Biometric authentication is a key piece of the tech industry’s plans to make the world password-less. But a new method for duping Microsoft’s Windows Hello facial-recognition system shows that a little hardware fiddling can trick the system into unlocking when it shouldn’t.
Services like Apple’s FaceID have made facial-recognition authentication more commonplace in recent years, with Windows Hello driving adoption even farther. Apple only lets you use FaceID with the cameras embedded in recent iPhones and iPads, and it’s still not supported on Macs at all. But because Windows hardware is so diverse, Hello facial recognition works with an array of third-party webcams. Where some might see ease of adoption, though, researchers from the security firm CyberArk saw potential vulnerability.
That’s because you can’t trust any old webcam to offer robust protections in how it collects and transmits data. Windows Hello facial recognition works only with webcams that have an infrared sensor in addition to the regular RGB sensor. But the system, it turns out, doesn’t even look at RGB data. Which means that with one straight-on infrared image of a target’s face and one black frame, the researchers found that they could unlock the victim’s Windows Hello–protected device.
By manipulating a USB webcam to deliver an attacker-chosen image, the researchers could trick Windows Hello into thinking the device owner’s face was present and unlocking.
“We tried to find the weakest point in the facial recognition and what would be the most interesting from the attacker’s perspective, the most approachable option,” says Omer Tsarfati, a researcher at the security firm CyberArk. “We created a full map of the Windows Hello facial-recognition flow and saw that the most convenient for an attacker would be to pretend to be the camera, because the whole system is relying on this input.”
Microsoft calls the finding a “Windows Hello security feature bypass vulnerability” and released patches on Tuesday to address the issue. In addition, the company suggests that users enable “Windows Hello enhanced sign-in security,” which uses Microsoft’s “virtualization-based security” to encrypt Windows Hello face data and process it in a protected area of memory where it can’t be tampered with. The company did not respond to a request for comment from WIRED about the CyberArk findings.
Tsarfati, who will present the findings next month at the Black Hat security conference in Las Vegas, says that the CyberArk team chose to look at Windows Hello’s facial-recognition authentication, in particular, because there has already been a lot of research industrywide into PIN cracking and fingerprint-sensor spoofing. He adds that the team was drawn by the sizable Windows Hello user base. In May 2020, Microsoft said that the service had more than 150 million users. In December, the company added that 84.7 percent of Windows 10 users sign in with Windows Hello.
While it sounds simple—show the system two photos and you’re in—these Windows Hello bypasses wouldn’t be easy to carry out in practice. The hack requires that attackers have a good-quality infrared image of the target’s face and have physical access to their device. But the concept is significant as Microsoft continues to push Hello adoption with Windows 11. Hardware diversity among Windows devices and the sorry state of IoT security could combine to create other vulnerabilities in how Windows Hello accepts face data.
“A really motivated attacker could do those things,” says Tsarfati. “Microsoft was great to work with and produced mitigations, but the deeper problem itself about trust between the computer and the camera stays there.”
There are different ways to take and process images for facial recognition. Apple’s FaceID, for example, only works with the company’s proprietary TrueDepth camera arrays, an infrared camera combined with a number of other sensors. But Apple is in a position to control both hardware and software on its devices in a way that Microsoft is not for the Windows ecosystem. The Windows Hello Face setup information simply says “Sign-in with your PC’s infrared camera or an external infrared camera.”
Marc Rogers, a longtime biometric-sensor security researcher and vice president of cybersecurity at the digital identity management company Okta, says that Microsoft should make it very clear to users which third-party webcams are certified as offering robust protections for Windows Hello. Users can still decide whether they want to buy one of these products versus any old infrared webcam, but specific guidelines and recommendations would help people understand the options.
The CyberArk research fits into a broader category of hacks known as “downgrade attacks,” in which a device is tricked into relying on a less secure mode—like a malicious cell phone tower that forces your phone to use 3G mobile data, with its weaker defenses, instead of 4G. An attack that gets Windows Hello to accept static, prerecorded face data uses the same premise, and researchers have defeated Windows Hello’s facial recognition before getting the system to accept photos using different techniques. Rogers says it’s surprising that Microsoft didn’t anticipate the possibility of attacks against third-party cameras like the one CyberArk devised.
“Really, Microsoft should know better,” he says. “This attack pathway in general is one that we have known for a long time. I’m a bit disappointed that they aren’t more strict about what cameras they will trust.”