Authentication: the first line of defense against cybercrime

Cybersecurity is one of the most pressing concerns of recent years, with the increasing frequency of cyber attacks posing an ever-greater threat to individuals and businesses across the world.

In its Global Risks Report, the World Economic Forum (WEF) names widespread cybercrime and insecurity among the world’s top threats for the first time ever – marking a significant and potentially damaging change to the global order and in turn, how we should act.

Because today, cyber attacks don’t just mean lost or stolen data – although those consequences are problematic enough in and of themselves. Now, malicious activity in cyberspace could play a part in catastrophes such as wars and pandemics. It could bring down health systems and impact global security in ways we have yet to understand.

In late 2022, Zurich’s Chief Executive Insurer, Mario Greco, told the Financial Times he sees cyber attacks becoming uninsurable in the coming years. He highlighted the grave threat of a third party taking control of the IoT components within a large organization, citing the damage done everywhere from hospitals to government departments as a key indicator of the security risk at play. Greco went on to emphasize the importance of seeing beyond data alone – realizing that the threat is to civilization and our lives as a whole.

So, as the rising demand for cyber liability insurance leads underwriters to look more closely at organizations’ security policies, it’s more important than ever for businesses to double down on their systems and implement solutions designed to maximize security at all costs.

Employing authentication and passwordless login systems is a crucial first step in reducing the risk of cyber attacks and safeguarding your business from potential threats. The DigiThree Labs DGMV-ID solution offers organizations the tools they need to ensure high security levels, self-sovereignty and interoperability in different digital environments.

DGMV-ID works in combination with blockchain technology to provide next-level passwordless, multi-factor authentication – all with a smooth, intuitive user experience. You’ll benefit from decentralized architecture with the aim of using quantum-safe technology to protect against potential threats and attacks.

WEF calls for the harnessing of quantum computing in order to find new ways of using stealth technologies and to combat the growing threat of cyber attacks. Its additional predication that digital tools such as AI, edge computing and autonomous technologies will pose greater threats is also something we recognise here at DigiThree, having created this new method of authentication to protect even the most cutting-edge systems from potential threats.

With several proof of concepts currently in the beta stage, this is an exciting time for our business and future customers – even against the backdrop of growing risks and uncertainty. With authentication as cybersecurity’s first line of defense, there’s never been a better time to double down on the safety of logins within your business.

Quantum secure encryption and data storage.

Recently Siliconangle reported a flaw in "Microsoft 365 message encryption". The Electronic Code Book (ECB) used to encrypt mail is a simple encryption method that converts 'message blocks' into separate standard encrypted text blocks rendering the text unreadable. The problem associated with such a simple form of encryption is that hackers are able to re-engineer the used codebook without any trouble, if they get their hands on enough of these encrypted mails, hence destroying Microsoft 365 message encryption’s security.

Flemish Origin

ECB is first-generation encryption, defined in the Advanced Encryption Standard AES. Considering it's the most basic form of block encryption, it's astonishing Microsoft would still use this minimalistic encryption method. A more advanced form of block encryption is Cypher Blocker Chaining (CBC), where the CBC mode in each text block depends on the plaintext blocks processed up to that point. In other words, a kind of blockchain that makes decryption and codebook reengineering much more cumbersome.

AES stems from the work of two Flemish cryptographers, Joan Damen and Vincent Rijmen, who, under the name 'Rijndael', developed the specification for this standard in 1999, basing their method on a family of numbers with different key and block sizes. For the AES standard, NIST selected three parts of this Rijndael family, each with a block size of 128 bits, but with different key lengths: 128, 192 and 256 bits.

The Future of AES

AES was released by NIST in 2001 and incorporated into the ISO/IEC 18033-3 standard. The US government adopted this encryption standard in 2002, and it still remains the first and only publicly accessible encryption. Approved by the National Security Agency (NSA) for top-secret information when using NSA-approved cryptographic modules. The clever thing about AES is that it relies on permutation substitution. Several substitution and permutation steps ultimately yield an encrypted block and therefore, are inherently less susceptible to the above crypto analysis as with the more straightforward Electronic Code Book.

