Check Out Our All New Podcast Resource Center!
Feb. 11, 2022

Forget Your Password? No, Seriously, Forget Your Password With Reed McGinley-Stemple

Forget Your Password? No, Seriously, Forget Your Password With Reed McGinley-Stemple

This episode features guest Reed McGinley-Stemple, Co-Founder and CEO of Stytch. Stytch enables Apps & websites to embed passwordless authentication for its customers.

Listen as Reed explains the advantages for companies to change from password based to passwordless authentication for its customers including how passwordless integration can increase customer lifetime value (CLV).

Don't believe it? In this episode, Reed details how one of their recent customers experienced a 62% increase in conversion by changing to a passwordless solution.

 

Discover how passwordless authorization works and how you can integrate their technology into your business.

 

Finally, find out how our customers use our technology to generate Email magic links to increase their conversion to purchase by creating a logged in experience for their customers.

 

Episode Action Items:

 

If you are interested in improving your end use experience, you can connect with Reed McGinley-Stemple and all the products available at Stytch by visiting https://stytch.com

 

ABOUT THE HOST:

 

Andy Splichal, who was recently named to the Best of Los Angeles Awards’ Fascinating 100 List, is the founder and managing partner of True Online Presence, author of the Make Each Click Count book series and Founder of Make Each Click Count University found at https://www.makeeachclickcountuniversity.com.

 

He is a certified online marketing strategist with twenty plus years of experience and counting helping companies increase their online presence and profitable revenues. To find more information on Andy Splichal visit https://www.trueonlinepresence.com, read the full story on his blog at blog.trueonlinepresence.com or shop his books on Amazon or at https://www.makeeachclickcount.com.

 

New episodes of the Make Each Click Count Podcast, are released each Friday and can be found on Apple Podcast, Spotify, Google Podcast, Apple Podcast and on Make Each Click Count at https://podcast.makeeachclickcount.com.

ABOUT THE HOST:

Andy Splichal - Make Each Click Count PodcastAndy Splichal is the World's Foremost Expert on Ecommerce Growth Strategies. He is the acclaimed author of the Make Each Click Count Book Series, the Founder & Managing Partner of True Online Presence and the Founder of Make Each Click Count University. Andy was named to The Best of Los Angeles Award's Most Fascinating 100 List in both 2020 and 2021.

New episodes of the Make Each Click Count Podcast, are released each Friday and can be found on Apple Podcast, iHeart Radio, iTunes, Spotify, Stitcher, Amazon Music, Google Podcasts and www.makeeachclickcount.com.

Transcript

Andy Splichal  0:02  

Welcome to the Make Each Click Count Podcast. This is your host, Andy Splichal. We are happy to welcome this week's guest to discuss today's topic, which is Forget Your Password. No seriously forget your password. Today's guest is the co founder and CEO of Stytch a platform for password list. Authentication that makes it simple for apps and websites to retire the password. A big hello to Reed McGinley-Stemple. Hi, Reed.

 

Reed McGinley-Stemple  1:16  

Hey, Andy thanks for having me on.

 

Andy Splichal  1:18  

Thanks for joining us. So, quick question. When I first read your bio, I thought that you were offering users the technology to automatically remember all their passwords. But when I looked into you a bit more I read about stitch, you appear to be on the user side for companies providing secure login for their customers. Is that correct? 

 

Reed McGinley-Stemple  1:38  

Yep, that's absolutely right. We're primarily a B2b company. And I think probably the best way to think about us as an analogy would be a company like Stripe, that makes it easy for other companies to embed payments in their websites and applications. We make it alternatively easy for apps and websites to embed password list authentication for sign up and login in their app.

 

Andy Splichal  2:00  

Got it. And so I see you offer quite a few options such as email links, SMS, passcodes, email, passwords, etc. How does it all work?

