Blog

<p><img src="./miracl-blog-cryptography-library.jpeg" alt="MIRACL Core library code"></p> <p><strong>Over the past few weeks our Chief Crypto Officer, the highly respected Dr Michael Scott, has highlighted the benefits of the MIRACL Trust® authentication. No need for passwords, no storing of credentials and friction free to use. MIRACL also offers a leading open source cryptographic library available in 7 computer languages. Today, Michael reminds us of this capability and the exceptionally high standards it operates under.</strong></p>…

<p><img src="./miracl-blog-marriott-hotel.jpg" alt="MIRACL Trust ID, 2fa, mfa, Marriott Hotels"></p> <p><strong><em>Last week the National Cyber Security Centre (NCSC) released details of their latest advice to individuals and organisations as part of their Cyber Aware campaign – timed to support the increased use of remote working and simply ‘living’ online. It was also an opportunity to go back to basics and remind organisations and individuals how we should all be operating to minimise risk.</em></strong></p>…

<img src="./miracl-blog-trust-me-athentication-part-2.jpg" alt="MIRACL Trust ID, 2fa, mfa, multi-factor authentication, trust me authentication"> <p><em><strong>Earlier in the month our Chief Crypto Officer, Dr Michael Scott, shared his thoughts on the Trust Me model. Today he highlights an example where this works and considers its draw backs. Passwords are past their sell by date, we know that, but what is the alternative. Don’t be fooled into using personal data as your password replacement. It won’t end well.</strong></em></p>…

<img src="./miracl-blog-zoom.jpg" alt="MIRACL Trust ID, video conferencing, zoom conferencing"> <p><strong><em>As the Covid-19 pandemic continues, the technological revolution only accelerates as workplaces across the globe go digital and the importance of online security increases in parallel. Whether it’s protecting email accounts or company data on your laptop – how we protect our data couldn’t be more critical as we find ourselves living in a digital lock-down world.</em></strong></p> <p>As face-to-face meetings are replaced by virtual conferences, Zoom is one app that has helped to revolutionise the way we ensure ‘business as usual’. But, as with all online transactions, security measures should be in place to protect your business. At MIRACL we specialise in securing authentication with a unique, friction-free, zero knowledge proof, PIN based solution, designed by one of the world’s leading crytographers, Dr Michael Scott.</p>…

<img src="./miracl-blog-trust-me-athentication-part-1.jpg" alt="MIRACL Trust ID, 2fa, mfa, multi-factor authentication, trust me authentication"> <p><strong><em>Last month our Crypto chief, Doctor Michael Scott, compared FIDO to our MFA, zero knowledge proof verification system: MIRACL Trust, culminating in the publication of a new white paper - <a href="https://miracl.com/blog/fido-a-noble-attempt-but-alternatives-required/" target="_blank">https://miracl.com/blog/fido-a-noble-attempt-but-alternatives-required/</a> - Today, in part one of a two part series, he challenges the ‘Trust-me’ concept and highlights it’s dangers and the vulnerability it brings to the user.</em></strong></p> <p>Authentication is quite a crowded space with multiple Username/Password replacement proposals out there. One thing we all agree on – Username/Password is no longer fit for purpose. But what are the alternatives, and how might they be categorised?</p>…

<img src="./miracl-blog-forgerock_logo.jpg" alt="MIRACL Trust ID, MIRACL, ForgeRock, ForgeRock Logo"> <p><strong><em>MIRACL BRINGS POWERFUL ZERO KNOWLEDGE PROOF AUTHENTICATION OFFERING TO THE FORGEROCK IDENTITY PLAFROM WITH NEW PARTNERSHIP</em></strong></p> <p>MIRACL today announces that they have partnered with ForgeRock, the leading provider in digital identity, to bring MIRACL’s Zero Knowledge Proof authentication technology to the ForgeRock Identity Platform. Supporting ForgeRock’s drive to transform the way organisations approach identity and access management, this strategic alliance will provide platform users the opportunity to access MIRACL Trust ® solutions via a pre-built integration.</p>…

