EZCMS simplifies the passwordless onboarding process by giving users and administrators the following onboarding options:
EZCMS leverages industry leading AI technology to scan Government IDs and checks against global databases to ensure the ID is a valid government issued ID. Then it uses Face ID with liveness checks technology to validate that the user matches the person from the government ID.
To enable current domain users to upgrade their security to a passwordless smartcard, EZCMS enables smartcard creation when authenticated with an MFA identity to the desired domain.
As organizations are adopting Microsoft’s Identity isolation best practices the need of bootstrapping from another domain to have a fully passwordless onboarding experience was a key feature for EZCMS.
To support existing workflows, EZCMS allows IT administrators to create a blocked card for the end user, EZCMS then will send the user an unblock code which the user will then use to unblock the smartcard.
EZCMS simplifies the onboarding process by automating most of the steps currently done by IT teams around the world.
The user or someone on behalf of the user requests a new smartcard.
The smartcard is assigned and sent to the user.
The user authenticates using one of the methods mentioned in the onboarding options section.
The user selects the domain that they want to create a smartcard for.
EZCMS client sends the request to your EZCMS instance including a key attestation to validate the certificate was created in the smartcard issued to the user.
EZCMS validates the user has permission to create this smartcard and validates the cryptographic integrity of the request.
EZCMS sends the request to your certificate authority (CA).
Your certificate authority issues the certificate.
EZCMS installs the certificate in the smartcard.
The user is ready to start using their smartcard.