Microsoft wants to turn you into a walking password
What is it?
Microsoft’s new biometric-authentication technology, which lets you sign into Windows 10 using your eyes, face and fingers. It recognises unique physical characteristics, such as your iris pattern, fingerprints and facial features, thereby saving you from the tyranny of passwords. When you sign in, you’ll be greeted with a reassuring smiley face and a friendly ‘Hello’ (see image – Terry Myerson is Microsoft’s Executive Vice President of Operating Systems).
Will it mean the end of passwords?
Microsoft desperately hopes so. On its blog announcing Windows Hello (www.snipca.com/15972), Microsoft’s Joe Belfiore wrote that passwords “are easily hackable and even when complex they are not effective, but most of us want something easy to remember, so we either choose a simple password or end up noting it down somewhere, making it less secure”.
But will it really be safer than passwords?
So Microsoft insists, claiming that its security is so strong that “government, defense, financial, health care and other related organizations” will want to use it. Microsoft says that it’s secure enough to prevent hackers from signing in using a photo of your face, or by trying to impersonate you in other ways. This is doubly important because of Microsoft’s other biometric system, codenamed Passport.
Wait a minute - I’ll need a passport to use Windows Hello?
No. Passport is a system that extends biometrics to let you sign into websites, apps and online services. Once Windows Hello confirms your identity by scanning your fingerprint, iris or face, Passport will automatically sign you into any website, app or service you use. Microsoft insists this is safe because Passport doesn’t transmit images of your face or fingerprint online. But Passport’s success will depend on Microsoft persuading developers to integrate it into their products.
Can I try either system now?
You can try the fingerprint technology if your PC or Windows Phone has a sensor to read it. But you’ll have to wait for Windows 10 to arrive later this year to buy a computer that can recognise your eyes and face. These will come with Intel’s infrared RealSense 3D camera built in.
How does that work?
By using depth-sensing technology to track the location and position of objects. It captures unique features on your face in a wide range of lighting conditions (watch Microsoft’s demonstration at www.snipca.com/15997). But there is a drawback.
What’s that?
Computers with this camera are likely to be expensive. Thankfully, you won’t have to sign into Windows 10 this way – you’ll still be able to use passwords. Until prices for these computers fall, most people will continue to use passwords.
Are other companies building similar technology?
Yes, with many having joined the FIDO alliance (https://fidoalliance.org), a non-profit organisation whose mission is to “reduce the reliance on passwords to authenticate users”. Both Apple and Samsung already make phones with fingerprint sensors, while Google is working on a mobile-payment system that uses biometrics. Banks are pushing the technology even further. Last year, Barclays demonstrated a scanner that identifies individuals by recognising the pattern of veins in their fingers, and Halifax has trialled a system that measures a person’s heart rate. With so much innovation taking place in biometric technology, it’s clear that we’re rapidly heading into a password-less future.