Recently, MIRACL announced a collaboration with Aware, with the duo focusing on cloud-based biometrics and the importance of combining the user experience and security. 

Additionally, with entry into the partnership, Aware also made a $2.5 million strategic investment in loan stock issued by Omlis limited, the parent company of MIRACL. 

Following the news, we spoke to Rob Griffin, CEO at MIRACL about just how important the funding is for the firm and what ambitions it holds for future growth. 

PaymentExpert: Firstly, are you able to tell us how much the funding means to MIRACL?

Rob Griffin: The funding is unquestionably a big enabler for our growth plans but actually that’s as much because of the product partnership that Aware bring as it is due to the cash itself. Aware is integrating MIRACL ( into all of their products as the only Multi-Factor Authentication solution because they recognise the usability and privacy benefits we bring. Equally, Aware’s products provide us with additional means of onboarding end-users and verifying their identity in a really slick and user-friendly way.

PE: How significant has your growth been in the past year and how have you adapted to the evolution of the industry?

RG: 2021 was a bumper year for us as our cash sales grew roughly 400% – one of the main drivers was increased phishing attacks, which have added to the need to get rid of passwords. For us, the payments sector has been a highlight with customers like Cashfac plc, who have been using MIRACL to authenticate and digitally sign high-value payments and have enjoyed the highest login success rates in the industry at 99.98%. 

We’ve also had great results in gaming and gambling with customers like Mylottohub achieving month-on-month traffic increases of 40% since adopting MIRACL. 

PE: What do you think will be the next steps of growth for MIRACL?

RG: Login, particularly with Strong Customer Authentication (SCA), continues to be a source of damaging friction that is costing operators in lost revenue and increased customer support. To solve that issue, authentication providers need to be up-front and transparent about how well their systems perform.

After all, the quality of an authentication solution is pretty easily measured. For example, what proportion of logins are successful? What proportion require a reset? What proportion of devices do they work on? What vectors of attack do they cater for? 

By publishing this data on MIRACL’s solution, we want to achieve two things: first, demonstrate our confidence in its performance. Second, bring transparency and hard evidence to the marketplace so that buyers can assess these critical measures of authentication performance and figure out the best way to cut friction for their users while also adding security.

PE: Can you give a comment on the implementation of PSD2 and what you think it means for the sector and the payment journey?

RG: For far too long we have accepted the notion that more security needs to come with a worse user experience. This is simply not true. The reality is that the requirement for SCA does need not lower conversion. Averaged across a wide range of scaled use-cases and geographies, we’re achieving user success rates of over 99.6%. 

That is much higher than a simple password averages yet we’re achieving a full SCA multi-factor authentication with no downloads or plug-ins required. There is no sector where this is more important than discretionary payments such as gaming or gambling because simply won’t tolerate friction.

PE: How important could biometrics be as PSD2 and verification strategies continue to evolve?

RG: Biometrics can play a big role both in identity verification for the eKYC of your customer, and in the authentication of the trusted user. If biometric is required on verification, we offer a cloud-based service that assures a live user is present that matches their photo ID. Although ours is one of the fastest on the market, this would still take users too long and cost too much to be effective for every login. 

So for authentication, we rely on either the biometric of the user’s device when in-app or a four-digit PIN that users choose when they register and enrol their device. It’s really important to give both operators and users the choice of biometric but it is not the silver bullet solution for all use-cases.