The COVID-19 pandemic pushed digital transformation, as economic activity became almost completely digital. This increased the importance of cybersecurity as payment, shipping, and identification information are being transferred online at a significantly higher volume. To understand why passwordless authentication is the best option for your business, we talk with Albert Purnama, co-founder of Cotter and an expert in software development.
Albert graduated from the University of California San Diego, with a degree in Computer Science but had already been working as a freelancer, building websites. During college, Albert used this experience to join hackathons and worked on multiple projects before meeting his co-founders in his 2nd semester. At 19 years old, Albert won 1st place in AngelHack's global hackathon. By 21, Albert was hired by a Y Combinator startup and at 22, he was admitted to Y Combinator for Cotter.
Early on, Albert built an authentication solution for a mobile trading application back in Southeast Asia. People in developing countries are similar to GenZs, operating mobile-first; therefore, to authenticate, they primarily rely on their phone and SMS-based one-time passwords. This experience was priceless, as it guided the foundation of Cotter. Through Y Combinator's accelerator program, he continuously integrated customer feedback using his software development skills to complete the first iteration of Cotter's authentication solution.
Security has never been so simple
These outdated SMS-based tools are notoriously expensive and insecure. Companies pay SMS gateway providers every time their users log in or authenticate. Moreover, since the SMS-based passwords are human-transferrable, scammers have been able to mimic company representatives and retrieve these passwords from users.
Based on these shortcomings, Albert and his team integrated new technologies, like WebAuthn, into Cotter. "We [set] out to develop an authentication solution that authenticates the user using a challenge signed by a private key stored securely on the user's device, which in return authenticates users over the internet, without entering a one-time password, and ties the user's account to the user's physical device" - Albert explains.
Cotter made it easy for web and mobile developers to integrate FIDO, PKI (Public Key Infrastructure), and WebAuthn in under 15 minutes. It is easy for users, as they don't have to download any extra authenticator app or re-authenticate themselves the next time they log in, and also improves security significantly as the only way to gain access to a user's account is through their physical device; thereby, eliminating the risks associated with passwords.
Software development in the face of increased security anxiety
Business owners understand that their success depends on trust. Therefore, as an increasing number of users express concerns about security, businesses must stay up to date with the best tools in the industry, making software developers like Albert indispensable. As the CIO at Cotter, Albert designed an authentication solution that can evolve to neutralize new security threats.
Lessons learned along the way
Despite studying engineering, Albert learned that as an entrepreneur, listening to customers is essential. The most important lesson that he derived from his journey is that you must create something that people want. Entrepreneurs don't talk to their customers enough and often build something that they think the customers would want, when in fact they do not.
"My co-founders and I learned that the best product is usually the one that uses the least amount of technology. With Cotter, we made authentication simple; so simple that developers can have a login page in less than 15 minutes simply by copy-pasting a block of code." Albert sums up.