab Card formats moved from the device to the recycling bin are retained and can be viewed under the Device tab. A card format that shows an “unassigned” status is still on the device and may be reassigned to any available button. 1. Select the Device tab under Credentials Source. 2. Select Detail view using the icon under and to the left of the recycling bin. 3. Choose a card format with an “unassigned” status 4.
Privaris plusID Manager Operators Manual V1.0 4. select a card format and “drag and drop” it into one of the four white squares at the top of the screen that correspond to each of the device’s four function buttons. Repeat as necessary. ! Only HID demo codes will work with battery powered HID demonstration readers The demonstration card formats are reusable and can be removed (dragged from a button to the on-screen trash can) and re-loaded as many times as desired. 8.
Privaris plusID Manager Operators Manual V1.0 9. Settings The “Settings” screen includes three tabs across the top for access to Device Settings, Device Utilities, and Reset Options. a. Device Settings The first tab of the “Settings” screen, “Device Settings,” (Figure 9) lists the settings that will be applied to the plusID device connected to the plusID Manager software. Unless changed, these settings will be the same as the “Default Device Settings.
Privaris plusID Manager Operators Manual V1.0 i. Timeout Settings Pre-Verification Period The Pre-Verification Period timeout setting determines 1) how long the device will attempt to match a fingerprint before failing a verification attempt and 2) how long the device will wait for a verification (fingerprint swipe) before powering off. The timeout can be set from 5 to 255 seconds. The default setting is 10 seconds.
Privaris plusID Manager Operators Manual V1.0 iii. User Logon Settings Authentication Mode The Authentication Mode selection sets the security level required when using the plusID device for computer logon (post-enrollment). If the device is not being used for logon, this setting can be left at its default value. There are two options: PIN + Biometric requires a personal identification number (PIN) and a biometric verification (using the plusID device).
Privaris plusID Manager Operators Manual V1.0 Figure 10 Device Utilities Screen Following are descriptions of the individual functions on the Device Utilities screen: i. Extract Certificate File Each plusID device contains a unique security certificate. The certificate is a unique identifier for the device.
Privaris plusID Manager Operators Manual V1.0 ! A firmware upgrade does not erase or reset the device and has no impact on any of the information that is stored on the device (i.e., device settings, fingerprint templates, Administrator PIN, credentials, etc.) If in receipt of updated firmware, with a device connected to the plusID Manager computer: 1. Download and save the firmware file onto the computer which has the plusID Manager installed.
Privaris plusID Manager Operators Manual V1.0 Figure 11 Device Reset Options Tab The reset options are: Change Device Manager Each device can have only one administrative authority, or device manager. The “Change Device Manager” option disassociates the device with its original administrative authority (i.e., workstation running the plusID Manager software) and enables it to be re-registered and administered on another, or the same, workstation running the plusID Manager software.
Privaris plusID Manager Operators Manual V1.0 This option changes the Personal Identification Number (PIN) that the device’s user defined, and is required in addition to the plusID device for logging onto their computer, and reverts it back to the system default of 1234. Reset User Application Data (different from erase?) This option erases all third party software information that has been stored on the device, for example the minidriver that may be resident to enable computer logon.
Privaris plusID Manager Operators Manual V1.0 Changing the PIN overwrites the previous Administrator PIN. This new PIN will now be downloaded onto all future enrolled devices. The computer on which the Administrator PIN was changed will no longer be able to communicate with previously enrolled devices (with the previous Administrator PIN). b. User PIN The User PIN is used for Windows login* or other smart card functions, postenrollment.
Privaris plusID Manager Operators Manual V1.0 Figure 12 User PIN Screen d. Resetting the User PIN Unlike the Administrative PIN on the device, the User PIN can be reset to its factory default value in the event a user forgets their logon/User PIN. To reset the User PIN: 1. Select “PINs” from the main menu tree 2. Select the ‘User” tab 3. Select “Reset PIN." 4. Enter the Administrator PIN 5. The User PIN will be reset to its original default value: 1234. Page 39 of 54 07.20.
Privaris plusID Manager Operators Manual V1.0 Section IV: HELP The “Help” branch of the main menu tree contains documentation for quick reference in lieu of referring to hard copies. There are three main categories of documentation. Click the “plus” arrow next to each category to see the expanded list of files contained therein.
Privaris plusID Manager Operators Manual V1.0 Figure 1 External Browser Button Page 41 of 54 07.20.
