Many organizations use proximity cards (prox cards) for physical access to offices, facilities, restricted areas, and shared workspaces. Rublon MFA extends this familiar contactless workflow to digital access by allowing supported proximity cards to serve as possession-based multi-factor authentication (MFA) factors.
Scenario
An organization already issues proximity cards to employees, administrators, contractors, or partners for physical access control. Users are familiar with the workflow: bring the card close to a reader and gain access when the credential is valid.
IT wants to apply a similar proximity card authentication experience to digital identity verification, like Windows access. Instead of introducing a separate hardware token or relying only on mobile authentication, the organization wants to use supported proximity cards as part of MFA for local Windows logons and remote desktop sessions.
Challenge
Physical and digital access are often separated. A proximity card may open the door, but the same user may still rely only on a password to log in to a Windows workstation or connect to a service. This creates a gap between physical access control and digital identity protection.
Password-only access to applications and services such as Windows endpoints and remote sessions increases the risk of unauthorized access when passwords are compromised. Organizations need a stronger authentication model that is easy for users to understand and practical for IT teams to deploy.
Solution
Use Rublon MFA to add a possession-based authentication layer with proximity cards. After entering a username and password, the user confirms access by presenting a supported proximity card to a compatible RFID reader.
This creates a simple and familiar MFA flow: something the user knows plus something the user has. Rublon MFA can then be used in a multitude of scenarios, including enabling employee badge-based 2FA & MFA for workforce access using RFID, using physical access (PACS) credentials for MFA across Windows and RDP, and securing shared Windows workstations with RFID-Based MFA. And all of that while allowing organizations to build on contactless access workflows users already know.
Benefits
- Use proximity cards for MFA: Extend supported proximity cards from physical access to digital user authentication.
- Support a familiar tap-and-go workflow: Let users authenticate by presenting a card to a compatible RFID reader.
- Reduce password-only risk: Require a possession factor in addition to the user’s password.
- Simplify adoption: Build on access habits users already understand from physical security workflows.
- Protect Windows endpoints: Add MFA to local Windows logons and remote desktop sessions.