Identity & Access Management platform with a biometric core

Streamline and unify enterprise identity and access management with BIO-key PortalGuard IAM platform.

Hand holding a smartphone with security icons and a shield with a checkmark, representing verification or protection.

A defense-grade IAM platform with a biometric core

Trusted by the most trusted, PortalGuard IAM platform provides identity management and authentication for leading defence organizations, government agencies, financial institutions, judiciary, security and law enforcement agencies worldwide.

Book demo

A proven track record

G2 Winter 2026 badge labeled ‘High Performer’ with a red and yellow accent.
G2 Winter 2026 badge labeled ‘Best Meets Requirements – Enterprise’ with a yellow accent.
G2 Winter 2026 badge labeled ‘Best Est. ROI – Enterprise’ with a purple accent.
G2 Winter 2026 badge labeled ‘Highest User Adoption’ with a blue accent.
G2 Winter 2026 badge labeled ‘Easiest To Do Business With’ with a green accent.
Read customer reviews

BIO-key PortalGuard IAM platform

The BIO-key PortalGuard IAM platform is the vanguard platform for secure, flexible, configurable physical Identity & Access Management. Streamline your IAM workflows across your organization for increased security, speed, transparency and ease of use.

“We can attest to the significant value provided by the PortalGuard IAM platform and biometric capabilities over other vendor solutions.”

William Elks, IT Manager, YYK Enterprises

“The PortalGuard solution delivers immediate value to our customers by providing a more secure, predictable, and scalable solution versus other competitive alternatives.”

Robert DeVita, CEO and Founder, Mejeticks

“Of all of the solutions we evaluated, PortalGuard was the only one that provided all of the key IAM security attributes we were looking for.”

Warren Bowman, IT Security Officer, Henrico County

“With PortalGuard, we benefit from single sign-on to a variety of systems as well as self-service password reset, a functional help desk tool and multifactor authentication.”

Bert Audette, Chief Information Officer, Unity College

“Our users love the single sign-on experience, and our Help Desk loves the reduced phone calls and self-service portal.”

IT Team, Grand View University

“We were impressed with BIO-key’s wide variety of multi-factor authentication (MFA) options for our customers to choose from to secure access to their desktops and applications.”

Carlos Cisneros, Managing Director, Darksteel Technologies

PortalGuard IAM platform capabilities

Multi-modal MFA

Choose from 17 types of authentication methods — and increasing.

Hardened access

Identity bound biometrics provide additional assurance of human factor authentication.

Ease of use

Use its intuitive interface to quickly achieve your goals.

User management

Easily manage authentication for all users and platforms in one place.

Easy deployment

Roll out easily and quickly, with complete control, using Active Directory or Microsoft Intune.

Support for remote logins

Authentication for local and remote logins (via RDP) for 360-degree security.

Advanced SSO integrations

Manage all your SSO integrations in a single pane of glass and add PortalGuard [link] to enable biometric Windows login.

Sophisticated reporting

Keep your IAM environment in peak condition, and audit ready, with advanced reporting.

Desktop authentication

Secure, fast, easy-to-use desktop authentication for Windows & MacOS.

Hybrid deployment options

Secure authentication for on-premise, cloud, and SaaS logins, providing total flexibility for your unique infrastructure.

Explore PortalGuard: Enterprise IAM platform

See the power of secure SSO, MFA, and biometric authentication.

Download datasheet Book demo

Use cases

Move from a multi-authentication, unmanaged user-access to a streamlined, audited, efficient IAM environment.

Challenge

Reliance on passwords and unmanaged, third-party forms of ID have created a system that is heterogeneous, hard to manage and insecure.

Outcome

With PortalGuard IAM platform, a single platform manages and tracks a range of approved forms of ID, covering all necessary use cases.

A complex and unmanaged set of sign-on and authentication methods offers online account customers sub-optimal security and ease of use.

Challenge

Give customers a range of approved identification methods that the organization can easily and economically manage through a unified platform.

