Today, we are excited to take our first steps towards placing Descope at every developer’s fingertips. We are starting a private beta for anyone who’s interested in trying out our authentication service, providing feedback on features, and experimenting with different integration methods.
TL;DR
Meeting app builders where they are is central to our company mission and product development ethos. While we already have multiple alpha customers in production who have provided invaluable feedback in improving our product, we know that builders (whether they be developers, product owners, or designers) are not monoliths that all think the same thing.
Each app has use cases that are different, each developer has framework and implementation preferences, and each authentication method has its nuances. Some developers prefer no/low code approaches that abstract away a lot while others gravitate towards well-documented APIs and go from there. Our service will have a flavor for every type of developer with one common thread – every flavor will make it easier to deploy, maintain, and update app interactions across the user journey.
So, if you are a developer or product owner who…
Has a strong point of view
Is trying to build secure and low-friction authentication and user management for your app
Looks at passwords and thinks “I wish we could build something better”
…then you can sign up here for our private beta.
Double click
Need more information before parting with your email address? While we can’t go into great detail at this time about what we are building, this section will cover some of the problems we are tackling.
A fight for focus
Almost every company today is a technology company, and almost every startup being built right now has its roots in technology. We believe this is mostly a good thing, but it also comes with some continuous collateral damage – namely, developers that are stretched in ten different directions instead of doing what they were hired to do.
Authentication and user management are foundational prerequisites for any app. They are also hard, time-consuming, and ongoing initiatives that distract developers from core app building efforts. Whatever the type and maturity of the application, the decision to build and maintain authentication in-house has ramifications:
For apps that are pre-launch, spending time on authentication slows down time to market, delays the discovery of product-market fit, and stretches lean development teams past their limits.
For apps that are ready to grow and scale, new authentication methods and user flows compete with product features for the developer’s time.
For B2B apps, implementing enterprise requirements such as SAML and access control from scratch assumes that developers are authentication experts – which some might not be and might not want to be.
When teams have to choose between app and auth, they may feel compelled to take shortcuts and open the door for vulnerabilities that can be exploited by attackers with grave consequences.
For us, a big reason behind starting Descope is to give back some time and focus to app builders (we call them Descopers). If our service can simplify authentication work and abstract away as much of the nitty-gritty as Descopers want, their apps can get in front of users faster and safer than before.
Speaking of faster and safer than before…
Moving past passwords
Reader, you’re probably already nodding your head before we finish this sentence – passwords aren’t fun for anyone (sidenote: Passwordle is much more fun than passwords). For something that was never intended to be the de-facto method to authenticate users around the world, passwords have somehow stuck around for more than half a century. During this time, they have managed to do something unique: be bad for security and be bad for usability.
From a usability perspective, passwords are something that work against users rather than work with them. Passwords cause friction throughout a user’s journey, whether they are navigating complexity requirements during registration or trying to remember passwords during repeat visits and checkouts. This friction is worsened with people having more online accounts than ever. Is it any surprise that people reuse passwords across accounts because they’re afraid of forgetting them?
From a security perspective, passwords are the keys to the kingdom that most cybercriminals seek. According to the 2022 Verizon DBIR, 80% of basic web application attacks can be attributed to the use of stolen user credentials. Passwords are also the biggest cause of account takeover, where cybercriminals gain access to legitimate accounts through credential stuffing and other brute force methods. Rather than being a secure padlock to keep bad folks out, passwords are an attractive honey pot that draws them in.
For us, a big reason behind starting Descope is to help the apps of today and tomorrow move past passwords. So many passwordless building blocks are already in place, whether it’s the simplicity of magic links or the interoperability of WebAuthn. The job at hand is to enable developers to use these methods (and more) in their apps.
We’ll stop the double click here before it becomes a triple click! If what you have read makes you curious about our service, sign up for our private beta. Expect to hear more updates from us soon.