 

Reed McGinley-Stemple  2:10  

Yeah, so the fundamental products that we offer to our customers are a simple API, and also a front end SDK if they choose to use it, that allows them to leverage different authentication building blocks, like some of those options that you mentioned, like yes, a magic email link that can allow someone to be logged in, or an SMS one time passcode, which, on mobile, we've probably all had that great experience where that auto fills email passcodes. We also support things like sign in with Google, sign with Apple sign with Microsoft. And then we just released a couple months ago, our first biometrics product so that users can sign up and log in with a Touch ID or Face ID. And to your question of like, how does it all work? Effectively, what we do is we do the heavy lifting of building and kind of inventing these pastoralists authentication methods. And then we make it really easy for software engineers to integrate it into their own product by exposing our API  that makes it so if you want to allow a user to sign with a biometric, it's really just a couple of API calls to stitch that allows that user to log in with Touch ID or Face ID.

 

Andy Splichal  3:17  

So what is the advantage for a company to do this, instead of the traditional having a customer just choose a password? I mean, why would a company need this? Why would it why would a company want this?

 

Reed McGinley-Stemple  3:32  

Yeah, there are two major considerations for why companies decide to switch from password based to passwordless authentication. There's two big considerations are one security and two conversion. And it kind of depends on usually the sector we're talking to, and which one is weighing more on their mind. On the security side, the primary way that accounts get hacked today, actually, 81% of all internet account breaches, are due to weak or reused passwords. And so it's one of the problems that we have today where most users do reuse the same password across dozens of sites. So if one of those sites gets hacked, it creates a weak link in the chain. So for example, if headspace had hacked that could theoretically allow that attacker to also take over the user's Chase account, or Coinbase account, if they're reusing the same password, and that's a really common way that fraud propagates online. So one side is security. I'll say even more so like when we talk to ecommerce companies, SAS companies in general, like you know, B2C use cases, conversion is probably even the bigger consideration because if you think about it, two of the primary metrics that you care a lot about, as a you know, any company any business is, how much does it cost to acquire user and what is the lifetime value of a user? And from what we found working with our customers and prospects is that both of those metrics are really damaged by password based authentication, both in the signup phase when a user goes to create an account, you're creating a lot of friction and really introducing doubt into the users mind of do I want to actually use this account. And so therefore, should I go through the process of creating and then confirming this multi condition password that has special characters has numbers, has a capital letter, and we actually see pretty significant double digit percentage drop off in the funnel at that point. So you're immediately increasing your CAC or cost of acquisition for users. And then the other side is we find that even if a user signs up, often, whenever they forget their password, that's a really prime opportunity for them to actually fall out of using your service. And on average, what we found is that roughly 10% of your users will go through a password reset flow, in any given month of those that request to go through a password reset flow, we actually see that the majority closer to 75%, will drop off in the middle of it. So if you think about the LTV or lifetime value of your users, they're also damaged by the fact that you're introducing a really high friction process like a password reset, when really all that user wants to do is buy a sweater or you know, order a coffee to pick up whatever the action is that they're trying to do and your website or app.

 

Andy Splichal  6:13  

Interesting. I got a few things from those. One is I should change from using the password, just password and all my stuff. And second, you know, I can see where it would work. But how have you been able to prove it if you had any clients who have been able to attribute monetize results from using a password list system?

 

Reed McGinley-Stemple  6:35  

Yeah, definitely. So one of the case studies that we actually just released on our website a couple weeks ago was actually an example of a company that was using one of our competitors off zero who's an incumbent that's focused on password based authentication as a service. And they had migrated over from off zero to stitch and immediately saw a 62% increase in conversion. And there are really two primary things that they saw on that increase conversion for signups. One was that just by being passwordless, many more users are willing to try out the service. But the second thing was actually that a lot of the password forms and password providers today. If you're using you know password, passwords as a service companies like Ostheer, Okta, often they'll actually force you to click on a button and then get redirected to another site, before being redirected back after the authentication. And this company Lighthouse, they're a next gen rental platform for consumers, they found that that redirect also created a ton of drop off, in particular on mobile. And so you know, I think both the password list element contributes to the 62% conversion increase. But also the fact that they're able to keep them in the same user experience, with fewer clicks and fewer redirects, has allowed for a really dramatic increase that's helped both their LTV, but also, of course, really shocked. Well, not shocked, but pleasantly surprised to see that significant drop in their CAC or acquisition cost as well.

