Back in the early 1990s, I was working as a network administrator for a large insurance company. The company prided itself on using cutting-edge technology, so even as early as 1993, the company experimented with biometric authentication in the form of fingerprint recognition.
Rather than equipping every PC in the entire company, the company started with a small-scale pilot deployment. The company purchased a few fingerprint readers and began enrolling members of the IT staff for fingerprint-based authentication.
As you have probably already guessed, I was among the chosen few to receive a fingerprint reader. Once the device was set up, I held my finger to the reader and was logged into the PC without ever having to enter a password. I called a couple of friends who worked in other departments and invited them to my office so that I could show them the new tech. Much to my surprise, one of my friends placed his finger on the reader and was logged into my PC as me. Concerned, I had a few other people to try using their fingerprint to log in. To make a long story short, about half of the people who tried to log in were misidentified and authenticated into my account.
The reason why the fingerprint recognition worked so poorly is that the software did not examine each person’s entire fingerprint. Instead, it looked at six or eight individual points within the fingerprint. Those points ended up being way too easy to match. The only way that the technique used by the software could have been effective would have been for the software to examine a lot more data points within the fingerprint.
Obviously, that was a long time ago, and technology has improved a lot in the 25 years that have passed. Even so, I have to confess that my experience so long ago really turned me off to biometric authentication. Every time that I hear about a new biometric authentication technology, I find myself instantly dismissing it, without really giving it a fair chance.
Facial recognition moves the needle
Much more recently, Microsoft began building facial-recognition technology into Windows 10 for the purposes of biometric authentication. To use facial recognition, your PC has to be equipped with a special 3D camera. I have a Microsoft Surface Book 2 device that has such a camera. As such, I decided to try out facial recognition to see if it works any better than the fingerprint readers from so long ago.
Technology aside, there is one big difference between today’s facial recognition software and the fingerprint recognition software from the 1990s. Back then, fingerprint recognition-based authentication was a novelty. It was something new to try and was probably more of a toy than a legitimate security product. Today, however, biometric authentication is poised to replace passwords. In recent years, passwords have become largely ineffective as an authentication tool because they can be compromised in so many different ways. Biometric authentication, on the other hand, would be much more difficult to spoof — assuming that the authentication engine works the way that it is supposed to.
So let’s take a look at how biometric authentication works in Windows 10. Enabling facial recognition in Windows 10 is surprisingly easy to do. Microsoft exposes its facial recognition engine through Windows Hello. To enable facial recognition, go to Settings, and then go to Accounts. Once the Accounts screen is displayed, click on the sign-In options link, found on the left side of the screen. When you do, you will be taken to the Sign In Options screen, shown below.
The sign-in options screen allows you to configure a variety of settings that fall under the Windows Hello umbrella. There is a setting to control when sign-in is required, as well as settings to change your password, change your PIN, use a picture password, and even enable dynamic lock. Of course, the setting that is of the most interest at the moment is the facial recognition setting, so go ahead and click the Facial Recognition Setup button.
At this point, Windows will display an introductory screen for Windows Hello. You don’t have to do anything on this screen, so go ahead and click on the Get Started button. Upon doing so, you may be prompted to enter your PIN or password, depending on how your computer is configured.
Now, Windows will turn on your camera and will display your face inside of a grid. You don’t actually have to do anything during this process other than to look at the camera. Once the image capture is complete, you will see a message indicating that if you wore glasses during the facial recognition, then it is a good idea to click the Improve Recognition button and have your image captured again without the glasses. Incidentally, you always have the option of improving recognition later on.
After enabling facial recognition on my Surface Book 2 device, I decided to spend a bit of time seeing if I could fool it. In doing so, I tried everything that I could think of. For example, I held the device up to a picture of myself, and I also had a few other people (and even one of my pets) to look at the camera to see if I could get a false positive. Nothing that I did resulted in someone other than myself gaining access to the PC.
Conversely, I tried doing a few things to see if I could keep Windows from recognizing me. I tried putting on hats, glasses, and things like that. Even so, Windows was able to recognize me. The only accessory that caused Windows not to recognize me was my scuba mask. That’s OK, though. I’m not planning on taking my Surface Book 2 along on my next dive.
Biometric authentication: Big advances
It is absolutely amazing what a difference a couple of decades can make when it comes to technology. Although my tests were not scientific, I found Windows 10’s facial recognition to be both accurate and reliable. In case you are wondering though if for whatever reason Windows is not able to recognize you, you can always use a PIN to log into the system.
Photo credit: Shutterstock