Smartphones, laptops, even desktop computers use biometric authentication systems such as face scanning or fingerprint scanning. Microsoft’s Windows Hello
The login option called is also known as a face scanning system used to bring convenience and security together. But, according to the new study, Windows Hello, can be bypassed with fake USB camera device. Experts say that the situation may cause a security weakness, but this risk will not cause major problems, as claimed.
The process of security researchers at CyberArk shows that it is not easy to fool Windows Hello, or at least the facial recognition system. In theory, for Windows Hello to work, both RGB as well infrared needs a camera with a sensor. Experts have developed hardware that introduces itself to the computer as a USB camera with RGB and infrared sensors. This device contains the landscape data of the computer owner and sends this information to Windows Hello, enabling login. In addition, researchers after various tests only the data obtained from the infrared sensor also revealed that it was good enough to pass Windows Hello.
According to CyberArk, this vulnerability is Caused by Windows Hello seeing external devices as a source of information for biometric authentication. On the other hand, since every computer with Windows operating system does not have a standard camera, Microsoft does not seem to have many options other than to assume external cameras as information sources. CyberArk also stated that it is very difficult to exploit the mentioned vulnerability. For this reason, we can say that the risk is very low. Do not forget to share your betting intentions in the comments.