Body
This article will describe what information is collected by the Duo Mobile application.
Detailed Information
-
UMS:IT aims to be 100% transparent regarding what information is captured and visible to UMS:IT Staff when the Duo Mobile Application is installed on a client’s personal smart device.
-
The sole purpose of installing the Duo Mobile application is to provide a second method of authentication for UMS systems.
-
This application DOES collect other information, purely for the purpose of providing assurance that the smart device is also secure.
- Installing Duo on your smart device also allows UMS:IT to see the following information:
- Smart device model
- Smart device OS version and Patch version
- Duo Mobile application version
- Public Internet Protocol (IP) address responding to a Push authentication request
-
This information may be used by UMS:IT in the event of a cyber-security incident to assist in validating whether the phone was a reliable and trustworthy second method of authentication.
-
The Duo Mobile Application cannot see your user data like your contacts, it cannot read your text messages, it cannot read your browsing history, it cannot access your photos (but it can use your camera to scan a QR code if you explicitly allow that permission), it cannot access your files, it cannot erase your device, it cannot see information about other applications on your device.
-
Duo Mobile cannot track your location. In general, the only personal data that Duo Mobile knows about you are the service accounts that you explicitly add to Duo Mobile. However, Duo does not track any personal data about these accounts — only the name of the service.
-
Installing the Duo Mobile application does not allow UMS:IT to manage your mobile device in any shape or form.
- Installing the Duo Mobile application MAY give UMS:IT visibility to the phone number of the mobile phone.
- UMS:IT will not share this with anyone. This number is purely used as a unique identifier for the device, which individual clients use for MFA.
The Duo enrollment process will only collect a phone number when the "phone" device type is selected during device enrollment. UMS:IT recommends that you select "tablet" as the device type for all smart devices to not be prompted for to enter a phone number.
-
Details regarding the Android specific permissions can be found at this Duo support article.
-
Details regarding the IOS (iPhone) specific permissions can be found at this Duo support article.
-
The Duo Mobile application will also ask you whether you wish to share Application usage information with the creator of the Duo product. This information is not shared with UMS:IT, and individuals are welcome to select either option.
- Cisco acquired the Duo mobile security suite and it is now part of Cisco’s broad range of enterprise security products.
-
For all UMS account holders enrolling in MFA, the Duo Mobile Application provides the best user experience for multi-factor authentication and while other options exist, this is the method primarily recommended by UMS:IT.
-
If you have any questions or concerns please contact the UMS:IT Help Desk.
Environment
- Duo Mobile Application
- Multi-factor Authentication