Pricing
Start integrating now and launch your product for free.
Use Cotter for free — forever
No credit card required, no trial period. Start integrating now and launch for free.
Use Cotter for Free
Passwordless Login using the FIDO Protocol
Unlimited Authentication Requests
OAuth 2.0 Token Management
Up to 1500 users
All Features are Free until July 31

Get all the available features with up to 10,000 users for free until July 31, 2020. Standard SMS & WhatsApp rates apply.

Flexible, Scalable Plans
Unlock more features and get more visibility about your users and their login activity.

Need more than 100,000 users? Contact our team for a custom pricing plan.

Features
Launch
Grow
Scale
$30/month
$100/month
$500/month
Best for MVPs and new websites or apps.
Best for Startups and Businesses.
Best for Larger Startups and Companies.

Authentication Requests

Unlimited

Unlimited

Unlimited

Users

1,500

10,000

100,000

Overages per user per month

$0.012

$0.01

$0.008

Passwordless Login using the FIDO protocol

OAuth 2.0 Tokens

Email Verification

SMS Verification *SMS Rates Apply

WhatsApp Verification *WhatsApp Rates Apply

How many users do you have?
Pricing estimate for monthly subscriptions.
0 users
Free Plan
$0/month estimate

Get Started

Start integrating quickly with our Getting Started Guides.
FAQ
Can I use Cotter for free?
Yes! Cotter is free to use forever on your website or apps. You can have unlimited authentication requests and up to 1,500 users. The features that are available on the free plan are the Passwordless Login using the FIDO Protocol (and WebAuthn — coming soon).
How do you count the number of users?

To use Cotter, you need to register a user ID or your user's email or phone number. Each unique user ID, email, and phone number counts as 1 unique user. You might have a user ID that also has a verified email. To avoid duplicate counting between a user ID and their email, you should associate the user's ID with their email and phone numbers when registering the user to Cotter.

How does Cotter's Passwordless Login work?

Cotter follows the FIDO Protocol to enable Passwordless Login. Cotter's SDK will generate a public and private key inside the user's phone, store the private key in the device's secure storage, and send the public key to Cotter's server.

To login, Cotter's SDK will use the private key to sign a challenge and send the challenge to Cotter. Cotter will then verify the challenge with the user's public key.

How does Cotter's Passwordless Login work with a website?

If you have a website and an app:
When a user login to your website, Cotter will show a prompt asking the user to approve the login from their device. Cotter will then send a push notification to your app and ask the user to "Approve" or "Deny" the login request. If approved, the user will be logged in to your website.

If you only have a website:
Since there is no app to approve logins, you can use Cotter's Web SDK to authenticate users by sending a Magic Link or a One-Time Password to your user's email or phone number. The Web SDK automatically handles sending the code or link and verifying it, you only need to embed the form. (Soon, you can use WebAuthn to log in users using biometrics straight from the browser)

I have more than 100,000 users, can I use Cotter?
What languages do you support?
Cotter's Web SDK is available in JavaScript and can be used on websites build on React and other JS frameworks. Cotter's Mobile SDK is available in Android, iOS, and React Native. Support for Flutter and Unity is coming soon.
How is Cotter better than SMS OTP?

Cotter doesn't rely on SMS to authenticate users because SMS OTP is susceptible to social engineering such as scamming and SIM jacking which leads to account takeovers. On top of that, sending SMS on every login request is expensive, and the SMS delivery rate is always an issue and may block users from accessing their accounts.

Cotter relies on the user's device to authenticate users. This means that an attacker would need to have the user's physical device and being able to open the device to access a user's account.

What happens when I lose my device?

Cotter provides several recovery methods that you can choose based on your required security level.

Option 1: Fallback to email or SMS OTP
If you enable this feature, your users can choose to authenticate with a verification code instead of approving logins from a trusted device. The user then will have the option to trust their current device and will be able to log in automatically from that device.‍

Option 2: Revoke devices and manually enroll from the dashboard
Users should contact your team to report that they lost their device. If your team has verified the user and ready to grant access to the user's device, you can access the dashboard to revoke all currently registered devices and allow the user to trust their current device to be able to log in automatically afterward.

Ready to get started?

Create a free account and start integrating in just a few minutes.