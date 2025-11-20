LOS ALTOS, Calif., Nov. 20, 2025 (GLOBE NEWSWIRE) -- Descope , the drag & drop external IAM platform, commissioned a survey of 416 individuals with technical and / or budgetary responsibility for Customer Identity and Access Management (CIAM) solutions. The State of Customer Identity study found organizations struggling with subpar authentication methods and legacy systems, but not being able to find the time or budget to move towards methods and systems better suited to their users. Readers interested in studying the complete survey report can download a copy here.

Notably, the study found that while 87% of organizations use password-based authentication for their customer-facing applications, only 2% felt it was the most effective method to balance security and user experience. The same theme of remorse came across in the solutions used to implement CIAM: while 51% of organizations use their existing workforce IAM to implement customer auth, only 8% would choose to do the same if they were to start from scratch.

These patchwork implementations end up affecting the bottom line, with 82% of survey respondents citing at least some negative business impact. Around 52% faced high costs related to auth support tickets, 37% delayed product launches due to identity-related development tasks, and 30% suffered user dropoffs due to complex onboarding.

“This study puts quantitative weight behind what we’ve been hearing from hundreds of organizations,” said Rishi Bhargava, co-founder of Descope. “Engineering and identity teams are trying to fit square pegs into round holes when it comes to customer identity. Maintaining homegrown or workforce-based solutions with overstretched development teams is a recipe for falling behind as user needs evolve, new product needs arise, or AI agents are added to the mix.”

Overstretched developers

The survey responses shed light on how organizations are tasking already overburdened developers with CIAM responsibilities without the required supporting systems in place, causing the business and security ramifications highlighted above.

51% of organizations task developers with minimal to no authentication experience to build and manage CIAM

Only 28% of organizations report having dedicated CIAM engineers

46% of organizations cite delaying identity-related projects due to competing product priorities



The true cost of open-source CIAM

Using open-source solutions to implement CIAM is a popular choice for flexibility and low surface-level costs, but survey results highlighted the ongoing cost of relying on open-source solutions.

50% of organizations using open-source CIAM faced revenue losses / user dropoffs due to strict authentication, compared to 26% of organizations that used commercial CIAM

51% of organizations using open-source CIAM experienced security incidents after implementing low-friction authentication, compared to 39% of organizations that used commercial CIAM

55% of organizations using open-source CIAM have cancelled or delayed CIAM upgrades due to competing product and engineering priorities



The importance of agentic identity controls

Most organizations are exploring the idea of adopting AI agents or MCP servers, but the need for identity guardrails are often stopping these projects from reaching full production. Security concerns about over-permissioned AI agents and lack of governance controls continue to rise.

88% of respondents are using or planning to use AI agents, but only 37% have progressed beyond pilot programs

57% of respondents are concerned about AI agents accessing unauthorized data or sharing data with unauthorized users

46% of respondents cite their engineering teams not having the required time or expertise to build and manage agentic identity systems



Readers interested in studying the complete survey report can download a copy here.

Methodology

The survey was commissioned by Descope and conducted by Dimensional Research. Independent sources of technology stakeholders were invited to participate in an online survey. A variety of questions were asked on current approaches and experiences with customer identities and authentication. Responses were captured between June 6 – 24, 2025. The survey was fielded in English. A total of 416 qualified individuals completed the survey. All had decision making responsibility (technical and/or budget) for Customer Identity and Access Management (CIAM) solutions at a company with more than 500 employees.

About Descope

Descope is a drag & drop platform to help organizations manage all their external identity journeys. Our no-code / low-code solution helps organizations create, modify, and secure authentication and authorization journeys for end users, business customers, partner applications, AI agents, and MCP servers. Hundreds of businesses use Descope to improve customer experience, prevent account takeover, and get a 360-degree view of their customer and agentic identities.

Media Contact

Erica Anderson

Offleash for Descope

descope@offleashpr.com