This startup is making online transactions easy and secure without OTPs
Today, most online transactions are secured with one time passwords (OTP) to provide an additional level of security. However, many times, people complain of never receiving OTPs, which makes them repeat the whole login process again.
To solve this problem, 23-three-year-old Prabhat Sahu foundedearly this year.
It is a customer-centric and device-based secure one-tap authentication solution for apps and websites, removing the need for password authentications and OTPs.
SAWO or Secure Authentication Without OTP, provides an end-to-end encrypted and secure solution, and claims to cut the authentication costs down to a quarter of what businesses currently incur.
“Forgetting passwords, not receiving OTPs to retrieve the forgotten password, and the chaos that follows ultimately leads one away from the service,” says Prabhat.
As of now, SAWO provides Authentication as a Service (AaaS) for Indian app publishers and IT/software enterprises deploying authentication for their products.
Prabhat says: “I got the idea when I was back at my family home in Gujarat due to the pandemic and was trying to log on to Hotstar. For almost an hour, I did not receive the OTP, and it got me thinking about the multiple situations in which delayed OTPs hinder essential services and cause hassle to the end-user.”
According to the founder, the vision of SAWO relies on three pillars - cost, convenience, and security. The startup competes with Hypr, Cotter, and Auth0, which possess their individual authentication processes. But Prabhat believes SAWO is different as it works towards making existing processes cost-effective, secure, and convenient for a better user experience.
“We utilise the same data used by these companies, encrypt it end-to-end ensuring they retain the usual autonomy over the data - all of it at one fourth of the cost they currently incur. Reduced costs and enhanced user security does become an essential convincing factor for players on all levels, especially these aggregators,” says Prabhat.
SAWO uses public key cryptography standards to create an end-to-end secure authentication experience. When a user attempts to authenticate via a SAWO-powered platform, a private key is dropped in their device. Even when the session is stored or the user does not log out from the said service, the private key stored on their end is triggered the next time they migrate to an app powered by SAWO authentication solutions.
Prabhat Sahu of SAWO Labs
These trigger processes occur every time the user interacts with different apps that has SAWO's authentication deployed. The end-user is not redirected to SAWO’s website or other allied portals during the process. Users can simply use their phone device's screen-lock, security code, or pattern feature for additional security.
The market and business
The Identity and Access Management market size is expected to reach $24 billion by 2025. Gartner predicts that by 2022, 60 percent of large and global enterprises, and 90 percent of midsize enterprises will implement password-less authentication methods in more than 50 percent of use cases.
SAWO works on a pay-per-use API model with an average revenue ranging from 5 paise to 9 paise depending on the authentication volume of its clients. The average revenue per authentication at the end of 12 months is projected to be 7 paise for over 65 crore authentication requests.
SAWO’s key strategy is to target the Indian app publishers, developers, and startups requiring authentication services.
“We would be able to cater to their needs by providing a standardised, cross-platform, and easy to implement solution for authentication. In addition to this, the Indian IT and software sector proves a key source for high volume clients,” says Prabhat.
Prabhat has so far invested Rs 5 lakh in the business. SAWO has also raised an initial round of angel money of Rs 25 lakh from 100x.vc through iSafe notes. Recently, it raised Rs 5.5 crore and closed its seed funding round. The round was led by StartupXseed.
One of the initial challenges for the startup was finding individuals who believed in the solution, and it was further complicated by the pandemic. The founding team started pitching the idea to investors and was surprised to see the reception.
"One of the investors, even though we did not technically align with his investment thesis, referred us to one of his portfolio companies, a mainstream movie ticketing platform, and we quickly took up that opportunity and closed the deal, and that is how we set the ball rolling," says Prabhat.
Being the sole founder of the business, Prabhat says he had to initially juggle multiple responsibilities alone - hiring by day, client calls by noon, and coding by night. But he managed to employ people in the first 50 days of starting up. The startup now has 10 people on the team.
Another problem was that Neo Banks, who handle the OTP feature, turned out to be the most difficult transaction for the startup. Prabhat says banks did not want to compromise on their revocation feature and wanted the friction that allowed them to revoke users’ access.
“Having them cross that bridge was a mammoth task, but we did manage to work it out and earn their trust,” says Prabhat.
Prabhat says, “In the next 12 months, we project to onboard 350 clients, serving over 65 crore authentication requests. By doing so, we will achieve a revenue of Rs 4.9 crore in the very first year of operations.”
The startup will also be developing the express check out feature in the next 18 months to end the dependence on recurring use of OTPs. The user can skip the login process and directly proceed to checkout by simply entering the email ID or phone number, then entering the shipping address and proceeding to payment gateway.