Simple to Scale: Duo Security Uses Android Hardware for Its Own Hack-Resistance
Duo Security has launched a new two-factor authentication service for Android devices that ships with a hardware security module, or HSM, under the hood.
The security firm says that one in two Android phones is susceptible to privilege escalation, a type of exploit that relies on unlatched vulnerabilities in the operating system to access protected system resources. Duo’s technology thwarts this kind of attack by storing user credentials on the HSM, which is out of reach for any hacker “even if the user’s mobile device has been fully compromised.”
“By leveraging the unique hardware security capabilities of modern Android devices, our Duo Push technology is not only the most user-friendly two-factor authentication in the market, but also the most secure,” says Dug Song, CEO of Duo Security. “Duo continues to lead and innovate in mobilesecurity to ensure consumer mobile devices can act as trusted authenticators in the modern enterprise.”
The Ann Harbor, Michigan-based developer saw demand for its two-factor authentication software quadruple in the past year. Duo Security credits this explosive growth to the simplicity of its platform: authentication has traditionally been hard to implement on a large scale, a fact of life that made it too costly for many organizations.
Duo Security disrupted the market with “patent-patent methods” that solve this issue, and quickly caught the attention of CIOs everywhere. The company’s software is leveraged by three of the top five global social networks, as well as Bechtel, Toyota, PwC, Thomson Reuters, Etsy, Duke University and a long list of unspecified SMBs.
Security is a big deal because the bad guys are getting more sophisticated by the day. Unique methods are required to outsmart the rapid evolution of hacker mentality, and that means Duo Security must truly differentiate itself in the market.
“There are no other authentication vendors employing this hardware-backed security on consumer/commodity mobile devices,” says Jon Oberheide, CTO and co-founder at Duo Security. “Other methods in the market require custom handsets or specialized firmwares that aren’t feasible for broad end-user deployment (eg. restricted to fedgov, high-security environments).”
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
