With the Meadowlands Centre being the backdrop for SBC Summit North America, MIRACL CEO – Rob Griffin – stopped by to discuss with Payment Expert why the signing on process for bettors is more crucial than ever.
Griffin went into detail on the paramount importance of a frictionless user experience, the differences of onboarding players in the US compared to Europe, and finding the right balance between high-level security, and a smooth authentication process.
Payment Expert: Could you begin by giving us an overview of the MIRACL product?
Rob Griffin: We are basically taking all of the friction and pain out of logging in to your gambling website.
That means taking away the passwords, that means taking away the need for the user to put in a username, taking away the need for any multi-factor requirements, like a one-time passcode, just one straightforward, biometric or pin allows them a full MFA (multi-factor authentication) into their account in one easy step which takes two seconds.
PE: What can the online gambling industry learn from sectors such as banking, trading and ecommerce when it comes to the sign-on process?
RG: Essentially in the online gambling industry, business is all around entertainment. The most important thing is to keep a good user experience and a speedy time for a user to where they want to go, which is to place a bet.
Maybe that’s because they are in a time sensitive situation where at half-time they want to place a particular bet, or maybe it is because they have just got a short attention span and they want a fast service. What we are doing is allowing them that exact ability.
We feel that the user experience is probably the number one differentiator right now between different sites, they have really got to concentrate on it because that is ultimately the player having fun.
PE: How have you found doing business in the US betting and gaming market, and how does it compare to other markets that MIRACL is active in?
RG: The exciting thing about us in the US is that it is now a requirement in at least four states in North America for all users and customers coming in to authenticate using two-factor authentication.
We think that is going to spread to pretty much all the states. We also see it ultimately coming to Europe as well but it is not surprising it’s a requirement when you have seen in the last four months, over 400,000 accounts have been hacked from people using password stuffing to try and takeover and crack accounts to withdraw the money.
Because of that requirement for MFA in America, the need for the slick user experience that we provide is particularly strong.
PE: A number of US operators have been hit by credential attacks. How can MIRACL help prevent such attacks?
RG: Essentially, we prevent all forms of remote attack. Whether that be credentials stuffing, or password spraying or phishing, our system is completely impenetrable to that.
I can tell you now that we have never had an account takeover from one of our clients.
All of the account takeovers that have occurred, such as BetMGM, DraftKings, even FanDuel, all of those account takeovers would have been prevented using our technology.
PE: The signing on process always strives to be as frictionless as possible whilst also ensuring a high-level of security. How does Miracl find that right balance of a frictionless experience with security also being of the uppermost importance?
RG: I think it really depends on what the particular state’s regulatory requirements are. In some instances, you’re going to need to do a full liveness check with document verification and have people walkthrough an online video on their device. We think that in lots of ways, that can be made a slicker process.
But then ultimately, all we need is to give an operator a ‘Yes, we are happy with this customer being trustworthy, they are ready to onboard into our service’, and at that juncture, all they need to do is either select a biometric or, choose a payment confirmer.
This will allow for no plug-in, there’s no permission required, there’s no download, and so it is very very light.
PE: SCA has been revamped and has a stronger emphasis in the UK. Do you believe this approach will also be applicable in other countries?
RG: We’ve seen Brazil announce it is moving into multi-factor authentication. It’s clear that given the amount of cyber fraud that exists in some of those markets there is going to be a regulatory push for that.
But also we think that just on the basis of getting rid of the pain of a password, our solution pays for itself from the point of view of savings and support costs. Just on that basis alone, we are seeing good traction, not just from regulators stipulating the need for MFA.