Skip to content

Passwords, phishing, and fragmented identity and access management (IAM) systems slow down users and expose organizations to growing risks. Leaders struggle to implement passwordless solutions across their environments—and without disrupting existing Microsoft Entra ID environments.

RSA helps organizations meet these challenges with a special bundle that combines the world’s most secure hardware authenticator and an enhanced security layer for Microsoft Entra ID.

Complete the form to speak with our team and deploy the solutions you need to:

  • Enable phishing-resistant, passwordless access
  • Enhance multi-factor authentication (MFA) resilience across Microsoft and non-Microsoft environments
  • Support Zero Trust initiatives without slowing down operations
RSA iShield Key 2 and RSA ID Plus for Microsoft

These new bundles include:

RSA® ID Plus for Microsoft Entra ID delivers IAM capabilities across cloud, hybrid, Microsoft, non-Microsoft, and legacy environments. The integration helps organizations meet DORA and NIS2 availability requirements, stops social engineering attacks on IT help desks, and expands authentication across a range of environments.

RSA iShield Key 2 MIFARE series hardware authenticators secure both physical and digital access. The device allows users to badge into buildings, pay in canteens, and use phishing-resistant, passwordless authentication to access web apps, desktop, VPNs, and legacy systems.

Secure physical and digital access

Organizations may select from the following bundles:

Bundle 1

10 RSA iShield Pro MIFARE hardware authenticators

20 RSA ID Plus for Microsoft licenses (6-month subscription)

Bundle 2

50 RSA iShield Pro MIFARE hardware authenticators

100 RSA ID Plus for Microsoft licenses (12-month subscription)

Bundle 3

110 RSA iShield Pro MIFARE hardware authenticators

200 RSA ID Plus for Microsoft licenses (12-month subscription)

This promotional bundle is available for a limited time through RSA authorized partners until January 2027. Find an RSA partner.

Advance Your Zero Trust Strategy

RSA ID Plus and RSA iShield PRO MIFARE keys create a layered identity defense helps organizations advance Zero Trust strategies by:

  • Reducing reliance on passwords
  • Improving resilience against identity-based attacks
  • Strengthening compliance readiness, including NIS2 requirements
  • Enhancing user experience without compromising security
RSA iShield Key 2 MIFARE Series

RSA iShield Key 2 MIFARE Series features

  • Unified digital AND physical access: Built-in MIFARE and FIDO security let users tap the same key at turnstiles, clock in and out, make cafeteria purchases, and access desktops, legacy systems, and SaaS portals. The solution is ideal for financial services, healthcare, energy, and other highly regulated organizations.
  • Stop phishing: FIDO2 and PIV provide strong, phishing-resistant authentication, protecting enterprise systems from credential theft- attacks with a capacity for 300 stored passkeys and 24 smart card credentials.
  • Lifecycle savings: Field updatable firmware can add new features, so enterprises cut hardware replacement cycles and user re-registration costs.
  • Audit-ready out of the box: The RSA iShield Key 2 MIFARE series aligns with NIS2, DORA, US EO 14028, and NIST SP 800-63-4 AAL 3 hardware authentication guidance and features CC EAL6+ hardware-based security.
  • End-to-end identity protection: Easily integrates with RSA ID Plus, giving you full control over your IAM strategy.

Using a RSA iShield is quick, simple, and stops phishing.

RSA iShield Key 2 MIFARE Series Benefits

  • One tap, everywhere: swipe through turnstiles and log into desktop or cloud apps with the same key. Passwordless for everyone, everywhere, every time.
  • Ruggedized form factor: Fully molded, robust, and waterproof housing.  Single issuance workflow: provision one authenticator instead of separate security and access cards, cutting onboarding time and lost-badge tickets.
  • Self-Service capabilities with ID Plus: End-users can easily register, update, and manage their credentials with ID Plus, minimizing the burden on IT teams while enhancing the user experience. Reduced hardware inventory: retire separate proximity cards; reduce replacement spend
  • Privacy built-in: cryptographic keys never leave the device; no personal data is printed on the device.
  • Secure end-to-end supply chain from semiconductor chips to assembly to dropship, all in one factory.

RSA iShield Key 2 MIFARE Series Specifications

Supported standards / features
MIFARE DESFire EV3, FIDO2/CTAP2.1, WebAuthn, Universal 2nd Factor (U2F) CTAP1, HOTP (Event), Smartcard (PIV-compatible), OpenSC-compatible
Mechanical details
51.5mm x 18.5mm x 6mm
Form factor / device type
FIDO2 HID Device, CCID Smartcard, USB-A or USB-C, With NFC interface and multi-color LED
Certifications
FIDO Universal 2nd Factor (U2F/CTAP1), FIDO2 Level 1
Operating temperature range
Extended: -25°C to 70°C
Multi-platform support

Operating Systems: Windows 10/11, macOS, iOS, iPadOS, Linux, Chrome OS, Android

Browsers: Firefox, MS Edge, Chrome, Apple Safari

Storage
Holds up to 300 FIDO passkeys and 24 smart card certificates
Supported standards / features
MIFARE DESFire EV3, FIDO2/CTAP2.1, WebAuthn, Universal 2nd Factor (U2F) CTAP1, HOTP (Event), Smartcard (PIV-compatible), OpenSC-compatible
Mechanical details
51.5mm x 18.5mm x 6mm
Form factor / device type
FIDO2 HID Device, CCID Smartcard, USB-A or USB-C, With NFC interface and multi-color LED
Certifications
FIDO Universal 2nd Factor (U2F/CTAP1), FIDO2 Level 1
Operating temperature range
Extended: -25°C to 70°C
Multi-platform support
Operating Systems: Windows 10/11, macOS, iOS, iPadOS, Linux, Chrome OS, Android
Browsers: Firefox, MS Edge, Chrome, Apple Safari
Storage
Holds up to 300 FIDO passkeys and 24 smart card certificates