Privaris plusID Manager Operators Manual V1.0 Appendix A Troubleshooting - Expanded If any of the following three bullet points apply, refer to the troubleshooting levels below, starting with Level 1 and progressing through Level 5, as necessary, and erasing and re- enrolling fingers as necessary.
Privaris plusID Manager Operators Manual • Not pressing hard enough Lightly dragging thumb over the sensor is not sufficient for the sensor to see the print. The finger must make solid contact, which requires medium pressure. On a scale of 1 to 5, with 1 being very light and 5 being hard, pressure should equal about a 3. • Starting a swipe too high or too low With thumb hovering over top the sensor, align the first knuckle with the sensor as the starting point for swiping.
Privaris plusID Manager Operators Manual V1.0 Troubleshooting Level 5 Approximately 1 % of the population is unable to use fingerprint biometric technologies. If enrollment and verification is failing for all fingers after trying Troubleshooting steps 1 - 5, then the user should be issued a non-biometric means for access. Page 44 of 54 07.20.
Privaris plusID Manager Operators Manual V1.0 Appendix B Overview of plusID Device Light Behavior The plusID device has four indicator lights: green (top left), yellow (bottom left), red (top right), and blue (bottom right). Green, Yellow, Red and Blue…appear all at once for an instant. The device is powering on. Green, Yellow, Red and Blue…blink four times The device is powering off. Green, Yellow, Red and Blue….then solid red and device powers off Indicates a non-enrolled device.
Privaris plusID Manager Operators Manual V1.0 Blinking Red Battery level is critically low (below 8%). Recharge device immediately. Blinking Blue Indicates device is connected via USB to a power source other than a computer (a wall or car outlet). If connected to a computer, a brief blinking blue light indicates device is attempting to establish a connection. A continuously blinking blue light when connected to a computer indicates a USB driver problem.
Privaris plusID Manager Operators Manual V1.0 Appendix C plusID Battery Recharge Instructions The plusID device is powered by a rechargeable battery. A single battery charge is good for approximately 1,000 uses/verifications. How to Charge The battery is rechargeable using any mini-USB cable. A mini-USB cable is included with each plusID device for charging via a computer (a PC with a USB port is required).
Privaris plusID Manager Operators Manual V1.0 Appendix D plusID Button Operation The plusID has four function buttons on the face of the device that during enrollment can be programmed with physical access credentials (card formats) for various doors and facilities. Power On Press any button that is programmed with an access credential. All four lights will appear for an instant and then blink green to request a verification (fingerprint swipe).
Privaris plusID Manager Operators Manual V1.0 Appendix E Using plusID Devices for Logon in a Microsoft® Domain Environment Introduction plusID biometric devices can be used to log users onto a domain, via two or three-factor authentication. The plusID device is ISO 7816 Part 3 smart card compliant, and as such enumerates itself to a computer exactly like a smart card, allowing for rapid enterprise integration of plusID devices across Microsoft® systems that support smart cards.
Privaris plusID Manager Operators Manual V1.0 4. Device Driver Software Client machines must be configured before they are able to make use of a plusID. This includes the installation of device driver software, which consists of a CCID driver and a plusID device minidriver. The CCID driver is a standard driver provided by Microsoft for working with smart card devices such as the plusID and can be obtained via Windows Update when the plusID is first connected to the client.
Privaris plusID Manager Operators Manual V1.0 Appendix F Licensing Agreement READ THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT (“AGREEMENT”) CAREFULLY BEFORE SELECTING THE “I ACCEPT” BUTTON BELOW. THE SOFTWARE APPLICATIONS AND THE ACCOMPANYING USER DOCUMENTATION CONTAINED ON THIS MEDIA ARE COPYRIGHTED AND ARE LICENSED (NOT SOLD) TO YOU IN ACCORDANCE WITH THE TERMS OF THIS AGREEMENT. BY SELECTING THE “I ACCEPT” BUTTON BELOW, YOU MANIFEST YOUR ASSENT TO BE BOUND BY THE TERMS OF THIS AGREEMENT.
Privaris plusID Manager Operators Manual V1.
Privaris plusID Manager Operators Manual V1.0 This product includes software developed by XHEO INC (http://www.xheo.com). (c) 2000 - 2007 The Legion Of The Bouncy Castle (http://www.bouncycastle.org) THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