 

Andy Splichal  8:05  

So I'm a little confused still, when a new customer signs up, and they're using company who's using your stitch to create password list login. How does it how do they know it's still secure? I mean, are they? Are they still making creating a username? They're just not putting in a password? I mean, how does that work?

 

Reed McGinley-Stemple  8:28  

Great question. So today, you know, in the traditional model, where you use a username or an email and password in order to sign up and access an account, we still use unique identifiers in our system for the concept of a user. So we still have the concept of an email, for example, if you want to send that user a magic link, or passcode, authenticate them, we also allow you to register a user by their phone number primarily, if you want to send a passcode that way. And so you, you still have that concept of this is who this user is. And you can ask them for other things like, you know, address or username or whatever else you want to put on that user data model. But the big difference is that rather than asking them to produce a memorize secret at signup, like a password, or when they come back, we instead decide to verify what is that primary contact method that is tied to this user. So for example, that could be email could be phone number. We have you know, for example, Lighthouse, the example that saw a 62% increase in signup conversion, they actually let the user choose whether they want to sign up or login with email or phone number, because they find users on mobile tend to prefer phone number verification, due to the ease of using that versus users on desktop generally prefer email, because it's a little bit more convenient for them. So you're still verifying one of those methods. You're just not requiring them to also have a temporary secret or sorry, a memorized secret like a password. And from a security perspective, if you think about it, what do password resets really do today? They actually are a form of password list authentication. Because anytime you forget your password and will want to get back into a website or application, you know, 99% of use cases, all they're really doing is either sending you an email that you have to verify ownership of your email address, or they're sending you a text message to verify ownership of your phone number, right. So it really they are back owning the accounts with those types of identifiers. They're just making you go through, you know, seven, eight steps of a password reset to gain access to the site, even though it's really the email verification or the phone verification that underpins it.

 

Andy Splichal  10:36  

Okay, so I buy something and I put my email in, let's say Ecommerce website that's using this. And then three months later, I come back in there's there's a user, but right I enter my email again?

 

Reed McGinley-Stemple  10:51  

Yep. can you can enter your email or phone number depending on

 

Andy Splichal  10:56  

Okay.

 

Reed McGinley-Stemple  10:56  

the applications using that that's exactly right.

 

Andy Splichal  10:58  

So how does it know it's me? Does it send me an email, then?

 

Reed McGinley-Stemple  11:02  

Yeah, so a couple different options here. Let's stick with kind of the emailings. Sample to start, and I'll offer a couple other ideas. But yeah, for the email, say that you come back to the site, and you're trying to prove that, you know, this is andy@gmail.com, I have stored, you know, credit card information on the account. So I want to have that recognized user experience, what you do is just enter andy@gmail.com. And then there's a there's a couple of email based verification products that we offer, you can either send a magic link, which means it sends a link to your email that you click the call to action button sign in or authenticate. And when you click that, that actually does the authentication for you. And so you're in the site, you're able to take any action that you want. The other option is sometimes apps will choose to send an email passcode instead, so six digit passcode, that you can just enter on the original form that you're working with. So that definitely is one option, we find that phone number verification. So sending the one time passcode is more popular with mobile heavy use cases, whereas email is a little bit more popular with desktop. And then some of the other options that are very popular on our platform are things like sign in with Google, because you can verify the email address and log the user in without asking them to go to their inbox. And so it's definitely one of the areas where we see, we see generally, if you think about passwords versus password lists, if you go password lists, we've, you know, uniformly seen pretty large conversion jumps. But there are different types of password lists. So for example, sign in with Google, we do find, performs better than email magic links from a conversion standpoint, because the user doesn't have to move out. 

 

Andy Splichal  12:40  

No, I can see that I actually on the email one, I was just thinking, what's the difference between that and clicking on the last Forgot My Password link? 