The flexibility in the use of key lengths contributes to that security. For example, 10 rounds with 128 bit, then 12 rounds for 192 bit and then 14 rounds with 256 bit. After all, unknown variation requires extra computing power for deciphering. In a previous blog, 'Quantum safe,' I reported that the NIST had chosen four new encryption algorithms this year in connection with the arrival of the enormously powerful quantum computers. NIST's new quantum cryptographic standard will be valid for two years. An important milestone in the world of encryption for the continued protection of the growing amount of data and information generated. Fortunately, over the past few years, an increasing number of quantum-resistant algorithms have been developed that are difficult or impossible to solve for quantum computers and which guarantee our information security in the post-quantum period.

Quantum security used for data storage.

The above algorithms focus on general encryption designed to protect any information exchanged over public networks, in addition to digital signatures used for identity verification. Key protection is needed for data that has come to rest and is stored on a storage platform. We are talking about quantum secure storage. Of course, an encrypted message that we keep in the event of theft is difficult to decrypt. But the performance of quantum computers will proliferate in the future, so it is wise also to make 'the search' for those stored files more difficult.

The principle of quantum secure storage is aimed at cutting it into varying pieces, encrypting it differently and then distributing it over different places in the network. First, this makes the search extremely difficult because, if someone already finds such an encrypted block, it is only an unknown fragment of the entire message. In addition, by not cutting up and dividing the data via an algorithm but via relatively simple 'human logic', any computer, even with super quantum properties, can do very little. And that's the charm of this new way of storage: how can you find the needle in the haystack if you don't know and understand what a needle is in the first place?

Grid Computing.

A distributed grid network is ideally suited for the distributed storage of the shredded file. The decentralized networks seen as Web 3.0 infrastructures are emerging for the new Web3-based initiatives. Data and identity protection in these increasingly surrounding virtual worlds are one of the major challenges of our time. In a previous blog, 'Protection of digital identity and privacy,' I talked about the European standards developed to work securely with these new digital identities within Europe. A kind of new GDPR, not for privacy but for identity protection.
IDC studies show that by 2025, global data will grow to 175 ZB, a fivefold increase from the 33 ZB created in 2018. With the advent of outsourcing and later the cloud, data is being stored in increasingly centralized ways; by 2025, IDC expects 49% of this in public clouds. While these public providers have taken their security to an increasingly professional level, at the same time, centralization creates a single point of failure. A single security breach, virus or hack threatens the entire database— a risk that can translate into millions, even billions, of stolen files.

Data Decentralization.

While the pendulum swings between decentralized and centralized, with the cloud – as the mainframe of the internet –greatly enhancing this central movement, we see that edge and grid computing create a decentralized movement.

Due in part to the 'Internet of Things & People', greater processing power and local storage are needed at the edges and at the nodes of networks, to store and process data locally. A balance between central Big Data and local Fast Data. I pointed this out years ago; refer to the 2015-blogs on 'VM-world 2018' and 'the attractiveness of data'.
Data centralisation isn't just risky; it's also unfair. While highly effective as a solution, it often leads to unequal assets and resource distribution. Terms and conditions attached to the systems protect big data companies, not individuals or small businesses. Meanwhile, the users of these centralized data systems have no choice but to accept the terms, or be banned from participating. For that reason too, data decentralization is a sound proposition. Provided that the data can be stored and retained just as securely – and even more securely without a single point of failure.
Fortunately, with modern decentralized, quantum secure storage, this has come within reach. DigiThree Labs, part of the DigiCorp Labs family, is developing enterprise solutions as part of its secure, decentralized and metaverse-based services, and is aiming to develop solutions using quantum secure storage.

Barricade your digital front door with Passwordless authentication.

If your security does not bring you peace of mind, you should interrogate its use.

As technology has gotten more advanced, so have the threats that come with it. Our online personas and activity are big business and their value increases by the millisecond, so it makes sense that any business that has a digital footprint and online presence needs to protect themselves.

