All of us need to encrypt content as soon as it’s created and shared with other users. With IdentaMaster you proactively protect your sensitive information since your account required to be validated biometrically. For example, you have folder where you keep important documents, such as financial reports or your private medical records. With only single click (right click on that folder) you may bring windows with the title ‘Bio Secure Files/Folder’ that prompt to scan your fingerprint (or look into Iris Binocular Device from Iritech, place palm on Fujitsu scanner, etc). As a result of successful authentication, content of this folder will be encrypted and stored in biometrically protected archive with extension .izbiosecure. For your safety, you may delete original folder. From this point, any other user of that PC, who shared certain resources with you, won’t be able to unpack and view such encrypted archive, even if he/she has valid windows account, logged in successfully and get access to hard drive. Further, you may upload encrypted content into external storage or cloud. At any time later, as you need, download encrypted package back on the PC from external storage media, click on it and after successful biometric authentication, open up, preview content of that archive and extract desirable document(s) for update. If this is a PC, shared by member of your family, your cousins or children would do the same trick: pass their identity verification under their account while selecting dedicated list of files and you would be locked out from their private staff, such as music, images, diaries, and love letters.
If you have a drive, partition on drive or USB storage device, you will take advantage of IdentaMaster’s Drive encryption solution. IdentaMaster seamlessly integrated with Microsoft technology built into windows, but IdentaMaster itself will significantly simplify your workflow. Any drive, not fully encrypted are subject to stolen information. Whether PC is a standalone multiple user or network based machine, local HD volumes are need to be strongly protected, meaning only permitted user would unlock it and get access to its resource. Few common scenarios are worth to describe here. Assuming, you are CPA, you have external data drive on your company’s PC, where you keep information, such as accounting records of your clients. Attaching this drive to any PC allow fraudsters to access information momentarily. Remember, that unencrypted drive would be detached on connected to another PC. No Windows account validation required, so data easily compromised. However, with IdentaMaster enabled PC you may secure it with the following steps: make a right click on that data drive and start Encryption. Moreover, you could assign ‘access/deny’ rule per this particular attached media for other users of your computer. If you have another computer user which belonged, for example, to your staff of bookkeepers, and you would like your assistance receive access and update document from that external USB drive, just setup ‘allow’ rule. Remember, that windows account of your assistance is limited and he/she won’t be able to overwrite rule that you setup as Administrator of the PC. By login on that PC with IdentaMaster’s biometrically enabled capabilities, your assistance just passing biometric authentication and external drive will be immediately unlocked for update. After signing off, that drive locked up again, so no one beside you or your assistant bookkeeper will use it on that PC or any other PC.
The IdentaMaster® application allows you to biometrically control access to drives on your PC. IdentaMaster® provides secure protection for confidential data against unauthorized access because our software is biometrically enabled. You can use the encryption capabilities with fixed drives as well as removable drives (such as a thumb drive or USB DAS device).
After the successful biometric authentication during the login procedure, specific encrypted drives are unlocked and the authorized user will be able to access and update the content of that drive. Allow/Deny rules for particular users are assigned by the user with Administrative rights.
If a removable drive, previously encrypted with IdentaMaster® has been detached and then re-attached to the PC during an active session, the particular user who was allowed to access the removable drive may lose access to the computer drive. The user will see that the specific drive is now in a locked state. To regain access to the drive, the user must access the biometric (or password-based) login to his/her windows account. Therefore, the user should lock and unlock the terminal or sign off and log in to his/her account again. The removable media now becomes unlocked and accessible.
IdentaMaster® is deeply integrated with built-in MS Windows OS drive encryption technology (BitLocker). If Windows BitLocker is used through the Windows built-in interface (Control Panel>Manage BitLocker), the IdentaMaster® application afterward won’t be able to perform the Decryption Procedure on the specific drive. We strongly recommend performing the Encryption and Decryption procedure with IdentaMaster® to make such processes consistent.
Before you start the uninstall procedure, we strongly recommended performing drive decryption because the specific drive cannot be decrypted by any third party software once you have UNINSTALLED IdentaMaster®.
