Windows Hello face recognition spoofed with photographs

Holding a photo

“You are the password,” is the catchy marketing slogan Microsoft used to launch its Windows 10 Hello face authentication system in 2015.

Except, according to researchers at German company SySS, a more accurate description might be: “you are the password – and so is a photograph of you.”

As incredible as it sounds, the team found it could bypass Hello on multiple versions of Windows 10 simply be presenting a printed infrared (IR) photo of the system’s owner.

In the proof-of-concept demo, this was printed at 340 x 340 on a colour laser printer after adjusting the brightness and contrast, and simply held up to a Dell Latitude with a LilBit USB near-IR camera connected to it.

That’s the simple part of this vulnerability because the degree to which a specific Window PC is susceptible will depend on an interaction of three variables:

  1. The version of Windows 10 being used
  2. If Hello’s enhanced anti-spoofing is turned on
  3. whether the IR camera supports enhanced anti-spoofing

The researchers also had to tweak the image, using colour or a higher resolution depending on the configuration they tried it against.

The attack reportedly works against all versions of Windows that don’t have Hello’s enhanced anti-spoofing technology turned on (turning this on, which must be done manually, only works if the IR camera supports it.)

In other words, spoof-proofing your PC against photographs means using the most recent version of Windows 10 (1709 or at least 1703 from April), having a PC or camera whose hardware supports enhanced anti-spoofing, and making sure this is enabled and has been reset after its most recent upgrade.

One system that meets those requirements is Microsoft’s own Surface Pro 4 laptop… as long as it’s running the Windows 10 Fall Creators Update (1709) and the user has re-enrolled on Windows Hello.

A bit more detail can be found in the advisory although how the end user works out whether their camera is compatible with enhanced anti-spoofing isn’t clear because SySS didn’t test them all.

In truth, the vulnerability here is probably small under real-world conditions because it still requires a frontal shot of the computer user’s face. What it serves as is a useful reminder not to take a biometric security system’s claims as read.

At least Microsoft isn’t the only big name struggling with the whys and wherefores of facial authentication, as Apple found out in November when another pen-testing company managed to fool the iPhone X’s Face ID with a painted mask.

I expect that facial biometrics will one day be a very secure and reliable way to authenticate yourself. Right now it seems that mainstream deployments like Hello and Face ID are driving increased scrutiny and software companies are still ironing out the kinks and discovering edge cases.

If your face really is your password then, like any password, it’s better as one part of a two-factor authentication.