05 Apr Securing Apps using DUO 2 Factor Authentication Service
How we used Duo to help a client make its apps more secure.
Myworkdrive, an enterprise cloud file sharing service, was looking for a two-factor authentication platform implemented within their custom code that included Web, Native Windows, and Android and IOS mobile applications.
Because the solution had to work with a variety of client types, we needed centralized Rest API where each interface could connect to authenticate to DUO.
1. Conceptual Development
2. Our Approach
While Duo does provide a number of useful libraries for web-based applications, we had to design our own Rest API to support mobile and native Windows applications. The first step in the process was to create the rest web service API. Once this was completed and tested, we moved on to creating the authentication UI mechanism for both both the Windows and Mobile Applications.
3. Prototyping and Iteration
Once our APIs were completed, we updated the mobile applications to implement them. . Then we tested each function of the Duo two-factor authentication on iOS and Android devices, including two-factor authentication responses by phone call, SMS, and Duo app push. During this process, all bugs were fixed, and we were able to confirm functionality for each client and push out the solution.
After completion, we increased the security of the application by giving a second layer of authentication during the login process. By using Duo, we able to present this feature in a convenient user interface.