And before you think of this issue as trivial, consider these very real scenarios.

LastPass, a password manager with 25 million users recently reported a breach. Their development servers were compromised and even though no consumer data was accessed, it should be a cautionary tale to all when a virtual security vault is hacked.

Given how carried cyber attacks are, it can be hard to determine which approach is best suited for your business. However, in our experience, most individuals and businesses are not practicing the tried and tested methods, so advanced tools are often lost on them.

For instance, passwords are still too easy to guess, they are too short, are not changed often, are not kept confidential, and are used on too many platforms. And what’s worse, seasoned IT professionals are guilty of these habits in the same way that the general public is.

If you want to protect what you worked hard for, maintain the trust of your customers and secure a better tomorrow, you need next-level security.

Research has shown that 3⁄4 of users create a password and forget it soon after, mostly because they do not get the point of creating one. Which is why platforms need to evolve their authentication systems to fit the lived experiences of the user.

We are introducing a QR-Code scanning authentication system that bypasses the tedious password system and gives access to the system through the DGMV-ID App...and the secret to this simplicity is in Web3 technology.

The DGMV Authentication uses blockchain wallet technology to decentralize the password system. When we think about increasing security, we do not default to building higher walls, we reconfigure the lock and store keys in different locations!

Platforms that host sensitive information, have high internet traffic, and experience a high frequency of password resets are best suited for this solution.

The DGMV-ID app does the work so that you don’t have to. Strong Multi Factor Authentication in one single application, on one (mobile) device to generate very strong and unique passwords for all websites that use a login/password system. The passwords are never stored on mobile phones, apps, computers or supporting servers. Our app is using DigiByte Blockchain wallet technology to make it more secure and decentralized.

The reality is that you can rely on very few things to give you peace of mind. A notepad of passwords literally gets lost, a note on your phone is at the mercy of the phone being misplaced, a local server is always at risk of being hacked, and your mind most certainly forgets!

DGMV-ID uses unrivaled innovative authentication technology, allowing the user a convenient and easy operation, so inconvenience and complexity will no longer be a reason not to use it. That level of control and awareness is what has been missing from the market and in true Web 3 style...that power can now be in everyone's hands with our passwordless authenticator.

Think about it, stop being vulnerable, don't use passwords. 

That is exactly what DGMV-ID offers: a zero knowledge approach without reliance on vulnerable elements residing on your devices, apps, platform and places in diversified locations. Passwordless authentication in the way it's designed with DGMV-ID is simply the best way to protect yourself.

DGMV ID Atomic Essay #4

Passwords are often typed on a keyboard. The keyboard detects the keystrokes and transmits them to the computer. The actions of the fingers on the keyboard make visible movements, and create specific key-sounds and electromagnetic emanations that all potentially can be detected and analyzed by a third party. That’s why DGMV ID uses passwordless authentication by scanning a QR code that minimizes possibilities for third parties to engage in the authentication process. By using its own blockchain solution with a self-developed operating system, DigiThree created a quantum-safe and trustless environment for the new distributed metaverse. Working completely isolated on your own digital island and inviting visitors by this secured authentication process for private communication and private sharing of data – data that is also quantum-safely stored on trusted neighbor islands as nodes in a trusted grid. For corporate use, the metaverse should be intrinsically safe and protected – always, at any moment and for any activity by any entity. DGMV ID delivers this corporate trusted solution.

DGMV ID Atomic Essay #3

DGMV ID uses an authentication protocol that relies on an extra authenticated channel. Checking fingerprints through a passwordless parallel second channel enhances the security enormously. The authenticator app from DigiThree uses these high-security protocols to make life in the digital metaverse easy and pleasant. Traveling from digital galaxy to digital galaxy while in the backdrop your self-sovereign identity is constantly protected. Human participation in the authentication protocol via feedback through a second channel is securing the authentication process. It implicitly ensures integrity and is based upon SAS-based cryptography where SAS stands for Short Authenticated Strings. DGMV ID, of DigiThree, is based upon this cryptography standard in combination with passwordless identification and biometrical authentication in the communication channels.

