Google One Tap support, WordPress CIAM plugin, and no-code A/B testing help ecommerce apps grow users without sacrificing security
Descope, the drag & drop customer identity and access management (CIAM) platform, announced a host of capabilities to help ecommerce and online retail companies provide secure, personalized, and omnichannel authentication experiences to their end customers. Notable additions include support for Google One Tap and a comprehensive WordPress plugin, enabling retail stores of all sizes to create user-friendly authentication journeys.
Authentication and customer identity management are important difference-makers in crowded ecommerce markets – every app builder seeks an ideal tradeoff between user experience and security without exhausting engineering resources. In 2023, the FIDO Alliance found that 47% of users abandoned an online purchase within the last month because they forgot their password, highlighting how user friction has a real impact on the bottom line. At the same time, Verizon research reveals that credential-based attacks remain the most common cause for data breaches, providing further impetus for online retailers to go passwordless and add the right security controls.
The Descope no / low code CIAM platform helps organizations easily create and customize their entire authentication and user journey using visual workflows. Hundreds of customers including GoFundMe, Databricks, and Navan use Descope to reduce user friction during onboarding, enhance protection against account takeover attacks, and unify identities across customer-facing apps. The capabilities highlighted in this announcement further help ecommerce firms create delightful user journeys while introducing the “right kind of friction” when the situation merits it.
“The UX-security tug of war is never more apparent than in the world of ecommerce and retail apps,” said Rishi Bhargava, Co-Founder of Descope “Descope’s goal is to help our customers turn ‘UX or security’ into ‘UX and security’. We’re excited for ecommerce customers to adopt features like Google One Tap, our WordPress plugin, and passkeys to make auth easier for end users and to make attacks harder for cybercriminals.”
Read More: SalesTechStar Interview with Andy Brabender, CRO of Rootstock Software
Google One Tap
Customers can now use Descope SDKs to easily add native One Tap browser prompts from Google to their web and mobile applications, making it possible for returning users to sign in without needing to remember or enter any credentials. Customers can also run “post-authentication” flows to collect custom user information after One Tap authentication is complete.
Online retailers can leverage One Tap to improve conversions, reduce the cognitive load on users, and provide a unified authentication experience across web and mobile apps.
WordPress plugin
Platforms like WordPress help hundreds of millions of websites and storefronts get online, with recent stats showing that WordPress powers a staggering 43% of all websites. However, authentication options on WordPress are limited to restrictive defaults or niche, single use case plugins.
The Descope WordPress Plugin helps site owners harness the full power of the Descope CIAM platform – customers can add any authentication method (social logins, magic links, passkeys, etc.), flexible MFA, and even single sign-on (SSO) across multiple sites or storefronts.
User journey A/B testing
Ecommerce sites are built around rapid iteration and growth experiments, but customer identity systems have tended to stay static because they have been complex to implement and modify. Descope’s A/B testing capabilities help customers run user journey experiments without touching their app’s codebase. User traffic can be split at random or based on configurable conditions, helping customers prototype and test out new auth methods, onboarding sequences, security controls, and more.
Read More: Measuring the Impact of Sales Enablement Initiatives – Tracking Key Metrics
Passkeys have continued gaining popularity, with recent adopters including online retail sites like Shopify, Best Buy, Home Depot, and Walmart. However, keeping up with the WebAuthn protocol can be time and resource intensive if done in-house, and many organizations wish to exercise caution during passkey implementation and cover all edge cases.
Descope has supported passkeys since Day 0, and the platform has since added a host of capabilities to help customers adopt different flavors of passkeys in days rather than months. Notable capabilities include the ability to augment existing CIAM systems with passkeys, enabling passkey autofill for returning users, cross-device passkeys, and adding fallback methods when the user’s device is not passkey compatible.
“Descope’s flexible workflow approach has helped us add strong, phishing-resistant WebAuthn authentication when end-user hardware and software support it and fall back on other MFA options when it can’t be supported,” said Arkadiy Goykhberg, CISO at Branch Insurance (a Descope customer). “Visualizing the user journey as a workflow enables us to audit and modify the registration and authentication journey without making significant code changes.”