With password security giving way to passwordless, Descope raises $53M

Password safety isn’t sensible. Anticipating customers to create distinctive 12-digit passwords with a mixture of higher and lowercase letters and particular characters for dozens of apps isn’t scalable. But many organizations are reliant on passwords to manage consumer entry, which results in information breaches like these skilled by PayPal. 

In consequence, many suppliers are trying towards passwordless authentication to determine customers in a means that’s proof against credential theft.  

One such vendor is authentication and consumer administration vendor Descope, which right this moment emerged from stealth and introduced a $53 million seed funding spherical led by Lightspeed Enterprise Companions and GGV Capital. The corporate’s authentication platform allows builders to create no-code authentication flows through drag-and-drop. 

Extra broadly, the seed funding highlights the demand for passwordless approaches to cybersecurity to defend towards phishing and social engineering threats. 

Why password safety is shifting to passwordless  

For years passwords have introduced important danger to enterprises. In accordance with the Verizon 2022 Information Breach Investigations Report, virtually 50% of knowledge breaches contain using stolen credentials. 

This widespread exploitation of credentials has led to increasingly curiosity in passwordless authentication. Suppliers together with Google, Microsoft and Apple have tried to develop options underneath the FIDO alliance’s imaginative and prescient of a standard passwordless sign-in commonplace.  

“Passwords are unhealthy for each safety and usefulness,” stated Slavik Markovich, cofounder and CEO of Descope. “They’re the main explanation for safety breaches and the commonest entry level for cybercriminals to realize their targets. Passwords additionally trigger friction all through the consumer journey, resulting in churn and a adverse consumer expertise.”

He added that, “current developments comparable to FIDO2, WebAuthn, and passkeys have set the stage for a passwordless future. However this future will actually be attainable solely when software builders have the instruments and sources to simply add passwordless authentication strategies to their apps.”

Descope is seeking to contribute to this “passwordless future” by making it simpler for builders to implement passwordless authentication as a part of their very own apps or providers. In spite of everything, it’s complicated and time-consuming for growth groups to construct these elements from scratch. 

As an alternative, Descope allows customers to develop authentication flows through a drag-and-drop workflow editor. These no-code workflows allow builders to implement consumer entry controls and get apps to market quicker, with out compromising on safety. 

The passwordless authentication market 

Researchers anticipate that the passwordless authentication market will develop from $6.6 billion in 2022 to $21.2 billion by 2027 as extra organizations look to guard themselves towards social engineering, phishing and different types of credential theft. 

One in every of Descope’s foremost opponents is Stytch, a software enabling builders to construct authentication flows through an API in addition to JavaScript and cell SDKs. In November 2021, Stytch raised $90 million in sequence B funding and achieved a valuation of $1 billion. 

One other important vendor out there is Auth0, a buyer id entry administration (CIAM) vendor that allows organizations to outline entry roles for software and API end-users to implement dynamic entry controls. Okta acquired Auth0 for $6.5 billion in 2021. 

In accordance with Markovich, the important thing differentiator between Descope and different suppliers is its use of workflows. “These no-code workflows summary away the complexity of constructing authentication whereas nonetheless giving app builders management over their UX and UI,” he stated.