DGMV ID Atomic Essay #2

One of the most important goals in the distributed metaverse is to establish a secure peer-to-peer communication channel or connection between two or more parties. The term secure means that the communication should be confidential. Nobody except the parties involved have access to the information. Private communication ensures authenticity and integrity. The recipient is ensured that the information was sent as-is and is ensured about who sent it. As long as parties are able to authenticate data, they can establish a shared secret key. As a result, they can also protect communication over unsecure channels. DGMV ID is the password-less security solution that we developed to secure and protect communication in the distributed digital metaverse. Password-less indicates that no password can be stolen and no detectable keyboard actions are needed to type a password. Using biometric information in the second channel means that the communication is hacker-proof and is able to support a trustless and quantum-safe environment.

DGMV ID Atomic Essay #1

In the distributed metaverse, password-less identification is needed to move smoothly from galaxy to galaxy. Secure authentication is a no-brainer in the digital universe and should be based upon a single-use identity token for every activity. When you are engaging in a trust-less world, every activity has to be able to be proved to anybody and any system that is involved in the engagement. Shared Access Signatures (SAS) token authentication is the foundation of DGMV ID, the secure access point for all DigiThree solutions. The meta server generates and validates a single-use identity token to be hacker-proof at any moment and during any activity. So we can password-lessly hop from digital island to digital island without fear of losing or breaking our self-sovereign identity. And we can assure private peer-to-peer conversation, and sharing of data that is quantum-safely stored in the decentralized digital metaverse.

Fourth Turning and DigiMetaverse

In 1997, Howe and Strauss stated in their book 'The Fourth Turning' that history sees a new “turning” every 20 years, as one generation “displaces” another. A cycle of 4 of these periods is the average length of a human life, also called a saeculum. This is similar to the four seasons of a year. The first period is a 'merry' spring era of togetherness and the strengthening of institutions. The second season is a rich period and an awakening – a passionate age of spiritual turmoil. The 'third barrier' is an unraveling – a time when individualism grows and institutions weaken. Finally, winter is a crisis, a decisive era of secular unrest – the old order is overthrown and a new one takes its place. This fourth turn is the start of a new social and economic period.

You can only see it . . .

The authors wrote in 1997 that “ . . . around the year 2005 a sudden spark will catalyze a crisis era. Remnants of the old social order will disintegrate. Political and economic trust will implode. Real hardships will beset the land, with severe distress that could involve questions of class, race, nation and empire. The very survival of the nation will feel at stake . . . “ .

The financial crisis of 2008 can be retrospectively seen as the catalyst they mentioned. That event was the start of the final period that would herald two decades of instability. According to the authors, described in 1997, by 2025 America will have an experience similar to the American Revolution, Civil War and the Great Depression & World War II.

Not fun predictions. Historically, in every fourth twist, much more destructive technology is available, as well as the willingness to use and deploy it. In the period before that eruption, choices are postponed. Interests become zero, violations are tolerated, settlements are postponed. But eventually it will all explode. Ominously, Sir John Glubb also predicts, in his analysis of the life cycle of empires, that empires last up to 10 generations. About 250 years ago in 1776 America came into being, so that's quite promising. The idea that our society moves in waves is alien to Western linear thinking. That is why Western leaders and administrators are never prepared for a 'logical' crisis, such as what we have experienced in past centuries. History often repeats, but always in a different way. . .

. . . When you get it.

For linear thinkers, history never repeats itself. For many, the world has come to a standstill in recent decades, even though it structurally changed, unnoticed. The late historian William McNeill wrote in ‘Plagues and Peoples' that often pandemics come after an era of overwhelming openness, which they mark the end of. The bubonic plague, the Spanish flu and now the COVID pandemic bear witness to this. As always, the logical consequence is: globalization stagnates, immigration restrictions increase, isolationism returns and a stronger focus on one's own industry. Furthermore, Neil Howe argues that – without exception – it is an absolute rule of history that these fourth periods of crisis are always characterized by the presence of dictatorial regimes, authoritarian rulers and intrusive governments.

