With password security giving way to passwordless, Descope raises $53M

Password safety isn’t sensible. Anticipating customers to create distinctive 12-digit passwords with a mixture of higher and lowercase letters and particular characters for dozens of apps isn’t scalable. But many organizations are reliant on passwords to manage person entry, which results in knowledge breaches like these skilled by PayPal. 

Consequently, many suppliers are wanting towards passwordless authentication to determine customers in a manner that’s proof against credential theft.  

One such vendor is authentication and person administration vendor Descope, which right now emerged from stealth and introduced a $53 million seed funding spherical led by Lightspeed Enterprise Companions and GGCV Capital. The corporate’s authentication platform allows builders to create no-code authentication flows through drag-and-drop. 

Extra broadly, the seed funding highlights the demand for passwordless approaches to cybersecurity to defend in opposition to phishing and social engineering threats. 

Why password safety is shifting to passwordless  

For years passwords have offered vital danger to enterprises. In line with the Verizon 2022 Data Breach Investigations Report, nearly 50% of knowledge breaches contain using stolen credentials. 

This widespread exploitation of credentials has led to increasingly curiosity in passwordless authentication. Suppliers together with Google, Microsoft and Apple have tried to develop options below the FIDO alliance’s imaginative and prescient of a standard passwordless sign-in normal.  

“Passwords are dangerous for each safety and value,” stated Slavik Markovich, cofounder and CEO of Descope. “They’re the main reason behind safety breaches and the commonest entry level for cybercriminals to realize their objectives. Passwords additionally trigger friction all through the person journey, resulting in churn and a unfavourable person expertise.”

He added that, “current developments corresponding to FIDO2, WebAuthn, and passkeys have set the stage for a passwordless future. However this future will really be attainable solely when software builders have the instruments and sources to simply add passwordless authentication strategies to their apps.”

Descope is trying to contribute to this “passwordless future” by making it simpler for builders to implement passwordless authentication as a part of their very own apps or providers. In any case, it’s complicated and time-consuming for improvement groups to construct these parts from scratch. 

As an alternative, Descope allows customers to develop authentication flows through a drag-and-drop workflow editor. These no-code workflows allow builders to implement person entry controls and get apps to market quicker, with out compromising on safety. 

The passwordless authentication market 

Researchers anticipate that the passwordless authentication market will develop from $6.6 billion in 2022 to $21.2 billion by 2027 as extra organizations look to guard themselves in opposition to social engineering, phishing and different types of credential theft. 

One in every of Descope’s fundamental rivals is Stytch, a device enabling builders to construct authentication flows through an API in addition to JavaScript and Cell SDKs. In November 2021, Stytch raised $90 million in collection B funding and achieved a valuation of $1 billion. 

One other vital vendor available in the market is Auth0, a Buyer Identification Entry Administration (CIAM) vendor that permits organizations to outline entry roles for software and API end-users to implement dynamic entry controls. Okta acquired Auth0 for $6.5 billion in 2021. 

In line with Markovich, the important thing differentiator between Descope and different suppliers is its use of workflows. “These no-code workflows summary away the complexity of constructing authentication whereas nonetheless giving app builders management over their UX and UI,” he stated.