Search for blog posts, documentation, or pages

While our two-factor authentication platform is authenticator-agnostic at its core, supporting a wide range of authenticators from our cutting-edge Duo Push technology all the way to legacy hardware tokens, it is clear that our general approach towards two-factor has focused around the use of a mobile device as a secondary authenticator. These powerful, flexible, and increasingly ubiquitous mobile computing devices allow us to tackle the challenges of secure and usable two-factor authentication in innovative ways.

However, the use of a consumer mobile device as a secondary authenticator is not without its risks. We pride ourselves on being experts in the mobile security space and I will be the first one to tell you that these mobile platforms are not infallible and suffer similar risks of compromise as other software systems.

For many of our customers, the benefits of using mobile devices as authenticators hugely outweigh the risks. Making two-factor technology usable and accessible to a diverse user base allows the application of two-factor authentication to places where previously it may have been too costly or complex to deploy.

Duo Security Scan (DSS)

At Duo, we’re making it our mission to ensure that you can trust the device you’re using for two-factor authentication. As a first step in this process, we’re happy to announce the launch of our Duo Security Scan (DSS) service!

The DSS service allows you to scan your mobile device for malicious threats and remove any applications that are suspected of being malicious. Even better, DSS is built in to our existing Duo Mobile application that you already use for your two-factor authentication!

DSS is available now as a technology preview for our enterprise customers. Additional features are forthcoming, including the ability to wrap authentication policy around DSS results.

For the rest of our users (and the general public), stay tuned as we have some even more exciting mobile security technology coming down the pipe for you!


Jon Oberheide
Co-Founder and CTO

Jon is the co-founder and CTO of Duo Security, responsible for leading product vision and the Duo Labs advanced research team. Before starting Duo, Jon was a self-loathing academic, completing his PhD at the University of Michigan in the realm of cloud security. In a prior life, Jon enjoyed offensive security research and generally hacking the planet. Jon was recently named to Forbes "30 under 30" list for his mobile security hijinks.


Free Guide

Ebook: A Modern Guide to Retail Data Risks

Avoiding Catastrophic Data Breaches in the Retail Industry


phishing (20)  two-factor-authentication (18)  security news (17)  healthcare security (16)  passwords (15)  weekly ink (13)  cloud security (11)  mobile security (10)  federal cybersecurity (10)  malware (10)  infosec-evolution (9)  duo mobile (8)  retail data breaches (8)  rsac2015 (8)  banking security (8)  financial data breach (7)  stolen-passwords (7)  data breaches (7)  2fa (6)  pci dss (6)  stolen credentials (6)  ooba (6)  financial institutions (6)  encryption (5)  atms (5)  healthit (5)  webinar (5)  remote access attacks (5)  healthcare cybersecurity (5)  remote access security (5)  platform edition (5)  ios security (5)  transaction-level 2fa (5)  rig exploit kit (4)  pos malware (4)  defcon-23 (4)  bank security (4)  vulnerability (4)  google (4)  retail data security (4)  blackhat 2015 (4)  data breach notification (4)  financial data security (4)  medical identity theft (4)  higher education (4)  hipaa (4)  endpoint security (4)  third-party security (4)  retail (4)  uk security (4)  2-factor-authentication (4)  security threats (4)  e-prescriptions (3)  media security (3)  defense in depth (3)  ffiec (3)  payment card breach (3)  health it (3)  out of band authentication (3)  law firm security (3)  ios (3)  retail data risks (3)  critical infrastructure security (3)  otp bypass (3)  ssl (3)  car security (3)  hipaa security rule (3)  home depot (3)  social engineering (3)  end-user authentication (3)  dyre trojan (3)  iot security (3)  outlook-web-app (3)  target (3)  anthem (3)  ehr (3)  strong-authentication (3)  defcon (3)  healthcare data breach (3)  retail ebook (3)  manufacturing security (3)  duo-security-summit (3)  security research (3)  byod (3)  two-factor (3)  twitter (3) 

Duo is hiring!

View our open positions

Subscribe to our Newsletter

Get product updates, interesting content, and invitations to online and live events.