IdentaMaster must be installed under an Admin account. This admin account will be active by default once you install IdentaMaster.
When installing, you will be prompted to login the credentials of the admin account. The other Windows user accounts need to be activated through the User Enrollment tab in order for them to be accessible. Start IdentaMaster through the Admin account, and go to the User Enrollment tab. A list of Windows user accounts that are on the computer will appear. Select the user account that you want to activate. You will be prompted to enter the user account’s password in order to activate it.
Once activated, the user account will be marked with a green color. Unactivated user accounts will remain in orange.
To activate the biometric logon option, the user needs to have logged on via biometric enrollment at least one time. If you have not launched IdentaMaster, you will see the regular Windows log on screen.
Please ensure that your version of Windows is up to date on all system updates, etc.
Please have your Windows account ready with administrative privileges. It is necessary to have administrative rights and a password set up on your PC.
Please coordinate with the Domain Administrator.
In cases when IMP has been installed on the non-DC PC, IdentaMaster® Pro acts as a simple IdentaMaster; however, right after DC provisioning, IdentaMaster® begins to pull and authenticate user account information from the DC. The process has been fully automated and doesn’t require extra steps.
As soon as the Domain Controller is provisioned, there should be no specific issues besides ensuring that the IdentaMaster® Pro license is activated. Because this program is security-oriented software, we allow only Domain Administrators (for the DC version) to log in to the domain and configure a user’s account.
Please ensure the following have been taken care of:
• Ensure proper IdentaMaster Pro licensing.
• Ensure the DC Administrator is available for account activation and biometric setup.
• Reload your PC after DC provisioning.
• It may take 1 to 3 minutes (depending on the system and the networks) to pull up account data. (It takes longer the first time around.)
• Ensure Windows Domain users (at least one) have been fully (biometric and password) provisioned in IdentaMaster.
Although we do not recommend that Domain Controller users install IdentaMaster Pro without DC administrative rights, it is possible to install and use IdentaMaster Pro under the local administrator. Please note that all Domain Controller functionality will be locked until the DC administrator provides his/hers credentials to enroll other users. At this point, IdentaMaster Pro’s functionality is achieved under local administrator.
If there is a need to change your password, such as when requested by the DC administrator, in case of a password expiration or any other reason, please do so. IdentaMaster allows you to change passwords within the working environment, e.g., IdentaMaster has been installed and your password has expired and must be changed. In this case password changes take place at the Windows login screen, or you can change the password via the Ctrl+Alt+Del procedure.
After that, you would need to launch IdentaMaster® Pro.
• Go to the “User Enrollment” panel.
• Select your user account.
• The “Edit User Account” prompt will appear.
• Within that prompt, you will see the option:
Enter your password
Enter your new password as a confirmation and proceed. You don’t need to perform biometric enrollments again. Just apply the changes and quit.
No, it doesn’t. IdentaMaster Pro uses internal protocols to communicate with DC; no actual data write happens, only pull, read, and compare functionalities. IdentaMaster Pro doesn’t alternate the DC database and/or functionality in any way.
No, it can’t be done successfully. We would recommend decrypting all data before PC file transfers.
No, the user can log in to the Domain account only from a machine on which biometric enrollment has actually been performed. IdentaMaster® Pro currently doesn’t support a roaming biometric profile.
It may be possible to do so without any file decryption; however, we urge our customers to decrypt all data before any PC upgrade or hardware swaps.
Please encrypt the file or folder on your local PC before downloading to the remote store site. It is preferred to complete encryption on the local PC due to performance. It is possible to encrypt a file or folder at the remote site, but it would consume more time.
We did record a slower response time when Domain Controller querying happens; depending on the network limitation and the PC hardware, a first-time user’s data pull may take longer than the usual waiting time for Windows to show the login screen and for first-time logins.
IdentaMaster® must be installed under an admin account. When you have successfully installed IdentaMaster® and restarted the machine, you will see only the administrator’s account under which you performed the installation. Please make sure that you use the same admin account and that the name is displayed on the login screen.
