[German]Microsoft’s Windows Hello authentication technology for Windows 10 isn’t foolproof. Two German security researcher has been able to successful bypass Windows Hello with a printout of an image.
Face recognition, which is integrated into Apple or Microsoft products, does not seem to be foolproof. Apple’s FaceID could be out tricked by twins or a special 3D-mask. Now it hits Microsoft, because Windows Hello was tricked out be security researchers. Windows Hello is a function for logging on to Windows 10 devices using fingerprint, face or iris recognition (see).
Spoofing attack against Hello
Within a research project, the IT security experts Matthias Deeg and Philipp Buchegger from German SySS GmbH have succeeded in tricking out the biometric authentication procedure Windows Hello Face Authentication with a spoofing attack. They are describing the attack, which allows an unauthorized access, within this blog post (German and English). The attack only requires a special paper printout with the face of an authorized person. The following prerequisites are specified:
- The face of the person was photographed frontal
- The photo of the person was taken in the near infrared range
- Brightness and contrast of the image have been changed (in a simple manner)
- The paper printout was created with a laser printer
According to both security researchers, such paper prints can be used to successfully circumvent Windows Hello Face Authentication. This has been achieved in different versions of Windows 10 with different hardware and software configurations. The table below shows the Windows 10 versions tested on a Dell Latitude with a LilBit USB Camera.
(Source: syss.de, click to zoom)
According to current knowledge, only the newer Windows 10 versions 1703 and 1709 with the “Enhanced Anti-Spoofing”functionality and corresponding hardware are not susceptible to the spoofing attack tested with a paper printout. The two security researchers intend to publish further results and details of their research project in Spring 2018. The following video demonstrates the attack.
Unsecure Password Manager app shipped with Windows 10