Duo Security has made its two-factor authentication service available for use in consumer mobile devices. The move brings the high level of security associated with smart cards to the consumer market.
The authentication service uses the hardware security module (HSM) that’s embedded in a mobile phone as a place to store a user’s private key material. This creates a secure credential that can’t be tampered with, copied or cloned.
This form of authentication does require that the mobile phone be a device that supports HSM, which is found in newer Android devices. The service relies on Duo’s Push technology to supply the two-factor authentication.