Security researchers have bypassed Windows Hello fingerprint authentication. These researchers are from Blackwing Intelligence. And before you ask, they didn’t conduct the test on only one laptop. Instead, the bypass worked on Dell, Microsoft, and Lenovo laptops.
The researchers who have cracked Windows Hello fingerprint authentication used a USB device. This device can deploy a MitM attack. For those wondering, MitM stands for man-in-the-middle.
Microsoft’s Offensive Research and Security Engineering team tasked these researchers with finding exploits. And the team disclosed their findings in October at Microsoft’s BlueHat conference.
More About the Windows Hello Fingerprint Authentication Vulnerability
As per the report, a MitM attack can bypass Windows Hello fingerprint authentication. The research report further highlights that the technique can grant bad actors access. This means any attacker using MitM can gain access to unattended or stolen laptops. Of course, the fingerprint authentication needs to be on for the exploit to work.
If you’re wondering, it’s not like the research considered old devices. The researchers performed the Windows Hello vulnerability test on the following:
- Lenovo ThinkPad T14
- Dell Inspiron 15
- Microsoft Surface Pro X
The researchers discovered the security vulnerability of Windows Hello in a custom TLS. This vulnerability is on the Synaptics sensor. They reserve engineered the hardware and software on these devices. And it’s not the Synaptics sensor that they researched. The center of the research also included ELAN and Goodix.
At this point, it’s unclear what Microsoft plans to do on this Windows Hello vulnerability. Though, researchers noted that they were able to bypass without the SDCP protection enabled. Now, what is SDCP protection?
SDCP stands for Secure Device Connection Protocol. It offers secure biometrics through fingerprint sensors. The protocol ensures the following:
- The device is trusted
- It is in a healthy state
- The input from the device is protected
So, for safety, the researchers recommended users keep SDCP protection on all the time. It will help to prevent easy attacks and hackers from bypassing Windows Hello. Also, the researchers have urged OEMs to ensure that SDCP is on. They have also recommended that qualified experts audit the fingerprint sensors.
What Does This Mean
Fingerprint logins are very popular now. Even a lot of Windows users have stopped relying on PIN codes only. To be exact, Microsoft revealed that more than 85% of users are using Windows Hello. And Microsoft didn’t consider a simple PIN for this statistic. Also, this statistic is three years old now. So, it’s likely more than 85% at the current stage.
But such vulnerability in Windows Hello makes the passwordless future a little alarming. Now, you may argue that researchers were able to bypass using a sophisticated attack. Well, you don’t know whether hackers are already using the same technique out in the wild.
The good news is that we’re already seeing a push from the major companies. Microsoft has become more intentional in this drive. Its most recent move allowed Windows 11 users to use passkeys. Windows Hello also lets users manage their passkeys on saved devices. Also, it’s easy to delete a passkey through the Settings app.
We have seen a similar approach from Google. It has been encouraging users to use passkeys. And in comparison, passkeys are more secure than fingerprints. For those unaware, your device stores the passkeys. Hackers can’t guess these keys, nor can they reuse them. So, when you enable passkeys through Windows Hello, they remain in your Windows device. You can learn more about passkeys on this link.
Blackwing Intelligence is also exploring other security exploits at the moment. These cover sensor firmware and security on Android, Linux, and Apple devices. You can read their report on Windows Hello in this link.
