Descope launches authentication and user management SaaS

Descope has launched its first product, a platform designed to help developers add authentication and user management capabilities to their business-to-consumer and business-to-business applications. The software as a service is available now. Developers can access the product free of charge for up to 7,500 monthly active uses for B2C applications and up to 50 tenants for B2B apps. Beyond these there is a US$0.10 per user and US$20 per tenant.

The Descope platform aims to make it easier to build passwordless authentication, according to the company. Descope says the new product allows organizations to:

• Create authentication flows and user-facing screens using a visual workflow designer.
• Seamlessly add a variety of passwordless authentication methods to apps such as magic links, biometrics and passkeys (based on WebAuthn), authenticator apps, and social logins.
• Validate, merge, and manage identities across the user journey.
• Get business apps enterprise-ready with single sign-on (SSO), access control, tenant management, and automated user provisioning.
• Enhance user protection by easily enabling multi-factor authentication (MFA), step-up, or biometric authentication within applications.

Descope’s platform offers different integration options: a no-code workflow builder and screen editor, a set of client and backend SDKs, and comprehensive REST APIs.

Managing identities with Descope

Developers creating authentication flows with Descope will be able to choose different ways to validate identities including by confirming users’ email address, phone number, or any other chosen identifiers through magic links or one-time passwords. Identity validation can also be done through enterprise identity providers including Azure Active Directory and Okta.

There is also a function to merge identities when, for example, a user signs up using one method and on, another occasion, chooses a different one. Some systems will create two different accounts for the same user, which can cause loss of data.

“Descope ensures that, if a user signs up with a new authentication method, their identity is merged across any signups using other authentication methods after validating the identity. This presents applications with a unified view of their users and gives users a much better app experience,” Rishi Bhargava, Descope co-founder, tells CSO.

Reduced options for attackers to break authentication

Compromised user accounts are one of the most common ways through which attackers access companies’ systems. Like many other vendors, Descope bets on increasing security by using other types of authentication, which reduces attackers’ options as it prevents brute-force attacks, credential stuffing, and password spraying, according to Descope.

It also uses device fingerprinting and several other factors to identify if users are signing in from a new device, unusual location, etc. App developers can choose to add step-up authentication in these cases and request an additional authentication factor.

Descope bets on the move to passwordless authentication by tech giants such as Apple, Google, and Microsoft but also on the risk passwords continue to be to the security of companies. Descope claims to simplify and speed up the implementation of a variety of passwordless authentication methods for application developers.

Authentication and user management are complex and time-consuming to implement,  Bhargava tells CSO. “What starts off as a single line item often turns into multi-year investments. Building and maintaining authentication in-house delays an app’s time to market, takes developers outside their focus areas, and can lead to security vulnerabilities.”

Descope was founded in April 2022 by Rishi Bhargava, Slavik Markovich, Dan Sarel, Meir Wahnon, Doron Sharon, Guy Rinat, Aviad Lichtenstadt and Gilad Shriki and has just raised US$53 million in seed funding, which includes investments from Dell Technologies, Crowdstrike CEO George Kurtz, and Rubrik CEO Bipul Sinha.