What is Window Hello and what is the Windows 10 feature capable of? We take a closer look.
Typing in your password to log in to your PC is so last generation, at least that’s what Microsoft wants to introduce with Windows Hello. Logging into a computer without physically typing in a password certainly isn’t a new concept. However, the technology wasn’t always up to scratch. Fingerprint readers on past generation phones and laptops were often a hit and miss affair, and usually a pain for IT staff to manage and implement.
Microsoft though has taken a firm grasp of modern hardware and, through the use of specialised cameras and significantly better sensors, has introduced a feature called Hello into Windows 10. The idea is simple enough, Microsoft want to offer an alternative way of logging into your computer by, hopefully, ridding the world of the unsecure password. It’s a new security model that ensures not only a higher than normal level of protection, but also a far more personalised interface with your computer and its accompanying operating system.
Related: Windows 10 vs Windows 8
How Windows Hello works
Windows Hello is a part of the Microsoft Passport credentials technology, which encompasses a mixture of biometric authentication techniques – such as facial and iris recognition or fingerprints, and a more traditional PIN sign in method.
The Hello element, being the facial recognition part, stems from the work previously done with the Microsoft Kinect camera, that’s shipped with the Xbox 360 and Xbox One. By using your face as the password, as it were, the PC would be able to authenticate you along with any Microsoft services you’ll use and any secure websites you’ll visit that support the technology.
Users who have an Xbox One and the new Kinect can use the same technology to sign in to the system simply by looking at the Kinect camera, and Windows Hello is a natural evolution of that system for the PC.
Digging a little deeper in to the technology reveals that Windows Hello uses asymmetric key cryptography combined with the individual’s personal biometrics (face, fingerprints and even the iris) to transmit and authenticate a valid ID to the local machine and connected service. Asymmetric key cryptography isn’t a new technology, it’s found in many card readers and mobile devices to identify networks.
Unfortunately, before you start staring into your webcam, you’ll need the appropriate hardware in place. Windows Hello facial recognition and iris detection needs an Intel Realsense supported camera attached to your laptop or desktop, such as the Intel Realsense F200.
Related: Windows 10 vs Windows 7
The Realsense is an interesting piece of technology that uses three different cameras to pick up infrared, RGB Colour and 3D. This means that the software behind Hello can build up a 3D image of your face to use as the identifier for your login, and what’s more, even if you’re wearing makeup, growing a beard, or are trying to sign into the computer in a low-light environment, then the IR camera is able to pick up the subtle contours of your face, and your iris, to determine whether it’s actually you.
As we’ve established, Windows Hello facial and iris recognition technology won’t work with a conventional webcam, just the Intel Realsense technology. Therefore you’re going to first have to use a laptop, or if you can hold of one, of the developmental desktop cameras. In terms of laptops you have a number if choices, at the time of writing. There are several manufacturers that so far have products available that use Intel Realsense: the Lenovo ThinkPad Yoga 15, Lenovo ThinkPad E550, Dell Inspiron 15 5548, Asus N551JQ, Asus ROG G771JM, Asus X751LD, and an Acer Aspire V 17 Nitro. Some of these even include the fingerprint scanner.
There’s also a few All-in-One PCs with a Realsense camera built-in, such as the Lenovo B5030, Dell Inspiron 23” 7000, and the HP Sprout. And there are tablets soon to be released with a Realsense camera, although at present we don’t have any details on the models.
Providing you have the necessary requirements, all you need to do navigate to Start > Settings > Accounts > Sign-in Options and from there you’ll be able to start the Windows Hello wizard. The facial recognition side of things requires you stare at the camera for a set length of time, usually a few seconds, while it builds up a picture of your contours. For an added layer of security you can move your head around for a true 3D image, and if you wear glasses you can opt for images where you wear them and leave them off to further increase the recognition process.
How secure is Windows Hello?
A password can be hacked, leaked, cracked and forgotten, Windows Hello does eliminate that security flaw with the fingerprint and facial recognition technology, but just how secure is it? Generally speaking, starting from the point of view of the individual, Windows Hello uses a layer of security that you wouldn’t have available on your standard desktop or laptop. The fingerprint scanning element alone is a pretty secure factor for the individual, unless someone physically swipes your finger over the sensor, either with the rest of you present or not, they’re not going to gain access.
