Ever since Apple introduced Touch ID in the iPhone 5s, the tech world has started, or re-started, to become obsessed with using our unique body features to implement security on our mobile devices. After all, fingerprints and irises are much more difficult to hack than alphanumeric passwords. Riding on that wave, Microsoft is announcing two new complementary security features coming in Windows 10. Windows Hello lets you use some body parts to greet and unlock your device while “Passport” can use that to authenticate you to apps and websites.
Windows Hello is Microsoft’s collective name for its upcoming biometric authentication system and includes not just the common fingerprint but also face recognition and even irises. What makes Hello more secure than passwords, according to Microsoft, is that there are no passwords to be hacked in the first place. The system uses both your unique body features plus the device’s own unique ID to act as the key to not only unlock a Windows 10 device but also to authenticate to apps, content, and even websites. And in the case of facial recognition, putting up a photo of your face won’t work either, as Hello also uses infrared light to make sure it’s a real, living face or iris and not just some simulacrum.
Windows Hello goes hand in hand with “Passport”, not yet the final name and just the codename for a new programming system that will be available to app developers as well as web managers. Like Hello, the point of Passport is to do away with passwords, which can be hacked on the remote server or intercepted en route. Passport requires users to prove that they have possession of the device, either through a PIN or through Windows Hello, and only then will Passport grant access to content. Passport, however, is not a magic wand that will automatically happen and developers will have to incorporate the system into their software or servers for it to work.
Microsoft assures that your biometric keys are stored securely only on the device itself and is never sent over the network to authenticate the user, which would be like sending a password over the wire, which defeats the purpose. Those keys are used to only authenticate with Hello and “Passport”, the latter of which does the rest of the work of authenticating the user to other services. The features are also completely optional and users can just keep on using passwords if they prefer.
That said, as fancy and convenient as it may sound, Windows Hello works by combining both hardware and software components, which means that not every Windows 10 device, especially those just upgrading to Window 8, will be able to support it. For fingerprint, devices will, of course, need a fingerprint scanner. For facial and iris recognition, Microsoft says that all Windows 10 devices that sport an Intel RealSense 3D Camera F200 will support Windows Hello.