Stytch applies Plaid lessons
Reed McGinley-Stempel, CEO of Stytch, on authentication for AI agents
This detail matters because Stytch’s fraud product was shaped by people who had to think like adversaries before they became defenders. Plaid’s early product was not a clean bank API network, it was a reliability and evasion machine that logged into thousands of bank front ends, handled broken flows, and kept connections alive despite anti bot defenses. That experience maps directly onto modern agent detection, where the hard problem is spotting automated traffic that tries to look human.
-
Plaid won early by giving fintechs one simple API while hiding ugly bank by bank work underneath. Customers like Venmo, Cash App, and Robinhood did not want to build and maintain thousands of brittle bank connections themselves, so Plaid absorbed that operational burden and charged SaaS and usage based fees.
-
The important operational skill was not just scraping. It was learning how banks detect scripted traffic, where flows break, and how to recover when login pages change, prompts appear, or multi factor auth interrupts a session. Those are the same failure modes that show up in headless browsers, device farms, and agent traffic today.
-
This also explains why Stytch positions against Auth0, Clerk, and WorkOS as a broader identity plus risk layer. Auth tools handle login flows, but Stytch is trying to bundle login, device fingerprinting, agent identification, and anti evasion into one system because the threat model is now bound up with the auth flow itself.
Going forward, agent traffic will make more consumer and B2B apps face the same core problem Plaid faced with banks, deciding which automated actors are authorized, which are abusive, and how to tell the difference at scale. That pushes authentication vendors toward deeper fraud infrastructure, not just prettier login screens.