Outcome

PortalGuard allows the business to easily assign the right ID method, including sophisticated biometric forms of ID, and manage these through the platform.

Employees routinely use, and must identify themselves with, a wide range of platforms. This adds complexity, wastes time and complicates security and compliance.

Challenge

Employees must securely identify themselves on many different platforms in order to do their jobs.

Outcome

Using PortalGuard IAM platform the company enables a single secure sign-on across all platforms, for speed, security and ease of use

Public-sector organizations must demonstrate their compliance with key NIST frameworks and other relevant regulations.

Challenge

Demonstrating NIST compliance in an environment with diverse and legacy IAM systems is almost impossible

Outcome

Using PortalGuard IAM platform organizations provide strong, easy-to-use authentication at every access point, managed through one interface.

Implement fast sign-on or multi-factor authentication on shared workstations with an easy-to-deploy desktop client.

Challenge

Shared workstations in retail, contact-center and similar environments require hardened authentication that’s easy to use.

Outcome

Using PortalGuard employees can quickly and securely login to shared desktops using centrally managed, locally stored biometrics.

To harden security, IT needs to add MFA capabilities to its Windows servers without adding complexity or potential vulnerabilities.

Challenge

How to secure Windows servers using MFA without adding complexity and within a managed environment.

Outcome

PortalGuard enables advanced MFA and fast SSO within a centrally managed, tracked and audited environment.

A heterogeneous IAM environment, unmanaged and relying on legacy identification technologies makes demonstrating best practices to insurers impossible.

Challenge

Find a way to add IAM to the company’s desktop and server PCs that doesn’t add unacceptable complexity but meets security and compliance needs.

Outcome

Using PortalGuard the company is able to demonstrate best practices within a centrally managed, auditable IAM environment.

Integrations

Customer benefits

Organizations adopting the PortalGuard IAM platform can:

Harden security with the power of biometrics.

Protect against phishing with stronger, easy-to-use MFA.

Choose the authentication mix that’s right for the use case.

Improve the user experience and streamline IT workflows.

Cut helpdesk costs and volumes with fewer access-related issues.

Standardize IAM across all devices & services.

Protect workstations from malicious takeover with hardened authentication.

Show improved security for insurance, regulatory and reputational reasons.

Improve the user experience with smoother authentication and easy self-service.

BIO-key case studies

Marketron

Adtech specialist needed ways to protect its platform

Marketron enables broadcast media to maximize returns on ad inventory. To protect its business model, it had to ensure only authorized clients could access its platform.

Challenge

Marketron had to provide secure, robust authentication that wouldn’t place an unmanageable burden even on smaller clients that lacked their own IT teams.

Outcome

Using BIO-key Portalguard, Marketron gave customers multifactor authentication that was easy to use, easy to support and met the necessary security criteria.

Read the case study
Orange Bank

Bank uses hardware and software authentication to secure access

The bank needed the highest standards of authentication using identity-bound biometrics (IBB).  Roving users needed to be able to login anywhere with one touch.

Challenge

The bank needed to improve security at authentication. But users were suspicious of over-complex systems and the bank’s small IT team needed something easy to support.

Outcome

Switching to BIO-key PortalGuard offered the bank the optimal combination of ease of use, hardened security and simplicity of support.

Read the case study
First National Bank of Long Island

Password authentication: a security and usability limitation

To meet the required security standards, the bank had increased the complexity of its password requirements to the point of introducing unacceptable user friction.

Challenge

To meet security requirements passwords were too complex for staff to use. Front-line staff were frustrated, and IT staff were overwhelmed with password-support requests.

Outcome

Using BIO-key Portalguard and fingerprint  readers, the bank provided one-touch access to a whole range of applications, reducing and IT workloads while improving security.

Read the case study

Talk to us about simplifying access management

Find out how BIO-key’s IAM solutions bring secure SSO, MFA, and adaptive authentication together in one platform.

