Summary
In a recent study by Ping Identity and Yubico, it found that IT leaders across the globe are eager to eliminate passwords, including 94% who are concerned about passwords and 50% who worry they are too weak for security purposes. The findings highlight concerns on password security and productivity as users aren’t careful about password management and using passwords tends to hurt conversion rates. Thus, a passwordless future is where Magic steps in. is a Web 3.0 software platform that allows developers to add passwordless authentication to their applications. Their main charter is to create a delightful authentication experience for Web 2.0 and primarily Web 3.0 onboarding. They do this by providing user authentication and private key management through one SDK that combines passwordless auth with non-custodial key management. Currently, the market for passwordless authentication is highly competitive due to the varied and multitude of methods of customer onboarding experiences across companies. Magic has achieved success partnering with Web 3.0 native companies but needs to continue to attain market share by continually innovating the product and developing a robust strategy on acquiring new customers. Team Overview
, originally Fortmatic, was founded by Sean Li, Arthur Jen, and Jaemin Jin in 2018 and is currently based in San Francisco. The founding team all has extensive experience with developing and growing software companies and all received Software Engineering degrees from the University of Waterloo. Magic currently employs 40~ employees. Previous Work Experience:
Product Lead at Docker (2014-2016)
Co-Founder/Chief Product Officer at Kitematic, acquired by Docker (2013-2014)
Education:
University of Waterloo, Software Engineering
Previous Work Experience:
Software Engineer at Yelp (2015-2018)
Cloud Engineer at Inkling (2013-2014)
Cloud Computing Software Developer at Ontario Institute for Cancer Research (2013)
Cloud Operation Analyst at Awareness (2012)
Education:
University of Waterloo, Software Engineering
Previous Work Experience:
Software Engineer at Uber (2015-2018)
Software Engineer at Amazon.com (2015)
Software Engineer at Apple (2014, 2013)
Education:
University of Waterloo, Software Engineering
Product
In traditional applications, authentication is done by verifying a user through a username and password. In passwordless authentication, this verification is done without the use of passwords. Identity can be verified through an object that uniquely identifies the user.
How it works?
Traditional password process
Magic’s passwordless process
Why is it different?
Magic has adapted W3C's (DID) protocol to leverage the blockchain and to generate verifiable proofs of identity and authorization instead of SSH key-pairs. Magic has developed this architecture, Delegated Key Management (pat. pend. USPTO 62/904689), which allows it to remain non-custodial by leveraging Hardware Security Modules (HSMs) provided by Amazon Web Services' Key Management Service (AWS KMS). For Magic, this means they are able to provide authentication through:
Magic Links (Email + Embeddable) WebAuthn (biometrics like Touch ID or YubiKey) OAuth (Google, Facebook, Apple, GitHub, LinkedIn, BitBucket, GitLab, Twitter, Discord, Twitch, and Microsoft) Web 3.0 (Ethereum, Bitcoin, Polygon, Optimism, Arbitrum, Binance, Moonbeam, Algorand, Avalanche, Celo, Cosmos, Flow, Harmony, ICON, Polkadot, Near, Solana, Zilliqa, Fantom, Terra, Tezos, and Cronos)
The future product roadmap focus is on delivering Magic Connect. This will be a one-stop shop for delivering a seamless Web 3.0 experience with features like a unified wallet UX, secure transaction and wallet management, on-ramp and off-ramp payments, and multi-chain.
Market
Worldwide spending on cybersecurity is projected to reach $133.7 billion in 2022 [], and the average cost of a breach has skyrocketed to around $3.92 million as of 2019 []. The market for authentication platforms are numerous as identity and password security are large focuses for the continuing digital world. In comparison to the most relevant and competitive solutions, the biggest would be Auth0 for Web 2.0, Stytch for Web 2.5 companies, and Web3Auth for Web 3.0 companies. From a GTM perspective, Magic has primarily focused on only the Web 3.0 space. This has allowed them to grow to this point but there have been some key learnings. Blockchain technology companies at the moment are still limited in terms of MAUs which hampers their ability to sign deals. Moving forward, the three main segments Magic will focus on are partnerships, Web 2.0/2.5, and Web 3.0 companies. Phantom Wallet: 2M+ MAUs [] Competitors
Auth0 was acquired by Okta in 2021 for $6.5B. They are primarily focused on large enterprise and have focused on making Auth0 support as many identity providers as possible. Stytch is focused on relatively early stage companies and have just released Web3 logins for Ethereum and Solana and have upcoming releases for native mobile biometrics and push authentication. Web3Auth focuses on blockchains but only has 9 supported chains (Ethereum, Solana, Polygon, BNB, Avalanche, Arbitrum, Optimism, StarkEx, StarkNet) versus the 22 that Magic currently supports. Pricing
In terms of pricing, all offer utility-based pricing models.
Magic is free for up to 1,000 MAUs, after that up to 25,000 MAUs is $0.05/user. For Stytch up to 5000 MAUs is $0.10/user and >5,000 MAUs can receive volume discounts. For Auth0, they offer discounts on a sliding scale - $0.24/user for 1,000 users to $0.15/user for 10,000 users. Web3Auth is the cheapest upfront as it is also free up to 1,000 MAUs. Subsequent users are discounted on a sliding scale. Up to 2,500 is $0.031/user, up to 100,000 is $0.029/user, up to 200,000 is $0.023/user, and up to 500,000 is $0.015/user. In regards to pricing, Magic is significantly cheaper than Stytch and Auth0 while publicly Web3Auth is cheaper once you go beyond 1,000 MAUs.
Traction/Financials
Currently, Magic lists 23 public customers highlighted by Alchemy, Decrypt, Immutable X, Nifty’s, Polygon, and Zerion.
Reported customer traction:
20+ blockchains supported
See Balance Sheet for financial details.
Historical Funding
$27M Series A led by with participation from , , CoinFund, , , , , , , , , , , , , , , , , $4M Seed led by with participation from , , , , , , , , , and Current Round
Magic is looking to raise $XXM for its Series B round at a $XB valuation.
Terms include:
Milestones/Runway
Magic’s current burn rate is $XXXK/month. Information can be found in the Balance Sheet.
The fundraise will be used on:
Launch new products like Magic Connect [XX%] Achieving a $25M run rate [XX%] Investment Recommendation
My recommendation is to invest in Magic. Magic is leading the pack on creating the most cohesive solution for a secure and seamless Web 3.0 experience. Comparatively, it has the most comprehensive feature set in the market with the best pricing and can become the defacto identity solution for the blockchain revolution. With some of its future products, Magic could also look to crossover into the fintech space and provide identity solutions a la Plaid. This would grow Magic’s potential from being a unicorn to a decacorn.
Pros:
Rapidly growing pipeline (Nifty’s, XXX, etc.) Product has more authentication capabilities than other products in the market along with competitive pricing Strong investor appetite from Seed + Series A rounds Risks:
Lots of competition in the space including Auth0/Okta, Stytch, and Web3Auth. Lack of widespread crypto adoption Appendix