As part of its call to improve the customer experience across the rapidly expanding personal finance sector, the European Banking Authority has included a mandate for financial services companies to provide “strong customer authentication” by November 2018.
The EBA (and others) define 'strong customer authentication' as a process whereby a user independently provides two or more of the following when requesting access to their account online, or when initiating an electronic payment transaction:
- Knowledge: Something only the user knows
- Possession: Something only the user has
- Inherence: Something the user is
MIRACL allows any financial services organization to comply with the PSD2 requirement to provide Strong Customer Authentication for web and mobile banking applications without sending, storing, or synchronizing any security-related information in whole form. Ever.
- MIRACL Trust® is a cloud-based service that provides secure, multi-factor authentication to employees, partners, and customers without sending authentication credentials in whole form across any network for storage in the cloud or on a device.
- Through our work with pairing-based elliptic curve cryptography and our use of a zero-knowledge protocol, MIRACL can establish and expand encrypted communication channels instantly for customers, cloud applications, and the Internet of Things, without sending or storing identity keys in whole form, at any time.