Yet every twist ultimately ends well for the bourgeoisie. Only they have to go through that crisis winter for that. The end of every war heralded new economic development. What applies to America, also applies broadly to Europe and Asia. Certainly now we as a world are going through the same economic and social developments as a result of globalization. The People's Republic of China was founded in 1949, but its Communist Party will now celebrate its centenary next year and also enter a turning point. Mobilization can be organized and political mobilization of an entire community, but also of opposing communities, as in a civil war. Last but not least, the 'monetary theory,’' that at zero interest it would be stupid not to print more money. Basis for hyperinflation exists in that last phase, which in a crisis eventually solves the problem of those who bear the burden of all the accumulated deficits: the citizens.

Every fourth twist replaces the old order, destroying political and economic confidence, and laying the groundwork for a new spring. A spring where the megatrends – which were already visible before – become the new groundbreaking techniques, or approaches. Today, we see three dominant techniques: blockchain/crypto, Internet of Things and artificial intelligence – that reinforce each other as an ecosystem and will go together. And thereby they not only will cause a huge disruption, but will also destroy existing business models and the equity of companies. Blockchain means that central entities for record keeping – which in the past were the only solution – are no longer necessary. Central registrars are 'single points of failure’ where government control, corruption and hacking are possible. Blockchain's decentralized technology eliminates this central, weak gatekeeper function.

The decentralized Internet of Things already links more than 50 billion sensors together. This enormous amount of data can provide many new insights through analysis, especially in combination with AI. Artificial Intelligence is defined as machine learning and subdivided into weak (chess, facial recognition), strong (learning machines, developing knowledge) and super (perhaps smarter than humans). AI enables machines to automatically process the data from IoT devices and increasingly make decisions. This improves the efficiency of automation, so that fewer and fewer people are needed on location and for interaction, and we become even more of a service society.

Missing transaction layer

But technically a new digital transaction layer is needed, where these data and service contracts are processed and value transfer takes place. Where digital currencies (crypto) and smart contracts (tokens) enable decentralized machine-to-machine transactions and peer-to-peer communication between people. A lot of money is already flowing from the current economy to this new digital crypto world, simply because there are more and more stable crypto coins. Crypto currencies are 'native assets' of a blockchain; tokens are built on that blockchain. A new virtual world with stable currencies, smart digital contracts combined with digital property deeds (NFTs) traded on digital exchanges. These digital exchanges are booming because they enable peer-to-peer transactions without costly central agencies. As I described in a previous blog: the end of capitalism arose about five hundred years ago.

In this new decentralized infrastructure, you as a citizen and organization regain ownership of your data and services. The term Metaverse is the name currently given to this decentralized and virtual development. The digital metaverse, or DigiMetaverse as we are creating at DigiCorp Labs, is now technically, economically and legally feasible – based on blockchain, crypto coins and tokens, decentralized nodes, servers and data storage based on open-source and open communities. Self-organization, and without the man-in-the-middle. As a citizen or company (again) being the owner of your own data and services. Communicating peer-to-peer with everyone on that grid. Safely browsing via those decentralized servers. Quantum-safely store your data spread over decentralized nodes in that grid, which cannot be cracked with the latest quantum computers. The future is ultimately pretty fun and beautiful. . .

The Metaverse

The science fiction novel Snow Crash (1992) described the first concept of the Metaverse as a three-dimensional virtual space that acts as a metaphor for the real world. A 'meta' version of our 'universe,' the metaverse is a place where avatars represent our ‘alter egos' from the physical world.
In Greek it means ‘false name’ or 'pseudonym’ and in Latin it is called an ‘alias'. So, the Metaverse is the collective virtual shared space in which we can live and work as digital twins of our physical selves.

Digital Shadow

With digitization, and especially the intensive use of the internet, we as analog beings started to create more and more digital data and messages decades ago. But once sent, these early digital messages would disappear to who-knows-where. In recent decades, we have thus created a 'digital shadow' that has left huge historical footprints - known as Big Data.
Every visit to a website, every email, every order, and every article we read leaves an invisible digital footprint. I think if someone saw their own shadow-world, they would be shocked by all the data they’d spread around the planet.


