Search for blog posts, documentation, or pages

While our two-factor authentication platform is authenticator-agnostic at its core, supporting a wide range of authenticators from our cutting-edge Duo Push technology all the way to legacy hardware tokens, it is clear that our general approach towards two-factor has focused around the use of a mobile device as a secondary authenticator. These powerful, flexible, and increasingly ubiquitous mobile computing devices allow us to tackle the challenges of secure and usable two-factor authentication in innovative ways.

However, the use of a consumer mobile device as a secondary authenticator is not without its risks. We pride ourselves on being experts in the mobile security space and I will be the first one to tell you that these mobile platforms are not infallible and suffer similar risks of compromise as other software systems.

For many of our customers, the benefits of using mobile devices as authenticators hugely outweigh the risks. Making two-factor technology usable and accessible to a diverse user base allows the application of two-factor authentication to places where previously it may have been too costly or complex to deploy.

Duo Security Scan (DSS)

At Duo, we’re making it our mission to ensure that you can trust the device you’re using for two-factor authentication. As a first step in this process, we’re happy to announce the launch of our Duo Security Scan (DSS) service!

The DSS service allows you to scan your mobile device for malicious threats and remove any applications that are suspected of being malicious. Even better, DSS is built in to our existing Duo Mobile application that you already use for your two-factor authentication!

DSS is available now as a technology preview for our enterprise customers. Additional features are forthcoming, including the ability to wrap authentication policy around DSS results.

For the rest of our users (and the general public), stay tuned as we have some even more exciting mobile security technology coming down the pipe for you!


Jon Oberheide
Co-Founder and CTO

Jon is the co-founder and CTO of Duo Security, responsible for leading product vision and the Duo Labs advanced research team. Before starting Duo, Jon was a self-loathing academic, completing his PhD at the University of Michigan in the realm of cloud security. In a prior life, Jon enjoyed offensive security research and generally hacking the planet. Jon was recently named to Forbes "30 under 30" list for his mobile security hijinks.


Free Guide

Two-Factor Authentication Evaluation Guide

This guide walks through some of the key areas of differentiation between two-factor authentication solutions and provides some concrete criteria for evaluating technologies and vendors.


phishing (17)  two-factor-authentication (15)  healthcare security (14)  passwords (13)  security news (12)  infosec-evolution (9)  malware (9)  cloud security (9)  rsac2015 (8)  weekly ink (8)  banking security (7)  duo mobile (7)  financial institutions (6)  financial data breach (6)  retail data breaches (6)  stolen-passwords (6)  ooba (6)  stolen credentials (5)  federal cybersecurity (5)  encryption (5)  webinar (5)  2fa (5)  atms (5)  transaction-level 2fa (5)  remote access security (4)  medical identity theft (4)  healthit (4)  healthcare cybersecurity (4)  vulnerability (4)  hipaa (4)  bank security (4)  data breach notification (4)  retail (4)  data breaches (4)  pos malware (4)  third-party security (4)  pci dss (4)  mobile security (4)  rig exploit kit (3)  anthem (3)  retail data security (3)  health it (3)  two-factor (3)  platform edition (3)  otp bypass (3)  media security (3)  critical infrastructure security (3)  defense in depth (3)  ssl (3)  uk security (3)  twitter (3)  remote access attacks (3)  manufacturing security (3)  retail ebook (3)  strong-authentication (3)  dyre trojan (3)  target (3)  home depot (3)  google (3)  e-prescriptions (3)  hipaa security rule (3)  iot security (3) 

Duo is hiring!

View our open positions

Subscribe to our Newsletter

Get product updates, interesting content, and invitations to online and live events.