The security of facial recognition systems has always been important, but since Apple introduced Face ID with the iPhone X there has been more interest in how secure the technologies are than ever before.

One of those technologies, Microsoft’s Windows Hello, appears to be susceptible to being duped by the use of nothing more than a photo, according to a new report by ZDNet.

According to the article, German firm SYSS has been able to defeat Windows Hello on Windows 10 machines in a variety of situations, some of them including when the systems are fully updated.

SYSS tested multiple computers, including Microsoft’s own Surface Pro 4 running last year’s Windows 10 Anniversary Update and found that it was able to unlock the device using a photograph taken by an infrared camera. Microsoft’s anti-spoofing feature, which may have been expected to protect against this, may not do so depending on the configuration in use, according to the report.

Some laptops simply do not support it, and anyone who activated the feature after configuring their computer for Windows Hello may find that it does not behave as expected. As a result, users are recommended to re-configure Windows Hello after enabling the anti-spoofing feature. This also applies to the Windows 10 Fall Creators Update, which is supposed to fix this specific exploit.

It is, of course, important to note that this will only be an issue if someone has a printed photo that was taken with an infrared camera, something that is unlikely to happen in most instances. Still, it’s another reminder that we are still in the early days of secure facial recognition, and for now at least, it may not be as secure as we would like, for the most part.

(Source: SySS Pentest TV [YouTube], ZDNet)

You may also like to check out:

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the Web.

Related Stories