HomeWinBuzzer NewsSecurity Group Exposes Flaws in Windows Hello Fingerprint Authentication

Security Group Exposes Flaws in Windows Hello Fingerprint Authentication

A security group contracted by Microsoft has successfully bypassed the fingerprint authentication of several laptops


A security group contracted by has successfully bypassed the Windows Hello fingerprint of several laptops, including Microsoft's own hardware. Blackwell Intelligence, the team responsible for the breakthrough, presented their research at the Microsoft BlueHat security conference in October and recently detailed their methodology on their website. Their investigation targeted the “match on chip” fingerprint sensors of devices from industry leaders such as Dell, Lenovo, and Microsoft's Surface Pro.

Technical Infiltration Explained

The exploited sensors, produced by technology manufacturers Goodix, Synaptics, and ELAN, process and store fingerprint data on the sensor chip itself. The inherent design is intended to enhance security by restricting the biometric data within the chip, thus avoiding potential external compromises. Blackwell Intelligence leveraged reverse engineering to identify weaknesses in the sensors' operation. The team then crafted a USB device capable of performing a man-in-the-middle (MitM) attack, effectively allowing them to impersonate authorized user access.

The “match on chip” system that the targeted sensors use operates by retaining a database of fingerprint templates directly on the chip. This offers an added layer of security as the templates are authenticated at the hardware level, not on the host computer, where data could be more easily extracted by malicious parties. Despite this architecture, Blackwell's work exhibited that determined attackers can still intercept and manipulate the biometric verification process.

Recommendations and Effects

The researchers noted in their blog that two out of the three tested sensors did not have the Secure Device Connection Protocol (SDCP)—meant to establish a secure channel between the computer and fingerprint devices—activated. The group has urged sensor producers to enable SDCP and to undergo independent verification to ensure the protocol's effectiveness.

It took Blackwell approximately three months to breach these security measures, demonstrating both the complexity of the task and the potential for devices to be compromised when sufficient resources and expertise are applied. Their findings lead to a call for reinforced security efforts. With the research now public, the onus falls on Microsoft and sensor manufacturers to address the vulnerabilities disclosed by Blackwell Intelligence to fortify the security of biometric authentication systems.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News