If you have other accounts on your PC, they become invisible after the first installation. You can activate them with the IdentaMaster® Administrative application. Launch the IdentaMaster application, go to “User Enrollment”, and activate any user in the list.
Once activated, the user account will be marked with a green color. Inactive user accounts will remain orange. To activate the biometric login option, the user must have logged in at least one time via biometric enrollment. If you have not launched IdentaMaster®, you will see the regular Windows login screen.
Yes. IdentaMaster does not depend on an internet connection for user login, encryption and decryption. An internet connection is required only for license activation. That’s it.
No. IdentaMaster does not collect your personal data. There is no single field that requires your real name, address or financial information.
No personal information is collected. Period.
IdentaMaster supports more than a dozen biometric reader manufacturers:
This list updates frequently.
Last update: August 2016
Yes, of course. IdentaMaster works with all supported devices simultaneously. You can connect several devices to one PC and use them for encryption and decryption as well as for login.
Windows has two types of accounts – Admin user and Limited user. Limited users are not given access to the IdentaMaster® Admin console that manages other user accounts (user registration, user enrollment, user activation, etc.). Only an Admin user account has access to this interface. Limited user accounts have access to the Biosecure functionality, which gives them the Biometric Encryption and Decryption functionality to protect their files. Biosecure functionality works only for users who have been biometrically enrolled.
Correct. Each user account must be activated via the User Enrollment tab for it to be accessible.
To be accessible, all Windows user accounts must be activated by an administrator (Windows account with administrative rights) through the User Enrollment tab. Start IdentaMaster® through the Admin account, and go to the User Enrollment tab. A list of Windows user’s accounts that are on the computer will appear. Select the user account you want to activate.
You will be prompted to enter the user account’s password to activate it. After that, you may proceed to Biometric Enrollment or skip it to use the password for the remainder of the login procedure.
Correct. Each user account needs to be activated via the User Enrollment tab in order for it to be accessible.
No. A password is required to activate a user account. All user accounts must be password protected to be activated. If a user strongly prefers to access his account without a password, after activation is done via IdentaMaster® ,the admin can remove the password for that particular account in a Windows User Account tool in the Control Panel (after activation is achieved via IdentaMaster® Admin) so that it can be accessible without a password.
You will need to launch IdentaMaster®.
Enter your new password as a confirmation and proceed. You don’t need to perform biometric enrollments again. Simply apply the changes and quit. “Select Login Type” (Password or Biometric) / “Enter User Password” Select “Password” enrollment, and enter in your new password.
No. A Password is required to activate a user account. All user accounts need to be password protected in order to activate them. If a user strongly prefers to be able to access his account without a password, The Admin can remove the password for that particular account (after activation), so it can be accessible without password.
As an admin, you can always log in to your machine via the safe mode. While in safe mode, you can restore the system. You can also uninstall IdentaMaster® via Safe Mode or roll back your machine to a certain restore point.
You will need at least two licenses to activate the IdentaMaster® application. First, you should enter the IdentaMaster® (functional application) license, and then the IdentaMaster® Biometric Plugin license. Further, you may obtain and enter any additional plugin license to activate other biometric devices. In addition, if you have originally activated the IdentaMaster® (standard application) license, you may later obtain an IdentaMaster® Pro license and enter its value to perform an application upgrade so that you will be able to work on a PC that had joined the Microsoft Domain Network.
You have a problem with logging in due to licensing policy restrictions. After installing IdentaMaster® (regular edition) to the domain, you can use your biometric device only to encrypt/decrypt files and log in to the local PC. IdentaMaster® will not offer access to the domain.
Only IdentaMaster® Pro can fully function on the domain, i.e., log in to the PC with a biometric device, encrypt/decrypt files and manage users.
You should get the IdentaMaster® Pro license and upgrade the IdentaMaster® application. Thereafter, you will be able to log in to the domain using the “Domain Administrator” icon and activate any available domain account.
Due to possible unsuccessful IdentaMaster uninstallation, the new IdentaMaster may use an old, incompatible fingerprints database, thus creating login and decryption issues.
