1. What type of encryption protocol it will use
- End-to-end encryption (E2EE)
2. OTP/push request should have timeout of 1 minute.
- Duo Push authentication attempts sent to your mobile device will expire after 60 seconds if you don't respond
https://help.duo.com/s/article/2185?language=en_US
3. Must not use default 443 SSL port.
- There is a option to change this:
https://duo.com/docs/dag-windows
4. What other banks are using.
- There are a number of Banks using Duo but I would not be able to give any stats. Case study: https://duo.com/use-cases/case-studies/level-one-bank
- It's important to understand why Duo:
• trusted users
• Verify your users’ identities with two-factor authentication.
• Enforce user access policies.
• Authentication methods to support every user.
• trusted devices
• Check the security health of all your users’ devices.
• Enforce device access policies.
• every application
• Secure access to any application - cloud, on-premises, or custom.
• Enforce application access policies.
5. What are the number of licenses and limitation.
- https://duo.com/pricing
6. Any limitation for software (minimum android/ios version it supports)
- https://help.duo.com/s/article/1872?language=en_US
7. Does it allowed on rooted/jailbroken devices
- Maybe the following link may help?
- https://duo.com/blog/jailbreak-detector-detector
8. Minimum Android / IOS version
- The URL under 6 should cover this.

Please rate the Post.