Microsoft is planning to launch an upgraded version of its AI-powered Recall system that will incorporate biometric authentication as an added layer of security. The enhancement will require users to enable Recall by scanning their fingerprints or faces, which ensures that only authorized users can access the tool.
The new feature comes in response to concerns from cybersecurity experts about the potential risks associated with Recall, which takes periodic snapshots of a user’s computer screen and provides an “explorable timeline” of past activity. When the product was first revealed this past spring it immediately prompted a backlash from security experts; now, Microsoft VP David Weston tells Bloomberg the company heard that feedback “loud and clear”.
To further address these security concerns, Microsoft has embedded additional privacy safeguards into the updated Recall system. Users will be able to filter specific applications or websites to exclude them from being recorded. By default, sensitive content filtering is also enabled, automatically screening for and protecting sensitive information like Social Security numbers and credit card details. Furthermore, private browsing sessions within supported applications will not be captured, enhancing the level of control users have over their data.
Another key security feature in the revised Recall is data encryption, which isolates the collected information on the user’s device. The data can only be decrypted with a biometric match, preventing access even if a device is compromised by malware or stolen. This encrypted storage model ensures that sensitive data remains secure on the device, inaccessible to anyone who lacks the proper biometric authentication.
Recall’s enhanced version also includes an automatic timeout function, which is set to deactivate the tool after 15 minutes of inactivity. This timeout can be adjusted according to user preferences, reducing the risk of unauthorized access if the device is left unattended. Users must manually opt-in to use Recall, aligning with Microsoft’s policy of shipping the tool in the “off” position on its AI-branded PCs.
The revised Recall system is slated for beta release this month, specifically for Microsoft’s new Copilot+ PCs running Windows 11. Unlike the consumer version, the business version will not come with Recall pre-installed, though organizations can download it if they wish to integrate it into their operations.
Source: Bloomberg
–
October 7, 2024 – by the ID Tech Editorial Team
Related News
Financial Services Needs Biometrics—and Expert Guidance, Report Suggests
HaystackID 3.0 Helps Organizations Improve Security Posture for Remote Workers
Anonybit Gives Clients More Control Over Decentralized Data Vault Access
Visa Brings Passkeys to Online Payments in Major FIDO Victory- Encryption Startup Niobium Raises $5.5M
RSA 2024: Incode Debuts Corporate Cybersecurity Solution
Follow Us