 

Reed McGinley-Stemple  12:47  

Yeah, so we actually have a great graphic on this, that I could send you at some point. But if you think about it, often your password reset link is going to require somewhere between six and eight steps, depending on the application. So what it will say is okay, click Forgot Your Password. Okay, now, enter your email address, which you had just done a second ago, and you forgot your password. But okay, I'll supply that, again, you supply your email address, they say, if we have this on file, we just sent you a password reset link, you go back to your email, you click into the email, and you click the link, then it says, Okay, you verified your email. Now, we want you to create and confirm a new password. Okay, it has these five multi conditions, you have to hit like special characters, numbers, etc. You do those two fields, you enter those, and then often the most often implementation is that you're actually logged out after that. So they say, okay, you've now created a new password. Now, enter your email address again, and this new password and access the site. So well, forgetting your password can seem like it's one step by click Forgot My Password, again, an email link. Often you're actually putting seven eight steps in between a user clicking that intention and actually getting to the site to do what they want it to do.

 

Andy Splichal  14:01  

Against the other against the password list where you just click on a link, and then you're automatically in?

 

Reed McGinley-Stemple  14:06  

Yep. 

 

Okay, now

 

And you can either click on that link, or, for example, the sign in with Google piece, which we use our own site, because we find that converts really well as as well.

 

Andy Splichal  14:16  

Now, I've seen the sign in with Google. I've also seen sign in with Facebook. Is that another option you guys offer?

 

Reed McGinley-Stemple  14:22  

Yep. Yeah, definitely. So we started the first three sign in with X providers that we offered our Google, Apple and Microsoft and we're actually building out Facebook support currently. 

 

Andy Splichal  14:34  

Now, how do you envision passwordless gaining broader adoption? 

 

Reed McGinley-Stemple  14:41  

The biggest, the biggest blocker that we found, when we were working at so we worked at a company called plaid before we started stitch, my co founder and I and plaid was it's kind of the banking infrastructure for how you connect your bank account to Robinhood or Venmo or anything. And so we're really interested in the concept of, could you connect your bank account to them, and we're Robinhood without having to remember your password. And the thing that we found was most inhibiting adoption, both of that with banking technology. But also when we talked to a lot of other developers about, you know, why haven't you built your signup and login flows to do this, because we noticed there were a lot of security and conversion issues with using passwords in this flow. The biggest really inhibitor to adoption has been the difficulty of building secure and you know, really high quality user experiences around passwordless authentication. And so that's really where the idea for stytch them from is you could actually accelerate the trend by creating a stripe for passwordless authentication, because then it's easy for software engineers to build this natively into their app in a few lines of code and less than an hour. And that's really the biggest piece that we found, has been inhibiting adoption. The second piece, which is definitely secondary, but important, is education. So often I find this with older demographics, like my parents, if I'm talking to them about it, there's a very common question of like, how can it be secured to authenticate without a password. And a lot of people don't realize that passwords are actually responsible for most of the fraud that we have today. And that the two factor methods that we're using, like SMS biometrics email, are really the more secure backbones that we can just use to completely sidestep the password problem. And so I think that's probably the secondary piece that maybe inhibits adoption a little bit is there is some education involved.

 

Andy Splichal  16:35  

Now, is there a favorite success story that you could share from one of your clients?

 

Reed McGinley-Stemple  16:40  

Yeah. So in addition to kind of the data points I was talking about, with how you can significantly increase signup and login conversion. One of the other products that we released is a product called embedded authentication. So the concept here was, there's lots of user experiences that we have that are already within logged in contexts. So what I mean by that is, when I'm scrolling through my email inbox, or through my text inbox, I am effectively authenticated to that email inbox or to that text inbox. And so if I click something from that email inbox, why do I, you know, 99% of the time get logged out experience? In particular, if you're an Ecommerce brand, or someone like that, that's sending me a promotional offer for $10 off or apply this promotional code? Why do I click on that, and then I have a logout experience where now I need to go through more friction, have I forgotten my password, or I have to actually log in. And so this embedded authentication product we built is a way to actually embed authenticated deep links, also called embeddable magic links into the call to action buttons that you're already sending to your end users. And so for example, one of the success stories that I find really fascinating around this, and we're starting to see a ton of adoption with this feature is that one ecommerce company was able to increase their promotional email conversion to purchase by 300%, by just the fact that a user when they are high intent, and they click your $10 off or 10% off offer, they actually get a logged in experience, because that makes all the difference in the world, if it's one click after they do that, versus having to go through a password reset flow.

