As the reserve-your-copy of Windows 10 notifications start to emerge, I was hoping to get more information about the Windows Hello Passport biometric authentication. The information I have is that Hello allows you to (optionally) log in to Windows 10 and also participating websites based on (existing) fingerprint scanners, iris or (new) 3d face biometrics. The facial recognition appears to be based on 3d IR cameras. The backend seems to be based on Fido consortium U2F (universal two factor) biometric standards (which is potentially good for privacy to the extent that the certificates for the U2F are locally generated and unique per site). Aside from my normal antipathy to biometrics, I wondered if anyone had seen more analysis of the privacy implications of this authentication, and whether the authentication could be backed by a PIN. Can it be repudiated, and how? Is it local to the machine, or can it be put on a dongle? Are there ways to remotely determine those biometrics, and can you tell that the same person is accessing a site from different devices? Does the website access need the pin as well, or what? Any information gratefully received.
I see it as a step towards complete user transparency where your biometrics are linked to your name, credit card, address and phone number. Windows 10 will claim to preserve your privacy etc but once biometric authentication becomes the norm, the rest will slowly creep in.
Yes, I fear it's the creeping end of a device you actually own, as opposed to be a glorified dumb terminal to their distributed mainframe. And it's worse than handing over your mobile number to provide biometrics (though nominally U2F handles the biometrics locally). @mirimir - U2F already does allow dongle-based website access without biometrics. The biometrics part is very suspicious because it's much worse than a dongle IMO, the readers are bigger and more expensive for example. I think it's much more about the agenda to get the "real" you, and probably, in the case of people like Paypal etc (or any financial institution), for them to be able to claim that it really was you in cases of fraud (even if false positives/negatives make it not very reliable).
Yes that is exactly how I see it and the pro biometrics people don't talk about what do you do when someone steals your biometric data. If someone steals your password you can change it, when someone steals your face scan data then what ? Plastic surgery ? You can be sure when biometrics becomes the norm, biometric stealing devices will be out there. Covert cameras that replicate the face scanner and store the data is all it would take. The adversary would then remove the face scanner from the computer and replace it with the device. The device sends its stored data to the computer to authenticate instead of performing the scan. You just got biohacked. IMO they are deceiving the public by selling it as a password free world, it doesn't do away with passwords, your face scan data becomes the password but unlike typed passwords your face is not a secret. I predict shortly after Windows ten machines are on sale, someone will take the face scanner out of a computer and rig up a portable face scan stealing device like the one I mentioned above. I don't think a whole lot has been said about all that but really the community should be concerned about the prospect of global corporations and governments imposing this on us without discussing the security implications.