While our two-factor authentication platform is authenticator-agnostic at its core, supporting a wide range of authenticators from our cutting-edge Duo Push technology all the way to legacy hardware tokens, it is clear that our general approach towards two-factor has focused around the use of a mobile device as a secondary authenticator. These powerful, flexible, and increasingly ubiquitous mobile computing devices allow us to tackle the challenges of secure and usable two-factor authentication in innovative ways.
However, the use of a consumer mobile device as a secondary authenticator is not without its risks. We pride ourselves on being experts in the mobile security space and I will be the first one to tell you that these mobile platforms are not infallible and suffer similar risks of compromise as other software systems.
For many of our customers, the benefits of using mobile devices as authenticators hugely outweigh the risks. Making two-factor technology usable and accessible to a diverse user base allows the application of two-factor authentication to places where previously it may have been too costly or complex to deploy.
Duo Security Scan (DSS)
At Duo, we’re making it our mission to ensure that you can trust the device you’re using for two-factor authentication. As a first step in this process, we’re happy to announce the launch of our Duo Security Scan (DSS) service!
The DSS service allows you to scan your mobile device for malicious threats and remove any applications that are suspected of being malicious. Even better, DSS is built in to our existing Duo Mobile application that you already use for your two-factor authentication!
DSS is available now as a technology preview for our enterprise customers. Additional features are forthcoming, including the ability to wrap authentication policy around DSS results.
For the rest of our users (and the general public), stay tuned as we have some even more exciting mobile security technology coming down the pipe for you!