 

Andy Splichal  18:22  

Now, how does that work? Because, I mean, you can't be cookie based, right, with all the privacy restrictions that are happening. I mean, I wouldn't think so how are they already logged in when they click on a link?

 

Reed McGinley-Stemple  18:36  

Yeah, so if you think about what, when we talk about email magic links for verification, effectively, a magic link is a high entropy token that gets attached to a URL that you're sending that end user to, and it gets embedded within the call to action button. So it gets embedded within like the button that we send users. There's that says Sign In to, you know, ecommerce company or sign into this merchant. And embeddable magic links really works similarly, where if it's just a high entropy token that you can embed in different contexts. What that means about it being high entropy is anytime somebody clicks on it, you can be certain that no one else could have guessed what that token was. That's where you kind of get into cryptography. But effectively, the fact that if I am producing this token to your website, and this is invisible to the user, but if I'm producing this token to the website, you know that that was the unique token that was only sent to andy@gmail.com or to Reed's phone number. And so it's always a unique token that's generated for the individual user, so that we can detect and then provide access to that unique user. So it's kind of similar to like, when you get a one time passcode to log in with your phone number or do a two factor authentication, they know that that one time passcode was only generated for you. And so therefore, it's a way that you can retain security but also reduce the need for the user to remember your password. 

 

Andy Splichal  20:00  

So when that example in your story was sending out an email, I'm assuming there's multiple links. So it's like most promotional emails right there. You want to buy a, b, or c, is it? How does that it's the same token that is embedded into all those different URLs?

 

Reed McGinley-Stemple  20:19  

Yeah. So for example, the way that customers work with our API, when they're embedding these is that they'll say, Okay, I have these 100,000 users that I'm going to send a promotional email marketing campaign to, I what I'd like to do is for each of these users generate a unique high entropy token. And then I will use that token appended to the URLs in the same email context. So they can use that same token for that particular user on all those different places where you can click on that promotional email, but it is the same unique token to that user. So it's different between andy@gmail.com gets permission, you know,

 

Andy Splichal  20:58  

So it's kind of like tracking code, except it's unique to that user?

 

Reed McGinley-Stemple  21:02  

Yep. Yeah, that's a good way to think about it.

 

Andy Splichal  21:04  

Now, have there been any challenges that you struggle with in services providing for clients?

 

Reed McGinley-Stemple  21:11  

I think there's definitely a communication piece around, you know, letting developers know, how they can build passwordless authentication, I think actually, like, you know, a number of the questions that you've asked earlier in this conversation, are really natural questions to come up in the integration process of, you know, how can passwordless be secure? How should I think about using these tokens versus this password, this option, and I think a lot of it is just around being consultative with our customers and making sure they understand both why password lists can be better for security and conversion, but also that it's not one size fits all. So for example, I often give different recommendations to a crypto or FinTech app that's integrating our products than I would necessarily a news reading app, or a general ecommerce merchant, because they have different needs when it comes to the demographics of their audience. And whether the users primarily on mobile or desktop. And as a result, they're different, different password list authentication types that I recommend to them. So I think that's one of the big challenges is just making sure that we communicate, both, you know, in those conversations clearly about how they can think about using these services. But then also, the other thing I think about is we do have a self serve model as well, where developers can just sign up and use our API. And so we try to work a lot of that content, and kind of consultative advice into documentation as well that we have on our site. And so it's definitely a challenge, but also an opportunity.

 

Andy Splichal  22:39  

Now, let's take a step back for a minute before we get into the different services that you guys are offering. But I see that you recently raised 90 million in Series B funding, how involved were you with this process? And how does that process work for those that might be interested in and taking that road?

