Latest News

Lush Transforms its Login Experience with Auth0

The Auth0 Identity Platform, a product unit within Okta, has been selected by Lush, the global cosmetics retailer, to provide a superior login experience for customers and staff interacting with the online brand. Auth0 will initially power the login experience for Lush’s new chat function and add website authentication, along with centralising its point-of-sale (PoS) system to simplify access to information throughout the organisation, while helping to ensure privacy.

When it comes to pursuing more ethical ways of doing business, Lush is no stranger to pushing the limits. Founded in the 1990s, its commitment to sustainable, cruelty-free production was initially an outlier in cosmetics, but the brand has influenced the direction of the industry as a whole. In the process, it has grown into a successful multinational business and operates in 47 countries with 937 global Lush shops.

Traditionally, Lush preferred to build its digital services in-house following its digital ethics code. However, when it restructured its digital business using a microservices architecture, the company found that its approach to authentication complicated its ability to protect customer data, which raised security concerns within the company. What’s more, the time taken for developers to maintain its internally-built authentication system strained innovation across other parts of the business.

“While we didn’t experience any major data leaks, our home-baked solution raised red flags for our internal data privacy team, and that posed a huge risk for us since we are a business built on ethics,” said Simon Ince, Lush’s creative technology and innovation lead. “During the development of a new customer chat function, we hit a roadblock with our existing authentication system. Time was not on our side, so we evaluated open standards as an alternative to building in-house. That’s when we discovered Auth0, and the problem was solved in thirty minutes.”

Following the success of the chat system, Lush evaluated Auth0’s solution for use across other parts of the business — including its website redesign and centralizing its global POS system — to create a more seamless, secure, and personalized end-user experience. With Auth0, just two developers were able to add authentication to Lush’s website without impacting Lush’s existing timeline or roadmap.

“When business and consumer needs rapidly evolve, and the security landscape becomes even more complex, maintaining in-house systems can be a difficult and time-consuming process — one that takes developers away from other, more pressing tasks,” said Steven Rees-Pullman, SVP International at Auth0. “Auth0’s identity platform enables Lush to refocus its development teams where they can bring the most value, while meeting the company’s ethical standards for data privacy and customer security.”