Microsoft‘s Offensive Research and Security Engineering (MORSE) asked Blackwing Intelligence to evaluate if there’s any bypass for Windows Hello fingerprint authentication. To our surprise, the evaluation yielded a 100% reliable bypass for Windows’ fingerprint authentication system.
The team used three laptops from different OEMs for the evaluation process — the Dell Inspiron 15, Lenovo ThinkPad T14, and the Microsoft Surface Pro Type Cover with Fingerprint ID.
Blackwing’s research uncovered multiple vulnerabilities in all three fingerprint sensors. It allowed the team to successfully bypass Windows Hello authentication on the tested laptops. However, the objective of the evaluation was to assess the security of the fingerprint sensors embedded by original equipment manufacturers (OEMs) for Windows Hello.
All the fingerprint sensors they targeted were of the “match on chip” (MoC) type. That means they had a microprocessor and storage built into the chip. It enables secure fingerprint matching within the sensor. However, despite the benefits of MoC sensors, Blackwing found loopholes that allowed them to exploit the communication between the sensor and the host.
Two out of the three devices didn’t even use the secure protocol that Microsoft has created for Windows Hello authentication
Microsoft implemented the Secure Device Connection Protocol (SDCP) to secure the connection between the host and fingerprint sensor. However, the researchers found that two out of the three OEMs didn’t even enable SDCP. “Unfortunately device manufacturers seem to misunderstand some of the objectives.” says researchers at Blackwing (via SamMobile) .
“Additionally, SDCP only covers a very narrow scope of a typical device’s operation, while most devices have a sizable attack surface exposed that is not covered by SDCP at all.”
The findings underscore the importance of rigorous security measures in biometric authentication solutions. Blackwing recommends vendors manufacturing biometric authentication solutions to enable SDCP. They emphasized its crucial role in providing a secure channel between the host and biometric devices.
The compromised fingerprint authentication raises questions about the broader security landscape. Nonetheless, it needs sincere attention to prevent potential threats.
The full extent of the impact on user security and the OEMs’ response to these findings remains to be seen as cybersecurity experts and manufacturers grapple with enhancing the security of fingerprint authentication methods.
Deepak Sen is a tech enthusiast who covers the latest technological innovations, from AI to consumer gadgets. His articles provide readers with a glimpse into the ever-evolving world of technology.
