Kiva Eliminates 22,000 Lines of Legacy Code by Implementing Auth0
Auth0 Rules, MFA used to free up engineering resources
More than 1.7 billion people around the world are unbanked and can’t access the financial services they need. Kiva is an international nonprofit, founded in 2005 in San Francisco, with a mission to expand financial access to help underserved communities thrive.
Crowdfunding startup Kiva allows lenders to provide direct assistance to those in need — around the globe. Through the non-profit’s work, students can pay for tuition, farmers are able to invest in equipment, and families can afford needed emergency care — in total, over $1 billion in loans have been facilitated to people globally, many of them women who are the main providers for their families.
“Kiva started with the notion of connecting people through lending to help alleviate poverty around the world,” says Van Mittal-Henkle, Principal Software Engineer at Kiva. "And that basic idea of people having the ability and the interest to put in a little bit of their money to help somebody else in another part of the world has been the cornerstone of what Kiva has done over the years."
Choosing Auth0 to Save Resources, Maintain Trust With Kiva Users
Before Auth0, Kiva was working with an identity solution built in-house that relied on basic username/password authentication and Facebook integration. Due to a growing number of campaigns and loans putting pressure on their “monolithic codebase,” Mittal-Henkle and his team wanted to rearchitect using a microservices approach. And they knew they also needed standalone authentication for future growth.
“The question was, do we want to spend the time and resources to build that ourselves, or do we want to find a solution that will meet our needs without having to expend the engineering resources?” says Mittal-Henkle. "And that's where Auth0 came in. They provided us with a platform that enabled us to rearchitect our system without spending the time and resources to build it ourselves."
The Kiva team recognized they were not just dealing with a need to enhance their authentication system, but also to maintain and continue building the trust of their customers.
“Having a secure authentication system that [customers] can feel confident in, that’s not going to be susceptible to being hacked or compromised — especially these days with so much of that in the news — is really important so that people know that their trust in us is well-founded," says Mittal-Henkle. “Having all of the resources and effort from Auth0 going into making sure that that's the case is really important to us. It's a big win because we have a relatively small team, so we don't have the resources to devote to doing that job in the same way that a company like Auth0 can ensure that the job is well done.”
Auth0 Eliminates 22,000 Lines of Code for Kiva, Frees Up Engineering Resources
Kiva implemented Auth0 using an iterative approach. First, rolling it out with internal users, then to a site for B2B partners, and finally to their lender user base.
“The main challenges that we faced in our implementation are really dealing with our own legacy code and integrating it with the code that we already have. The functionality that we've been able to take advantage of with Auth0 has been very easy to use,” says Mittal-Henkle. “Working through our implementation, we found that the Rules capability that Auth0 provides has allowed us to implement our sign on flow in a straightforward way, so we're really pleased with that.”
Ultimately, the time and resources saved means Kiva can focus their efforts on core business responsibilities. With an objective to expand the scope of lenders, they are working to grow their user base via a larger presence in the mobile space.
“Having our developers being able to spend time on our core business domain rather than having to spend time on more generic concerns like identity and login is a big thing that is important to us,” says Mittal-Henkle. “By implementing our login using Auth0, we've been able to eliminate over 22,000 lines of code that our engineers no longer have to maintain, and also set ourselves up to do our mobile implementation. We have also been able to take advantage of additional advanced security features like multi-factor authentication, which by leveraging Auth0, means we no longer need to dedicate a [senior] engineer to exploring and building these solutions in-house.”
Curious How Your Organization Can Benefit From Auth0?
Learn how our customers are saving time and reducing costs by reading The Total Economic Impact of Auth0 by Forrester Consulting.
Auth0 provides a platform to authenticate, authorize, and secure access for applications, devices, and users. Security and development teams rely on Auth0's simplicity, extensibility, and expertise to make identity work for everyone. Safeguarding more than 4.5 billion login transactions each month, Auth0 secures identities so innovators can innovate, and empowers global enterprises to deliver trusted, superior digital experiences to their customers around the world.