Back in November 2021 an extraordinary thing happened…
Please keep in mind one of the big advantages of MIRACL’s single step authentication is that it’s fast and highly successful at logging people in without failure.
But we weren’t expecting this - a few months after deployment one of our clients, Cashfac, hit a 99.987% successful login rate. As far as we’re aware there is no other technology on this earth that can claim as high a success rate, in lab conditions or in the field.
In some ways we thought it was too good to be true and a fluke of that period, even though it involved over 400 staff and 23,000 authentications.
Then it happened again in June 2022 a 99.992% success rate
…and most recently in August 2022 Cashfac hit a 99.996% success rate. Only two failures in 50,407 authentications by over 1,200 agents.
To put that into perspective, MIRACL’s chairman, Correy Voo, recounts a time when he initiated the deployment of RSA keys to all of his banking staff. In the first month they had a 20% success rate….not 20% failure rate, a 20% success rate, meaning the average employee had to authenticate 5 or more times before they got it.
After 3 years they got that success rate to 83%….a massive improvement of which I’m certain they were all very proud. Of course that success rate did not take into account the 5-10% of users who simply lost their key, left them at home or gave them to their PA, but let’s ignore that for now. The point is that after 3 years of optimisations they had 1 failure in every 6 attempts….that’s a failure rate which is over Four Thousand - yes 4,000x - higher than Cashfac!
Is an RSA deployment of nearly a generation ago even relevant? Of course it is; you may be surprised by what happens in the real world. Many companies are still using these technologies because they are either unaware that alternatives exist or are oblivious to the damage they do in terms of efficiency, engagement, security and costs.
The Problem with Multi-Step Multi-Factor Authentication
So you might think the current “state of the art” such as authenticator apps, SMS OTPs,Email Magic Links are much better, right? WRONG!
Cellular connection, email spam filters, dead batteries, multiple inexplicable user steps and even passwords - yes, often these new multi-step, multi-factor solutions are used on top of passwords - all reduce your success rate.
Here’s a simple stat for you. In 2019 Google ran a study which found that 38% of users do not have their mobile present when asked to authenticate. So what do over ⅓ of your customers have to do? Scramble around the house, go to the car, even fish it out of their kids hands or in some cases they just give up, the phone is nowhere to be found or it’s just plain dead. So you’ve lost your sale, your reader, your brand fan all in the name of difficult authentication.
Here’s a less obvious consideration. Regardless of the relative technical merits of any solution, user friction will always reduce your effective security. In 2008 Beautement et al. published a paper titled “The Compliance Budget: Managing Security Behaviour in Organisations”. One of the main conclusions they came to was that you only have a finite amount of goodwill with your users - the Compliance Budget. If you present too much friction, your users will go from compliance with security procedures to actively circumventing them. Sharing passwords and tokens, keeping sessions open far too long are all examples of flouting security rules. Every security professional who has had to deploy a security framework will have stories such as these.
The Benefits of Single-Step MFA
That’s why MIRACL Trust ID is so fast and successful. In the interest of speed we have stripped out all the extra steps and dependencies on devices or external processes to come up with a single user-step log-in process that takes only 2-3 seconds from start to finish. Faster than any other authentication method we know in existence - other than using an auto-fill password manager i.e. no security at all. It also explains in human terms why our military grade cryptography is easily and rapidly adopted by any user group.
The simplification process has also had a huge impact on success rates. Every additional dependency and every additional step creates a source for System Failure and User Failure. By speeding the process up, we have cleaned it up and made it almost impossible for a valid user to fail.
Don’t take my word for it, the numbers speak for themselves and you can speak to our customers…
“The first time we looked at MIRACL, we thought it was too good to be true, but it provided the most innovative, cost-effective and scalable MFA solution, and met all of our technical requirements.”
John Ferguson, Chief Risk Officer, Cashfac