
Magic – Completes signup forms automatically, with just an email address - Killswitch
https://magicsignup.com
======
aresant
On the plus side

\- The convenience factor is compelling, like auto-complete.

\- As a v1 you can see the true magic in a seamless signup.

On the downside:

\- It does something unusual / unexpected / creepy.

\- It's too slow - noticeable lag vs. say the auto-suggest in search.

\- If accuracy is good why bother exposing that to the user? Intercom.io does
this all in the backend off of email only registrations and seems to have
about a 70% hit rate. The data is useful to business owner but I'd bet the
user would feel less enthusiastic knowing that I have their personal fb,
twitter, linkedin, etc as soon as they register.

I am sure that svbtle can show the A/B data validating this is worthwhile for
THEIR audience.

But I'm not sure for a broader use case this is going to help due to the
factors mentioned above.

~~~
tedmiston
> If accuracy is good why bother exposing that to the user?

That's a great point. A prior startup I worked at used a nice social referral
tool, whose name slips my mind right now, but their backend would
asynchronously pull Facebook, Twitter, etc. links for each of your customers.
It was really convenient and worked for 80-90% from what I recall.

~~~
blowski
Mailchimp does something like this.

------
gcr
Nice start, but perhaps Magic can also suggest the user's password by
searching for their email address in a database of known password leaks.

~~~
Killswitch
Best feature suggestion ever. But what would be cool is to do that, but
instead of pre-fill in their password, notify them that they are using a
password that is known to have been a previously leaked password of theirs.

~~~
CanSpice
I made something like that for Angular email textboxes:
[https://github.com/bradcavanagh/angular-
pwned](https://github.com/bradcavanagh/angular-pwned)

------
minimaxir
Presumably, they have some preexisting database that maps email addresses to
personal information. Their Privacy page, however, is not transparent _how_
exactly they got this data:

> Broadly speaking, we collect information in three ways: (1) when you provide
> it directly to us, (2) when we obtain information about you or your company
> through trusted third parties or indexing systems, and (3) passively through
> technology such as “cookies”.

This is a disconcerting use of "secret sauce," particularly since email
addresses have the same weight nowadays as usernames.

~~~
prezjordan
Maybe clearbit? Which you can opt out of here:
[https://claim.clearbit.com/claim](https://claim.clearbit.com/claim)

I did this a few weeks ago and magic signup does not work for my email
address.

~~~
xirdstl
Probably not. That clearbit form tells me that they don't have my email
address, but my information was pre-populated into Svbtle when I used that
same address.

~~~
burkaman
I got the same thing the first time, but I did it again and it sent me an
email to claim my account. Maybe their site got overwhelmed by HN requests?
Not sure what happened.

------
devit
Why would you use this instead of login with Facebook/Google/Twitter/etc.,
which only requires two clicks from most users and actually has better privacy
implication since the user knows which data you can access?

Or maybe the goal of the service is for web sites to surreptitiously get more
data from users who are otherwise unwilling to provide it, but are somehow
willing to provide an e-mail address tied to their real identity?

~~~
tedmiston
One advantage from the dev side is not having to deal with the OAuth
integration, Facebook permissions, tokens expiring, etc.

------
Raphmedia
It's pretty creepy that I can randomly enter email adresses and get first and
last names... !

~~~
listic
ok, how does that work: did all those people sign up with Magic?

~~~
gboudrias
Based on other comments, the info is bought off Clearbit. You can opt out
here: [https://claim.clearbit.com/claim](https://claim.clearbit.com/claim)

~~~
CaptSpify
That just kept re-directing me to enter my email. I was never able to opt-out

~~~
Raphmedia
It sends you a confirmation email. Inside this email is a link to your
profile. You can either add information (linkedin, facebook, angellist, etc.)
or delete your profile.

I deleted my profile.

~~~
CaptSpify
the "link to my profile" is just a link to the same submission form for
"claiming" my profile.

I filled that out, and got another link to the same place.

~~~
delbel
Welcome to Clearbit!

~~~
CaptSpify
heh, yeah. I'm pretty sure all that did was sign me up for more
spam/marketing-tracking. hooray

------
syntex
Actually this make me very angry that my private details exposed in such
creepy way, even if this is using some public APIs etc.

I would never sign up to service with such form.

------
tcfunk
So now I can find out the first and last name of the owner of whatever email I
punch in there?

~~~
georgestephanis
If it's the primary email on their account, you already can with Gravatar.