Everything you do in life leaves traces. This is understandable in the real world and, as a society, we therefore set limits on how anonymous we are in private spaces. At home, we get our privacy behind closed doors, because nobody knows what we do behind them. For a government to access what goes on behind those doors, they need a search warrant from a judge.
Anyone on the street can be searched by the authorities and they may also examine the goods you have with you. That includes your mobile phone, which contains far more private data than was previously stored safely behind your closed doors.

Digital Trespassing

In the past, your calendar, diary, photo albums, contact lists, correspondence, and documents were safely locked away behind your front door. That made it safe for anyone who was not legally allowed to enter your home. Now, you take that data outdoors on your digital device and share it in the cloud. That data is barely protected by any laws. Edward Snowden recently summed it up nicely in the sentence, 'We used to say a man's home is his castle. Today a man's phone is his castle.' And this modern castle offers hardly any protection. But which data on your phone or in your personal cloud is part of your virtual house? And shouldn't your virtual house have the same legal protection as your physical house: privacy behind closed doors for everyone?


With the advent of virtual worlds and the Metaverse, legal protection has become much more important. Is your avatar legally protected? Can virtual goods be insured? Does the digital data you create also remain your property? In the world of blockchain, we have seen that NFTs can be created. These Non-Fungible Tokens are irreplaceable and unique, secured on a blockchain and linked to items or contracts. A digital property document in the virtual world that gives you immutable property rights. The hype around NFTs is substantial and they cover all kinds of digital collectibles that can be bought by virtual buyers.

New World, New Safety

We have started a transformation that is making our lives increasingly digital. And now, COVID lockdowns worldwide have proven that 'being digital' works. We can do almost everything digitally, both socially and professionally, that we can do in normal life. Like Yin and Yang, the physical and virtual worlds are intertwining ever more closely. But we must create the same security levels in the digital, virtual world that we have established in our 'normal' world. If we can't legally do that - after all, national borders are no limitation for virtual worlds - then technology must help us. And blockchain is of course a wonderful tool for exactly that.


I purposely say 'tool,' because blockchain as a distributed ledger is not enough on its own. It's a great way to connect distributed chains of immutable tokens, but it also needs to have a federated infrastructure that is secure and provides business continuity. And you must also be able to identify yourself unambiguously as a clear digital alter ego, as well as being able to store your data securely and unalterably. You must be able to communicate securely with other people. This new innovative world is still in part a blueprint, but the contours of the new solutions we need as a whole are becoming more visible day by day.

The Digital Metaverse

We are undeniably moving towards an integration of this Metaverse with our physical world. Facebook CEO Mark Zuckerberg has a good reason for betting on this new development. He has also stated that the Metaverse will provide enormous opportunities for individual creators and artists. The Metaverse will be also important for industry, government, and professional users in the world of enterprise. The Metaverse can provide a professional, virtual world of services and digital products where security, reliability, availability, and continuity are the main values. In addition, decentralized, user-friendly applications eliminate security risks, offering secure data management that respects privacy and forms the basis for all kinds of applications and services. We can adopt cryptocurrencies, secure ownership of objects and documents with NFTs, and live in a world of peer-to-peer information exchange and corporate communication.


The new, secure business platforms of the future are developing clearer contours. The necessary virtual components, the distributed technology, quantum-based security, and crypto payment models are already available. Pilot projects have proven successful and just as with Moore's law in previous times, there is continuous improvement both of performance and cost savings in the fields of photonics, quantum computing, grid computing, and sustainability. The challenge now is to take the plunge and immerse ourselves in all the new techniques and methods that are available to us.
The old adage, creative thinking, contemplative action, remains valid and unabated. Now, we must learn to embrace the new world and enter it with confidence.

DigiThree offers a suite of cloud-based enterprise solutions to help businesses accelerate seamless digital transformation, implement highly-secure processes, and use blockchain to secure and improve processes.

Want to know more? Please contact us at [email protected].