 

Reed McGinley-Stemple  22:57  

So my, my co founder and I were both very involved in this process, we're really excited to close this Series B round with Cotu, who lead the round as well as existing investors like benchmark and thrive and index. And this particular round is probably different than our seed and Series A, in the sense that Cotu had already been on our cap table. So they were a small investor in our Series A, and we, you know, stayed in touch with them very closely, since we had done our Series A in the summer of 2021. And as they had seen the metrics and kind of growth behind the product, behind the scenes and all of the internal data that we've been sharing with them, they got very excited about figuring out whether there was some way that we could do a Series B now and we could, you know, further deepen the relationship. And so this was a little bit different of an experience because they already weren't investor and this was effectively them doubling down in the past. You know, when I think about like our seed, fundraise where we went and pitched 25 Different VCs had a large number of term sheets, and then kind of decided who to partner with. After that. That's a much different process where it's more of an open process and your pitch in a lot of different individuals explaining a vision. And for that, I think the big things that I would advise other founders that are looking to raise money is one, first asking the question very honestly, of whether you think this should or maybe can be a venture backed company. There are lots of great companies that don't necessarily need venture capital, because you know, there's pretty short term investment that will lead to pretty immediate profitability. It's a little bit harder when you're building like a really large infrastructure company. It's why the companies like Stripe, Plaid, etc. Twilio have taken on venture capital as all of the upfront costs in order to make great infrastructure. So I think the first question I, I advise friends, it's just think about whether you want to take on venture capital. And then if you do, I think, really having lots of not only quantitative data about like the product and how doing but I think qualitative data and Anik data that comes from the customer stories, the prospect pain points, etc, that you can share with venture capitalists makes it all much more tangible for them. And I think that's one of the things that I sometimes see glossed over is there's so much context in your head of why this company should exist. If you don't have the anecdotes or the stories that you know, humans will spike on and they'll engage with, when you're taking this conversation on the road to those different venture capitalists, it's going to be hard to break through and really capture their attention.

 

Andy Splichal  25:34  

Now, did you and your co founder, pitch that yourself? Or did you hire somebody to do that? How did that work?

 

Reed McGinley-Stemple  25:40  

Yeah, we pitched it ourselves. And that's the primary model I'm most familiar with. I think there is something really important about the founders being able to articulate the vision and products clearly. The reason being is that as a founder, you realize pretty quickly that a lot of your life becomes selling pretty quickly. You know, you're building a product, of course, and you're you know, also engineering things. But for the most part, when you think about fundraising, recruiting, and then actually selling the product to customers, a lot of those requires similar communication skills about what you're working on, and why it's valuable. And so I do advise founders not to outsource that part of the fundraise.

 

Andy Splichal  26:22  

I was just picturing I don't know, are you familiar with Oren Klaff?

 

Reed McGinley-Stemple  26:25  

I'm not.

 

Andy Splichal  26:26  

Oh, he's the author of Flip The Script, and Pitch Anything. So he's, yeah, has a lot of good stories about about pitching to venture capitalists. You know, speaking of that, one of my favorite things to do in these interviews, is ask this question. And it is, are there any business books out there that you can attribute to your journey as an entrepreneur?

 

