About Identity Guardian

Identity Guardian 1.1

Overview

Zebra Identity Guardian offers a solution for implementing authentication strategies, facilitating user access to devices. Catering to both enterprise-shared and personally assigned mobile computers, it offers a secure login method that ensures easy device access while maintaining user and corporate data security. Utilizing facial biometrics and single sign-on (SSO) compatibility, it provides seamless and secure access to devices and applications.

In a shared device environment, user data is securely encrypted and encapsulated within a personal barcode, generated via facial recognition and can be easily discarded to erase personal data. On personally assigned devices, the user data is securely embedded within the Android framework, making it inaccessible even to the organization.

Key benefits of Identity Guardian:

  • User Data Protection - Multiple layers of protection ensure that employee data is protected, while employees have control over their data.
  • Application Authentication - Integration with identity providers (IdPs) simplifies authentication by only requiring users to log in once and then leveraging single sign-on (SSO) to streamlines the process.
  • Facial Biometrics - Users seamlessly and securely unlock their mobile device using facial biometrics.
  • Multifactor Login - For enhaanced security, users can be prompted to provide multiple authentication factors to sign into a device: facial recognition, user passcode, and/or SSO authentication
  • Accountability - Empowers administrators with comprehensive visibility into devices and their associated users.
  • Personalization - Enables organizations to customize on-device experiences that are specifically tailored to align with the roles of the users.

Main Features

Identity Guardian main features:

  • Supports user enrollment and authentication for shared and personally-assigned devices
  • Multi-factor authentication support:
    • Facial biometric authentication
    • User passcode authentication
    • SSO authentication using Microsoft Entra ID or PingID
  • Supports other apps and device events that invoke the lock screen
  • Installation and configuration can be performed through Zebra DNA Cloud
  • Device usage details and user information is visible from the Zebra DNA Cloud console

New in 1.1

  • Introduced SSO Mapping managed configuration encompassing options related to SSO user role mapping, originally part of SSO Authentication Configuration.
  • Resolved Issues:
    • Enhanced Identity Guardian blocking screen behavior to appear quicker after device reboot.
    • Resolved an issue where Identity Guardian’s managed configuration was not loading from the EMM UI.
    • Ping Identity SSO configurations now consistently functions with Identity Guardian when set up from an EMM.
  • Known Issue: On TC22 or TC27 devices, occasionally an error message may appear requiring the MDNA license following a device restart.

Usage Notes

  • Screen lock in Android device settings must be set to “None.” Other types of screen locks, such as swipe or pin, are not supported.
  • While performing facial biometric authentication on a Zebra ET45, the device must not be rotated.

See Also