Windows Hello, the standard security feature of Windows 10 that relies on face scanning technology among others isn’t as fool proof it seems. For a group of German security experts have devised a method to trick Windows Hello with printed photographs though those have to be clicked using infrared cameras and has to be that of the genuine user.
The security firm SYSS however said they pulled off the feat using older versions of Windows 10 and had managed to replicate the same using different devices from various manufacturers. Researchers at SYSS said they used their own Surface Pro 4 device running the Windows 10 Anniversary update that was launched last year.
What can be termed even more worrisome is the fact that the anti-spoofing feature that Windows Hello comes with has also proved to be futile in protecting the devices. In fact, SYSS also revealed the anti-spoofing feature that is a part of the Creators Update launched early this year or the one launched in October too can be tricked into believing a printed photograph as the real thing.
The latest Windows 10 Fall Creators Update too might not be enough to prevent hacking of Windows Hello, which is why the researchers have advised setting up facial recognition all over again. The anti-spoofing feature too should be enabled even though the same hasn’t proved to be much effective in older versions of the platform.
All said, what also has to be kept in mind is that the above has been attempted using pictures snapped by an IR camera, which makes it a lot less ordinary. While this proves Windows Hello can stand its ground against printout of picture taken using standard cameras, IR cameras isn’t something that is as widely available with the masses.
Also, while this is something that Microsoft sure will have to be wary of and protect against in future builds of Windows 10, worth mentioning is the recent incidence of a son managing to unlock his mother’s new iPhone X that comes with Face ID, something that Apple claims as the most advanced facial recognition system.
The facial scanning system on the Samsung Galaxy S8 too has proved to be hackable in the face of images taken using more ordinary cameras. Perhaps, companies need to do more to make facial scanners on their device a lot more secure.
Microsoft meanwhile is yet to comment on the entire development.