Windows Hello: Fingerprint authentication on PC has been bypassed

Windows Hello is designed to enhance the security of Windows PCs with fingerprint or facial recognition authentication. However, security researchers have managed to bypass the former on computers from Dell, Lenovo, and Microsoft.

A flaw to bypass Windows Hello with the fingerprint

Security researchers at Blackwing Intelligence have discovered multiple vulnerabilities in the three main fingerprint sensors built into laptops, widely used by businesses to secure PCs with Windows Hello’s fingerprint authentication.

Microsoft’s Offensive Research and Security Engineering (MORSE) service requested Blackwing Intelligence to assess the security of fingerprint sensors. The researchers presented their findings at Microsoft’s BlueHat conference. The team identified popular fingerprint sensors from Goodix, Synaptics, and ELAN as targets for their research. The process involves using a USB device capable of performing a man-in-the-middle (MitM) attack. Such an attack provides access to a stolen laptop or even an “evil maid” attack on an unmonitored device.

Blackwing Intelligence’s security researchers were able to understand how Windows Hello works, both at the software and hardware levels. They discovered flaws in the cryptographic implementation of custom TLS on the Synaptics sensor. The complex process of bypassing Windows Hello also involves decoding, and a fix is not certain.

Can we expect a fix from Microsoft? It’s uncertain.

The researchers point out, however, that Microsoft has done a good job with the Secure Device Connection Protocol (SDCP) “to provide a secure channel between the host and biometric devices, but unfortunately, device manufacturers seem to misunderstand some of the goals.”

See also  The “#” Symbol: Making a Hash Mark on Windows and Mac Keyboards

The researchers found that Microsoft’s SDCP protection was not enabled on two of the three devices they targeted (Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X). Blackwing Intelligence, therefore, recommends that manufacturers ensure that SDCP protection is enabled and that the implementation of the fingerprint sensor is verified by a qualified expert.

This isn’t the first time Windows Hello has been bypassed. It had already happened in 2021, involving an infrared image of a victim to spoof Windows Hello’s facial recognition feature, reimplementing proprietary protocols.

5/5 - (1 vote)

Mohamed SAKHRI

I am Mohamed SAKHRI, the creator and editor-in-chief of Tech To Geek, where I've demonstrated my passion for technology through extensive blogging. My expertise spans various operating systems, including Windows, Linux, macOS, and Android, with a focus on providing practical and valuable guides. Additionally, I delve into WordPress-related subjects. You can find more about me on my Linkedin!, Twitter!, Reddit

Leave a Comment