Reed McGinley-Stemple  26:49  

Some of the most helpful content I've read since founding the company? And I guess I'll divide this question in two things that have helped me since I founded the company and things that helped me before that, and then continue to help me. So since I founded the company, I found functional, specific books to be really helpful. So for example, what is the best book, I'll ask this to my investors on recruiting or on marketing or on sales, because I find, you know, I had worked in a generalist go to market and then in a product management role before starting stytch. And so there's lots of functions that I don't know enough about when I originally started the company. And so one of the books, for example, that I thought was super helpful for wrapping my head around how to build a scalable and high signal recruiting function is a book called Hire With Your Head. It's pretty short, it's, you know, doesn't take too long to read. But I feel like you can vastly improve your knowledge of that functional area by just spending a few hours on that. And I tried to kind of think about that with every new function when I have to think about learning a new skill set. So that was, that's been helpful since I've been an entrepreneur is kind of diving into books and content like that. They're also like biographies, I find pretty helpful. So for example, one recently that I read that I thought was really interesting was software. And it's about the story of Oracle and Larry Ellison, and it's actually written in a really interesting way where Larry Ellison has the ability to retort some of the biography because it was a like, slightly joint publication. And so it's interesting to hear the biographers take and and Ellison's kind of context that who out on top. So I found that helpful. Before I started before I became an entrepreneur and, you know, continually find these pieces of content helpful, are really deep dive product, and strategy writers like Ben Thompson, and Packy McCormick, where they go really deep on accompany their product and business model. That's always just super helpful I find for kind of brainstorming different ideas, and also just understanding how different things I'm not as involved in work.

 

Andy Splichal  28:53  

That's a That's a great answer. That is a lot of tips on how you have gotten the most out of books and your different steps. I really appreciated that. You know, speaking of the company, let's get a little bit more specific. What problems are you solving with stytch for your clients? And how do you stand out from from the competition?

 

Reed McGinley-Stemple  29:14  

The biggest competition we have today are the incumbents like Okta, or Twilio, or if you decide to build in house, kind of a username and password model for signing up and logging in new users. And the big thing that we solve for clients and communicate to prospects, and it helps us stand out from the competition is that we're not a authentication. We're not just an authentication company, we really consider ourselves a conversion company. And so when I think about that, when a prospect comes inbound, and they're thinking about updating their onboarding or login flows, our intent is to give them the most secure password list methods, but then also give them consultation on which we've seen drive the highest conversion at different parts of the on all four companies like them, and so I think that's a big difference in terms of like moving from an incumbent authentication vendor to something like stytch is often the sales process has been kind of checkbox, where it's like, okay, I don't have to do the work to implement authentication. And I know it's done securely, because there's this multibillion dollar company that just thinks about this. All those things are still true as stitch. But I think the next level value generator that we talk the most about with our prospects and customers, is let us help you convert more users, and continue to increase conversion along the way as we introduce more features. And so I'd say that's one of the big ways that we stand out relative to competition.

 

Andy Splichal  30:41  

So let's talk now about what services you offer when somebody comes in. And I mean, how does that conversation go? You ask them what they need. They're already familiar with you they're not, has walked me through that? 

 

Reed McGinley-Stemple  30:55  

Yes. So we offer a range of different passwordless authentication products. And then we also offer the ability to wrap them together and what we call kind of like templates for what makes sense for your company. And so some of the example products that we had talked a little bit about earlier, are kind of like the base level products and features were okay, I have email based authentication options, like magic claims and passcodes. I have phone based authentication options, like SMS passcode, we also support WhatsApp, passcodes for international clients. And then I have a range of other kinds of general authentication methods that are cross mobile and desktop. So biometrics OWA connections, so that's what like signing with Google, Apple, Microsoft, etc. is, and we have all those as different kinds of individual products. But I think the big question, often this is where we, you know, work with our customers is, what are the right, what's the right set of those products, that makes the most sense for you. And so some of that is consultative, but then we also do have front end components, where, for example, if you wanted us to own the UX and UI of your signup and login flow, rather than, than just using our API's, and you own the design, we also can give you that out of the box. And so that's another service we offer is effectively a front end on top of these authentication products, so that you can just stick our SDK in your app or website and forget about it. And you know, you can track the pretty immediate conversion bump that you'd see there.

 

Andy Splichal  32:26  

So are these like ala carte? You pick three different ones, you know, you charge for each one you pick? And? And whether you're hosting the the interface? Or is it a pack, you have different packages? How, how are customers build?

