I’m pleased to announce I’m on the advisory board of Auth0, a company making authentication trivial. I’m going to get to Auth0 specifically in a minute but let’s talk about how companies place bets.
VC firms, book publishers and movie studios all do approximately the same thing but with different media in different cities. VCs try to find tech companies, publishers find books and movie studios try to find blockbuster movies. Silicon Valley, New York and LA. The problem is, we don’t yet know how to predict the future. Therefore they try to come up with nice stories about how something will succeed or fail and put money in to the things that they think will succeed. Of course, they’re largely wrong on those bets.
Luckily the rewards for being right are disproportionate. Because of the long tail distribution, being right will make you very right, and rich. That win will pay for all the failures. In fact it’s an interesting exercise to think that maybe the long tail distribution of returns is the only way it could work and maybe it’s a long tail precisely because it has to be.
In any case, these firms place a number of bets. Let’s say they invest in ten companies, book authors or movies at $10MM each. Then we hope one of them becomes a billion dollar exit (Google, Harry Potter or Lord of the Rings). That will pay for the other 7 that blow up and the 2 that do ok. Things blow up all the time, like Solyndra or Waterworld.
In this model the firms have to raise the capital to make these bets, either from past lottery winnings or from investors. But when you think about todays service businesses the model is very much inverted.
Instead of you paying to place the bets, the customer is paying you. You have a large number of companies paying you $5/month for some minimal service level and then some of them will randomly take off and start paying you $1,000/month or whatever it happens to be. Thus by providing a very visible self-service model you can expose yourself to some large upside almost automatically. This optionality is interesting; in that your customers are paying you to take the option.
Of course, they can always jump off your service too. But if you’re doing your job they won’t do that; you just have to create different incentives and value models as you go up the stack. You need more features as the price increases, better customer service and so on.
Compare and contrast this to you having to pay to take the bet. Under that model you have to go find the customers where here they find you. You have to build narratives about why they will succeed instead of them doing so. All in all, it’s a lot nicer when they come to you.
Also notice that we’re smoothing the price function. Instead of not funding your movie or funding it as a binary, $0 or $10MM bet, you pay whatever you want. Maybe it’s $5/month, maybe it’s $100/month but we’re still exposed to the upside while covering costs for the low end of the market instead of just turning those options away.
The other thing that’s evolved is the sales process. Instead of me having my bizdev guy talk to your bizdev guy to get business, your developer just happens upon my service and starts playing with it. Instead of exchanging press releases, our developers talk about how awesome everything is. It’s much more efficient that way, especially when getting started. You don’t have to pay for your developer to talk to their PM to talk to their bizdev guy to talk to my bizdev guy to talk to our sales rep. Your developer just talks to my developer. That’s cheaper and quicker for you and for me. We’re reversing the causality here too; my bizdev guy doesn’t contact 100 companies to find 10 that might use the service. The 100 companies just find me instead.
Back to Auth0. I like Auth0 for a number of reasons:
- Making Enterprise Easy. You might not be aware, but everyone uses ActiveDirectory or AD. It’s great for a number of things like making Office and Lync and various DRM things all work together when you’re a real company. But it sucks if you want to expose your users externally. For example you want your employees to be able to use their username and password (credentials) to log in to your healthcare provider. Auth0 makes that magically (and securely!) work.
- Making Hacking Easy. Doing away with the “user” table. I see the primary advantage of Ruby on Rails as doing away with having to learn SQL. Thus I now “only” need to know HTML, JS and ruby. Parenthetically, you see things like meteor making this an even shorter list of just HTML and JS. What Auth0 does for me as a developer is remove all the user pain. I don’t need to start building my app with an email authentication loop, an email server and SQL table or whatever, now instead I just insert a couple of lines of JS and let Auth0 handle that. Gradually we are chipping away at all the things you need to do to get a web app up and working.
- Auth0 hides complexity. It’s a real pain to go set up authentication with the 1,001 providers like Google, Microsoft, Twitter, Facebook and so on. What Auth0 does is magically hide all that pain via their very cute dashboard.
- Openness. Auth0 is all over github.
- New things. Auth0 just shipped a wordpress plugin to let you login to your wordpress instance using, basically, anything you can think of. This is great; no more authentication loops dropping users at the first hurdle!
- People. It’s easy to turn money in to smart people working for you. But it’s really hard to get the quality, depth and breadth Auth0 has without doing something truly meaningful. Auth0 is great people doing great things.
And of course, Auth0 is exposed to the kind of optionality I described above as many others are too. So, if you have any interesting authentication go play with Auth0.