RSA iShield Key 2 MIFARE Series vs other soluitons

Feature Capabilities
iShield Key2 FIDO2 MIFARE
iShield Key 2 Pro MIFARE
Security Key by Yubico
YubiKey 5
Thales SafeNet eToken 5300
Phishing resistant
Yes
Yes
Yes
Yes
Yes
Passkeys (FIDO)
Yes
Yes
Yes
Yes
Yes
Smart card (PIV)
Yes
Yes
Yes
Yes
Yes
OTP (OATH HOTP)
Yes
Yes
Yes
Yes
No
USB-A / USB-C
Yes
Yes
Yes
Yes
Yes
Contactless (NFC)
Yes
Yes
Yes
(some models)
No
Upgradeable firmware
Yes
Yes
No
No
No
Storage capability
300 passkeys
300 passkeys
24 PIV certs
100 passkeys
100 passkeys
24 PIV certs
80KB memory
Physical access
Yes
Yes
No
No
No
Identity platform
Yes
Yes
No
No
(Authentication only)
Phishing resistant
iShield Key2 FIDO2 MIFARE: Yes
iShield Key 2 Pro MIFARE: Yes
Security Key by Yubico: Yes
YubiKey 5: Yes
Thales SafeNet eToken 5300: Yes
Passkeys (FIDO)
iShield Key2 FIDO2 MIFARE: Yes
iShield Key 2 Pro MIFARE: Yes
Security Key by Yubico: Yes
YubiKey 5: Yes
Thales SafeNet eToken 5300: Yes
Smart card (PIV)
iShield Key2 FIDO2 MIFARE: Yes
iShield Key 2 Pro MIFARE: Yes
Security Key by Yubico: Yes
YubiKey 5: Yes
Thales SafeNet eToken 5300: Yes
OTP (OATH HOTP)
iShield Key2 FIDO2 MIFARE: Yes
iShield Key 2 Pro MIFARE: Yes
Security Key by Yubico: Yes
YubiKey 5: Yes
Thales SafeNet eToken 5300: No
USB-A / USB-C
iShield Key2 FIDO2 MIFARE: Yes
iShield Key 2 Pro MIFARE: Yes
Security Key by Yubico: Yes
YubiKey 5: Yes
Thales SafeNet eToken 5300: Yes
Contactless (NFC)
iShield Key2 FIDO2 MIFARE: Yes
iShield Key 2 Pro MIFARE: Yes
Security Key by Yubico: Yes
YubiKey 5: (some models)
Thales SafeNet eToken 5300: No
Upgradeable firmware
iShield Key2 FIDO2 MIFARE: Yes
iShield Key 2 Pro MIFARE: Yes
Security Key by Yubico: No
YubiKey 5: No
Thales SafeNet eToken 5300: No
Storage capability
iShield Key2 FIDO2 MIFARE: 300 passkeys
iShield Key 2 Pro MIFARE: 300 passkeys, 24 PIV certs
Security Key by Yubico: 100 passkeys
YubiKey 5: 100 passkeys, 24 PIV certs
Thales SafeNet eToken 5300: 80KB memory
Physical access
iShield Key2 FIDO2 MIFARE: Yes
iShield Key 2 Pro MIFARE: Yes
Security Key by Yubico: No
YubiKey 5: No
Thales SafeNet eToken 5300: No
Identity platform
iShield Key2 FIDO2 MIFARE: Yes
iShield Key 2 Pro MIFARE: Yes
Security Key by Yubico: No
YubiKey 5: No
Thales SafeNet eToken 5300: (Authentication only)
RSA ID Plus for Microsoft 

RSA ID Plus for Microsoft Solutions

  • Prevent help desk fraud: Secure the credential lifecycle from attackers socially engineering the IT help desk to bypass multi-factor authentication (MFA)
  • Build MFA resilience: Maintain secure access across cloud, hybrid, on-premises, and legacy environments during cloud outages
  • Stop phishing: Deploy phishing-resistant authentication to offline and hybrid scenarios, and to extend passwordless beyond Microsoft environments

Key capabilities of RSA ID Plus M1

  • Bypass prevention: RSA Help Desk Live Verify eliminates social engineering risks by enforcing strong, policy-based verification for password resets and support calls
  • Offline and hybrid resilience: RSA ID Plus Hybrid Failover secures access during cloud outages, with support for Windows/macOS logons, VPN, and RADIUS
  • Phishing-resistant passwordless authentication: Provides FIDO2, passkeys, and adaptive authentication to block credential theft
  • Seamless Microsoft Entra complement: Extends Entra Plan 1 and 2 with coverage for hybrid, offline, and regulated environments without re-architecting
  • Enterprise scalability: Supports large user populations with flexible policies, risk-based decisions, and self-service options
  • Reduce operational costs: Self-service enrollment and recovery ease IT burden while reducing support tickets
  • Future-proof investments: RSA ID Plus M1 is designed to complement Microsoft Entra ID as organizations evolve identity strategies
Deploy the world's most secure IAM platform and harware authenticators.
You May Also Be Interested In...

Connect with RSA

id-plus-icon
ID Plus
verified-user-icon
Contact Us
securid-icon
SecurID