 

Reed McGinley-Stemple  32:44  

Yeah, so there's two different kinds of options, you can use our pay as you go model, or you can do custom negotiation. So the Pay As You Go model actually bundles all of the products. And we charge based on a monthly active user. So for example, a monthly active users defined as did a user actively sign up or login, okay, stitch that month. And then that covers, you can get signed with Google, you can get email magic claims, you can get SMS, you can get biometrics, really anything that makes sense for your case, you can use. And that starts at 10 cents per monthly active user. That also includes like the embedded authentication products. The reason we have the custom discounts and negotiation is we understand businesses have different context around like what they're doing the value prop that this will provide them. And sometimes they may just need one of those products. And so we're happy to do ala carte pricing those scenarios, as well as figure out unit rate discounts as well, if they, you know, are bringing 100,000, 500,000, a million users to the platform.

 

Andy Splichal  33:45  

So who is the perfect customer for your agency? If this person is listening right now? That's the person who really should call you or contact you.

 

Reed McGinley-Stemple  33:56  

Yeah, so it's interesting, because we are a horizontal product product. And what I mean by that is any vertical any product could use us to have a better, you know, user authentication, signup, and login flow. I think, you know, beyond that, like, really, the perfect client is one that is interested in improving conversion, and also just the user experience of their end users, and wants to partner with someone that can help guide them through that, but also give them the technology to do it.

 

Andy Splichal  34:26  

And is there I mean, you mentioned the the 10 cents per login. Is there a minimum? I mean, should a company be of a certain size before they think about doing something like this?

 

Reed McGinley-Stemple  34:45  

No minimum at all. So it's actually the first 100 monthly active users are free today. So you can actually get started and pay nothing but then there's no minimum. To get started, you can sign up and even self serve into the product. If you don't want to talk to anyone. Of course, we're happy to talk with you and kind of guide you through more details of implementation and even actually architect things that's interesting. But really our product is designed to be, you know, a two person startup can use it from the beginning, or a fortune 500 enterprise can make that migration and password lists to provide better security and user experience.

 

Andy Splichal  35:14  

And does your software work on any type of platform? Any site or website platform? 

 

Reed McGinley-Stemple  35:20  

Yep, exactly right. 

 

Andy Splichal  35:22  

Okay, great. Well, that sounds great. How could an interested listener, learn more about working with you and connecting with stytch? 

 

Reed McGinley-Stemple  35:30  

Yes, so our website is stytch.com  stytch.com. And if you go to the website, there's a couple different options. One is you can just sign up and check out the docs and check out the product. But we also have a call to action that says, talk to an auth expert. And so if you would, like you know, a little bit more kind of architecture advice, or for us to show you some examples, what others have done in your industry that has seen really good results, we're happy to set up some time to actually walk you through what a passwordless transformation could look like for your business.

 

Andy Splichal  36:04  

Well, this has been great. Is there anything else you would like to add before we wrap it up today?

 

Reed McGinley-Stemple  36:09  

No, I think I've really enjoyed this podcast, also listening to your past episodes for Make Each Click Count. And so I think the only thing I would just say is one of the things that we're really excited about is just, you know, as we think about ourselves as a conversion company and reducing friction on the internet, there's so much opportunity in the authentication space where it blocks us from signing up, logging in or engaging with something like a promotional email, or anything else that you might be sending to your end users. And so we're continually excited to find new ways to reduce friction. So if you have a problem related to user friction or conversion that we haven't touched upon today, I'd also encourage listeners to reach out and just let us know what type of features or products they're looking for.

 

Andy Splichal  36:53  

What's been great. Well, thank you for joining us today, Reed.

 

Reed McGinley-Stemple  36:56  

Thanks for having me. Really appreciate it. 

 

Andy Splichal  36:57  

Remember, if you liked this episode, please go to Apple podcasts and leave an honest review. And if you're looking for more information regarding stytch or connecting with Reed, we'll find the links in the show notes below. In addition, if you're looking for more information on growing your business, check out our all new podcasts Resource Center available at www.makeeachclickcount.com. We have compiled all the different past guests by show topic and included each of their contact information in case you would like more information on any of the services that I've discussed during any of my previous episodes. That's it for today. Remember to stay safe, keep healthy and happy marketing and I will talk to you in the next episode.