Get in touch

Frequently asked questions

Yes, PortalGuard supports a wide range of authentication methods, including biometric options. You can choose from:

  • Identity-bound biometrics (e.g., fingerprint, palm scan)
  • Device-based biometrics (e.g., Face ID, Windows Hello)
  • FIDO2/WebAuthn tokens and passkeys
  • BIO-key MobileAuth app with push notifications
  • One-time passwords (OTP) via SMS, email, or authenticator apps
  • Smart cards, proximity cards, and hardware tokens
  • Knowledge-based methods like challenge questions

This flexibility allows organizations to implement secure, user-friendly authentication tailored to different roles and risk levels.

PortalGuard is designed for seamless integration with your existing IT ecosystem. It supports:

  • SSO protocols: SAML, OAuth 2.0, OpenID Connect, and CAS
  • Identity providers: Works with Microsoft Entra ID (formerly Azure AD), Okta, Ping, and others
  • Desktop login: Integrates with Windows and macOS environments
  • Network access: Supports RADIUS for VPNs, thin clients, and other network devices
  • Cloud and on-prem apps: Easily connects to thousands of applications as both an Identity Provider (IdP) and Service Provider (SP)

Yes. PortalGuard offers flexible deployment options to meet your infrastructure and compliance needs:

  • On-premises: For organizations with strict data control or regulatory requirements
  • Cloud-hosted: Delivered via AWS for scalability, high availability, and reduced IT overhead
  • Hybrid: Combine on-prem and cloud components to support complex or phased deployments

PortalGuard helps organizations meet a wide range of regulatory and industry standards by:

  • Enforcing strong, adaptive MFA
  • Supporting passwordless and biometric authentication
  • Providing detailed audit logs and reporting
  • Enabling role-based access control and policy enforcement
  • Offering secure self-service password reset to reduce risk

These features support compliance with frameworks such as HIPAA, NIST 800-63, PCI-DSS, FERPA, and GDPR.

Yes. PortalGuard is built with redundancy and user recovery in mind. If a user loses access to their primary authentication method, they can:

  • Use a backup MFA method (e.g., OTP, challenge questions, or a secondary device)
  • Access self-service recovery options, such as password reset or device re-registration
  • Contact IT for identity verification and re-enrollment

This layered approach ensures users can regain access securely without compromising the overall security posture.

PortalGuard supports both Windows and macOS environments. It integrates directly with the operating system’s login process, enabling secure authentication for both domain-joined and standalone machines.

PortalGuard is designed to support offline login scenarios. When a device is disconnected from the network, users can still authenticate using cached credentials or pre-configured offline MFA methods, such as biometrics or smart cards. This ensures continuous access without compromising security.

Yes. PortalGuard can enforce multi-factor authentication for:

  • Local logins (e.g., workstation access in the office)
  • Remote logins (e.g., VPN or remote desktop sessions)

Administrators can define policies based on user roles, device types, or network conditions to ensure consistent security across all access points.

PortalGuard includes self-service password reset (SSPR) directly at the login screen. This allows users to:

  • Reset forgotten passwords
  • Unlock their accounts
  • Recover access without contacting the help desk

These features reduce IT support costs and improve user productivity.

PortalGuard can be deployed using standard enterprise tools such as Microsoft Endpoint Configuration Manager (SCCM), Group Policy, or custom scripts. Centralized management allows IT teams to:

  • Configure authentication policies
  • Push updates and patches
  • Monitor login activity and generate reports
  • Manage user enrollment and recovery options

This ensures scalable, consistent deployment across large and distributed environments.

Complementary products

Mobile MFA:
MobileAuth

Discover more

Fingerprint scanners:
USB-connected fingerprint authentication

Discover more

Additional resources

Bio-key PortalGuard product sheet

Read more about the technical capabilities, integrations, workflows and supported identification methods for PortalGuard IAM platform.

Download PDF

Further reading

Discover more about Bio-key with access to additional product information, industry news and thought leadership content.

Read More

Find out what BIO-key can do for your business

Speak to BIO-key today to find out how our advanced access management technology can help you achieve your security and business goals.