<img src="./miracl-blog-oix.jpg" alt="MIRACL Trust ID, MIRACL, OIX, Open Identity Exchange"> <p><strong><em>MIRACL has become a member of the Open Identity Exchange – OIX - to further its position as an influential provider of simply secure authentication within online identity processes. Launching with a successful presentation to members last week, the MIRACL membership will provide the association and its members with valuable insight into the future of multi-factor authentication with zero knowledge proof.</em></strong></p> <p>CCO at MIRACL, Michael Tanaka, who presented to OIX members, comments: “Having worked with Experian for a number years it was inspiring to find out about the positive influence OIX has on the authentication industry. It’s great to be on board and we look forward working closely with the group in the coming months to share our insights and capabilities. In light of the current unprecedented international situation with Covid-19, and the accelerated move to digital living, secure online authentication has never been so important.”</p>…

<p><img src="./miracl-blog-FIDO-logo-black-RGB.png" alt="Authentication, FIDO, M-Pin, Public Key Substitution, PKI, phishing attacks, credential databases, MIRACL"></p> <p><strong><em>FIDO is an authentication technology based on the mathematics of public key cryptography that emerged in the 1970s and the 1980s. It is promoted by a large industry backed consortium as the two-factor successor to the username/password mechanism, which is well understood as being no longer fit for purpose. But intrinsic to FIDO is the requirement for both client-side secure hardware and a vulnerable server-side credentials database. Here we propose a better solution which would ditch both of these requirements by separating the registration and authentication processes, and which provides true multi-factor authentication using more modern ideas that have emerged from cryptographic research.</em></strong></p>…

<p><img src="./miracl-blog-fido3.jpg" alt="MIRACL Trust ID, 2fa, mfa, multi-factor authentication"></p> <p><strong><em>If passwords are becoming redundant, what’s the solution? FIDO is an alternative approach, but comes with limitations. Using pairing-based cryptography to allow smart flexibility in the ‘secrets’ needed to enable authentication, MIRACL Trust ID takes security one step further.</em></strong></p> <p><strong><em>In the final blog of this three part series, MIRACL’s leading crypto expert, Dr Michael Scott, explains how this MIRACL technology works and why it’s the future.</em></strong></p>…

<img src="./miracl-blog-coronavirus.jpg" alt="MIRACL Trust ID, WFR, Working From Home, Coronavirus, Corona Virus, Covid 19"> <p><strong><em>Since February 2020 the National Fraud Intelligence Bureau (NFIB) alone has witnessed 21 types of online line fraud where Coronavirus was mentioned – with victims collectively suffering over £800,000 of losses.</em></strong></p> <p>Sadly, whenever there is a crisis, online exploitation invariably follows. As this unprecedented situation evolves, online threats are only going to increase. And, with thousands of workers moving out of their offices and into a ‘working from home’ environment, now is the time to re-enforce the importance of secure remote working. After all, it’s a very different environment from the relatively secure systems and processes to be found in many offices, and may well be a new experience for many.</p>…

<p><img src="./miracl-blog-passwords.jpg" alt="MIRACL Trust ID, 2fa, mfa, multi-factor authentication"></p> <p><strong><em>There is no question that passwords expose users to attack and replacing them is the goal. FIDO is all about Fast IDentity Online – secure authentication without the need for passwords. But FIDO has some obvious vulnerabilities which need to be considered and are covered in more detail in part 3 of this series of blogs.</em></strong></p> <p><strong><em>Here, in part two of our 3 part series, our Chief Crypto Officer, Dr Michael Scott, highlights the outdated practice of ‘passwords’ and how they are simply not fit-for-purpose in today’s online world</em></strong></p>…

<p><img src="./miracl-blog-2fa.png" alt="MIRACL Trust ID, 2fa, mfa, multi-factor authentication"></p> <p><strong><em>Our resident crypto expert, Dr Michael Scott, explains the security principles of two-factor authentication and how attackers can step outside of their expected behaviour to bypass the security altogether. This is part one of a three part series on multi-factor authentication culminating with a critique of the FIDO authentication framework.</em></strong></p> <p>There is no confirmed case of anyone ever escaping from Alcatraz. Which is quite remarkable as it was open for many decades and housed thousands of desperate characters. Many, like Al Capone, had all kinds of resources available on the outside.</p>…