Duo security introduces hardware-level security, grows more than 400%

Image Enlarge
Duo Security founders Song and Oberheide.

Ann Arbor-based Duo Security, founded by alums Jon Oberheide (CSE PhD 2011) and Dug Song (CS BS 1997) is making waves in the business of mobile two-factor authentication. The company recently announced that the high level of security traditionally associated with hardware smart cards is now available on consumer mobile devices that use Duo’s two-factor authentication service. In a second announcement, the company reported record growth of more than 400% in 2012.

Duo Security’s products enable users to secure their logins and transactions when logging into remote computers or servers using their smartphones and Duo Security software in place of hardware tokens. The Duo Mobile smartphone application is free and available on all major smartphone platforms, including iPhone, Android, BlackBerry, and Windows Phone Duo security also supports older platforms and interoperates with hardware tokens.

Duo Push Enlarge
Duo has focused on easy, secure connections over smartphones

The company’s mobile app, commonly used for two-factor authentication in the enterprise, now leverages the hardware security module (HSM) embedded in the latest mobile devices to provide a secure, tamper-proof credential that cannot be copied or cloned. Duo takes advantage of the same hardware-backed technology present in modern Android devices that powers security-critical virtual wallet applications. Their new technology on these devices can provide a trusted platform for authentication, even in the face of privilege escalation vulnerabilities. By storing the user’s private key material in the tamperproof HSM, the credential can not be stolen or cloned by an attacker, even if the user’s mobile device has been fully compromised.

Founded in 2009, Duo Security has experienced explosive growth of more than 400% in 2012, and Song and Oberheide state that this is the result of the company’s success in expanding the two-factor authentication market beyond traditional buyers. Duo Security’s mission is to democratize two-factor authentication, making it easy and affordable for organizations of all sizes.

Also driving Duo’s success are three mega trends: (1) the recent and dramatic rise in data breaches and account takeovers, (2) enterprise acceptance of cloud services and (3) consumer adoption of mobile technologies. As a result, Duo’s customer base has grown over 50% per quarter over the last seven quarters.

In 2013, Duo looks to accelerate the growth of the two-factor market by democratizing enterprise-class security functionality. Duo plans to add advanced adaptive authentication and mobile security technologies to its core service, continuing its mission of bringing previously “enterprise-only” levels of security to every Internet user.