The facial recognition side of Windows Hello equation is even more secure, as it’s – according to sources – able to determine between you physically being present and a picture of you, and even if you’re one of a twin. Remarkably, The Australian (goo.gl/Y9Yfhm) recently experimented with Windows Hello using several sets of twins and were unable to fool Hello into thinking it was the same person logging in. At least your evil twin won’t be able to access your emails, then.
This is enterprise level security for the individual; easy to implement (given the right hardware) and extremely effective. From the point of view of the company, this could well improve mobile worker security and lost/stolen items with mission critical and sensitive data falling into the wrong hands.
There is another concern though that has arisen through the implementation of Windows Hello, and that’s one of privacy. Microsoft has had something of a rough time in recent months with reports in every corner of the internet over the privacy, or rather lack of, in Windows 10. These have been addressed in other sources, so we won’t go into too much detail here, however, the potential thought that your physical appearance and fingerprint data could be somehow leaked or simply ‘viewed’ by persons unknown, has some users questioning the effectiveness of Windows Hello.
We can’t comment too much on this at present, due to the absence of any real world data and thorough testing, but to quote Microsoft. “During set-up, Windows takes the data captured from the face or iris sensor or fingerprint reader and creates a representation that it encrypts and stores on your device. (This isn't an image; it's more like a graph.) The representation of you stays on your device. Windows never stores pictures or images of your face, iris or fingerprint on your device or anywhere else.”
And to conclude, with regards to what Windows Hello data is collected and what’s transmitted from your device, Microsoft state: “Your identification data – the representation of your face, iris or fingerprint that's created when you enrol – never leaves your device. To help us keep things working properly, to help detect and prevent fraud, and to continue to make improvements,
Microsoft collects usage data such as which method you used to sign in (face, iris, fingerprint or PIN), the number of times you signed in, and whether or not each sign-in was successful. This data is stripped of any information that could be used to specifically identify you, and it's encrypted before it's transmitted to Microsoft.” More information can be found at the Windows Hello privacy FAQ.
Is there anything out there like it?
At present there’s not a lot of facial recognition alternatives to Windows Hello, when you consider the entire logging on and single-sign on verification appeal of it. True enough, there are many good and worthy facial recognition and detection services and software available, such as Face++, BioID, and Betaface, but they’re not quite in the same ball park as that of Windows Hello.
The closest we have, to some degree, is the fingerprint and facial recognition elements built into our phones and tablets. While often a little unreliable in picking up either your fingerprint or face, the mobile world has led the way, and due to the hefty price tag of Windows Hello hardware it seems that this state of play will remain in such a way for some time to come.
Of course, that doesn’t mean some of you clever coders and technology enthusiasts out there can’t hook up a webcam and makeshift Raspberry Pi board to read a face and fingerprint; if you manage it, please let us know.
Should you be excited by Windows Hello?
Windows Hello is a bold gamble for Microsoft to push with Windows 10, and lay much emphasis on. One the one side it’s an excellent level of security that the PC hasn’t enjoyed yet, but on the other, there’s the expense and argument that it’s mostly unnecessary.
Consider the time line of Windows Hello too, where today it’s a breath of fresh air and the talk of the technology media, by the time the hardware is sold at acceptable prices it could very well have become yesterday’s news and won’t be picked up with as much enthusiasm as Microsoft hopes.
At present, although the security aspect can’t be faulted, Windows Hello seems more of a luxury item than something necessary. A bit like owning a Smart watch to some degree, just to save you dipping into your pocket to check a text.
Hopefully it’ll be fully adopted in time, the thought of sitting in front of a PC and it suddenly waking up and logging us in to our own accounts without any interaction from us sounds rather geek-y cool. Until the desktop hardware has caught up though, it’s difficult to predict the outcome.
Have you used Windows Hello on Windows 10? Let us know what you make of it in the comments section below