[https://en.gravatar.com/site/implement/profiles/](https://en.gravatar.com/site/implement/profiles/)

~~~
tcfunk
Only if they choose to supply that information to Gravatar in the first place.
Magic is not giving people the opt-in option, it's just opting you in whether
you like it or not.

------
Cyberdog
On the one hand, yes, I can see how this could improve sign-up rates for those
who are concerned about those things, and I count myself among that number
from time to time.

On the other hand… yeah, creepy as hell.

------
tedmiston
Say what you will about Dustin Curtis, but everything he makes is just so
nicely designed and enjoyable to use.

I'm curious about the pricing model: $20/mo for 2,000 requests. I wonder if
you still pay for the request if it returns a non 200 or if their API can't
find a name.

------
20years
Clearbit, Full Contact and Pipl all have email lookup APIs. My guess is they
are using one or more of these APIs.

------
acomjean
I have a fairly unique last name, which is in my email address.

So far two dead relatives that never really used the internet have been
"marketing matched" to my email address. So I get spam for my deceased
grandmother and uncle. Its a little jarring. I'm not sure what kind of
matching they do but clearly its not working.

Plus isn't the point of using a service being able to decide to match it with
twitter, Facebook or just not link to those things.

------
supernintendo
_Because it helps your users save time, Magic increases conversion rates and
makes the web easier to use._

Honestly, how much time do you really save by auto completing a couple of
fields? This seems like a solution in search of a problem.

Also, while I don't have the data to speak for other users, I personally don't
see myself paying for any service that presents my own personal information to
me before I even know what the fuck it is.

------
altern8
I don't get it :-/

I couldn't even try it because my browser's autocomplete automatically
completed all fields.

Doesn't everyone has autocomplete?

Also, it's pretty creepy.

~~~
aerovistae
No, I'm in the same boat. Chrome already does this for me, I couldn't tell if
anything different was happening.

------
shogun21
I suppose it's a good thing nothing came up when I entered my email?

I would be turned off from a website or service that prepopulated a lot of my
information without my consent.

------
blazespin
I wonder if a new way to do signups would be just an emailto: link that you
click and send. From there it automatically logs you in and sends you a
password.

~~~
hanniabu
This is what I was thinking as well, but not necessarily email you a password
because it's always some random crazy thing. More so remember the computer you
clicked the email link from and either keep you logged in or you can log in
with just your email from the computer you clicked the email link from. Sure
there could be some security risks with your phone being stolen or a snooping
SO, but most sites don't necessarily need to have that worry. For instance,
commenting platforms like disqus, reddit, or your favorite news platform, or
some site you'll probably only use once. With sites like this it doesn't
matter much of other people gain access to it. It's not like your social
platforms, LinkedIn, bank portal, government site, etc..

------
shinratdr
I have no problem with this, but it doesn't work very well for me.

Tried about eight of my email addresses. School and work ones did nothing, and
neither did my Outlook.com account, or Yahoo.com.

For Gmail addresses it just pulled the name from my Google+ account for the
one that had it, and failed on all the rest.

Not super impressive IMO. Especially considering all my email addresses are
some variation on firstname.lastname or flastname.

------
Happpy
Guess who is using lol@lol.com

------
king_magic
So, I guess it's cool now to overload app/service names? E.g.:
[https://getmagicnow.com](https://getmagicnow.com).

But more than that... "Because it helps your users save time, Magic increases
conversion rates and makes the web easier to use."

There's one heck of an unfounded/unvalidated assumption.

------
RubyPinch
Probably a way better way to increase "conversions" would be just to not have
a pain-in-the-ass login process.

oAuth/Persona, and then don't ask for anything else until its actually needed.

And now you have (for the logged-into-oauth-provider case) a 2 click login
system. It can not get easier than that

------
Grue3
Isn't there already a service called "Magic"?
[https://getmagicnow.com/](https://getmagicnow.com/)

------
swehner
So many site names could start with "magic"

~~~
Animats
Calling it "AnalProbe Data Collector" might have reduced sales.

------
nickhould
I don't understand what's the value of exposing this autofilled data to the
user. Why not just do it on the server-side?

~~~
tedmiston
Going out on a limb here, but what if this really a data training layer on top
of Clearbit? Maybe they sell the human validated data back to Clearbit or
downstream?

------
tallerholler
um chrome (and presumably other browsers) already remember all of my
information and autofill it...

~~~
drzaiusapelord
Except it works terribly.

I hate how I only get those prompts when the field matches whatever fields
Chrome thinks it should, yet many companies don't use these field ID's, so
Chrome sits there stupidly.

I would love the ability to teach Chrome that this is a form and yes these are
valid fields. Maybe somehow submit it to Google and have them update whatever
regex they use. I feel like it fails about 50% of the time.

~~~
meatcar
Im pretty sure theres a set of standard attributes you can set on fields to
make them autocompletable. I use this as a reference:
[https://wiki.whatwg.org/wiki/Autocomplete_Types](https://wiki.whatwg.org/wiki/Autocomplete_Types)

------
mikkelewis
What was the increase in conversions? Right now it's just hand wavy :)

------
mikeash
Their demo still requires a password. A little white lie?

------
drdeca
Is this related to that one concierge-like service?

------
ilyaeck
Not another Magic! Cool feature though :)

------
suyash
can anyone explain how they might be getting all that data from the email in
an automated fashion?

------
tadasZ
thats creepy, what if i don't want to be on that database :/

~~~
Xorlev
If it's coming from FullContact Person API, you can opt out here:
[https://www.fullcontact.com/privacy/](https://www.fullcontact.com/privacy/)

------
mmmeff
$20 for 2000 requests a month? HAHAHAHAHA no.

~~~
cosmie
As far as contact records go, that's not an unreasonable price, especially so
at such a low quantity.