Please ensure there are no files encrypted with the previous IM version. The finger scan databases are incompatible.
To clear this problem, please log in to the Safe Mode with Networking Windows by holding down the Shift key and selecting Restart for Windows 8. The Shift key on the keyboard is the one closer to the Enter key.
When you are in Safe Mode, please go to Add and Remove Programs, select IdentaMaster and uninstall it. Sometimes Windows doesn’t allow for the completion of this action; if that is the case, follow this link to complete the shell script that will allow Windows to initialize the installer services.
For the next step, attempt to uninstall IM again.
Log back into Windows.
Find where the previous version of IdentaMaster was installed. Conduct a search for IdentaZone and/or IdentaMaster folder. It may be located in the System32 or System folder. The IdentaMaster or IdentaZone folder must be removed.
Then re-install IdentaMaster.
Unfortunately, application architecture doesn’t allow the renewed IdentaMaster® profile to be used for a previously created encrypted archive. We recommend decrypting all data before PC file transfers.
The IdentaMaster solution needs to be activated & installed on the Administrative user account. For those installing IdentaMaster on a shared computer, Use the Admin account to set up Password-only access for other users. That way, those who do not want to go through the biometric enrollment process are able to access their user accounts the same way they did before IdentaMaster was installed. To do this, user accounts must be activated via entering their password on the User Enrollment tab. Once you assign Password-Only access, nothing is changed for this user.
Windows has 2 types of accounts – Admin & limited user. Limited users are not allowed access to the IdentaMaster Admin console that manages other user accounts (user registration, user enrollment, user activation, etc). Only an Admin user account has access to this interface. Limited user accounts have access to the Biosecure functionality, which allows them to Biometric Encryption & Decryption functionality in order to protect their files. Biosecure functionality only works for users that have enrolled via biometric verification. Biosecure is not available to users who have been assigned a Password-Only method of access to their account.
You have a problem with logging in due to domain restrictions. After installing IdentaMaster (regular) to the domain, you can use your biometric device only to encrypt/decrypt files. IdentaMaster will not offer biometrics for Windows login, but will still work on files.
Only IdentaMaster Pro can fully function on the domain, i.e., log in to the PC with a biometric device, encrypt/decrypt files and manage users.
Open the IdentaMaster app. Go to the “User Enrollment” tab. Choose your account name by selecting it. Click “Update Enrollment” and select the login type of “Password Only”.
We released IdentaMaster® to help people and businesses implement biometric security simply by installing an all-in-one IdentaMaster® Biometric Solution that includes the most-demanded features, such as:
Windows login (without typing the password)
Scanner interchangeability (can connect dozens of scanners)
Biometric encryption (files and folders on local machine or cloud)
IdentaMaster® is limited to a local Windows PC. It must be installed on a PC with local administrative rights (i.e., not on a domain).
IdentaMaster® Pro is designed for professional environments to work in the networks controlled by the Domain Administrator.
IdentaMaster® is not designed as a password manager for browsers.
A single license is connected to one specific machine. If you want to re-activate your old license, please contact our customer service so we can help you transfer your license to a new PC.
IdentaMaster is a one-time-fee biometric solution. There are no hidden additional fees or subscriptions. Pay once – use forever (until you upgrade to a newer version of Windows).
The number of active users on a PC is limited only by the Windows settings. Basically, a single IdentaMaster® license is for unlimited users on one PC.
After you installed the IdentaMaster® software and successfully activated the license, the admin account became active by default. You should see it in the login screen after restarting.
There will be two icons by default:
1 – Identify me – if you enrolled fingerprints, you can click it and log in.
2 – Your personal account icon/name (the admin who installed IdentaMaster)
Please make sure you use the same admin account and that the name is displayed on the login screen.
If you installed IdentaMaster with an “X” admin and restarted your PC without enrolling your fingers, click on the icon of “X” user and use your regular password. Then go to IdentaMaster and enroll your fingers.
We recommend using both the “Biometrics and Password” login methods while you are learning about the IdentaMaster® application.