Apple’s iPhone isn’t always a good pairing for Microsoft’s Windows 10 PCs, but you’ll be able to use the phone’s biometric authentication features to log into PCs.
Microsoft wants to kill passwords with Windows Hello, a technology that allows users to log into PCs by fingerprint, face, iris. or pattern detection. Beyond Windows 10 devices, the feature is also coming to devices, accessories, and apps that support Windows Hello.
Apple’s iPhone will be able to use such an accessory or app to log in to Windows 10. At its Ignite conference this week, Microsoft said iPhone owners can use specific RSA SecurID authenticator tools on their devices to unlock Windows 10 PCs.
RSA uses gesture detection on the iPhone to log a user into Windows 10. On a trusted wireless network, the iPhone’s RSA tool will automatically unlock a Windows 10 PC.
“There are other solutions coming for iPhone, too,” Anoosh Saboori, senior program manager lead for OS security at Microsoft, said during a presentation at Ignite.
Microsoft believes biometric authentication is a hassle-free and secure way to access PCs and online services. There’s no need to store passwords on a device.
Older Windows 10 PCs don’t have fingerprint readers or infrared cameras, which are needed for biometric authentication. So Microsoft is promoting the development of devices and accessories that can connect to PCs and serve as secondary authentication devices.
The popular iPhone could serve as one such authentication device. Microsoft’s Windows 10 Mobile smartphones can also be used to log into PCs and websites, but the company hasn’t been selling many smartphones.
Microsoft talked about some innovative accessories that are companion Windows Hello devices. These devices have to be registered with a Windows 10 PC via a PIN and can authenticate users through USB, Bluetooth, or NFC connections.
The HID iCLASS Seos/Prox Embeddable Card looks like a regular employee badge that provides physical access to doors and buildings. But it can also be used to unlock a PC via NFC.
Yubico’s YubiKey looks like a small thumb drive, but plugging it into a USB slot authenticates and logs a user into a PC. It supports multiple authentication and cryptographic protocols.
The Nymi Band smart band uses heartbeat or ECG to authenticate the user. A user needs to hold a finger on the band sensor, and the device authenticates and unlocks a PC via haptic feedback. The smart band works with PCs over Bluetooth and NFC connections.
The companion devices are primarily for unlocking PCs, not for logging into websites. To log into websites and apps, users need to be authenticated through biometrics on a PC. The credentials are verified against biometric information stored in a PC’s security layer in the form of cryptographic keys.
In the future, it’ll be possible to also lock PCs via Windows Hello, Saboori said. That feature could come next year.
Asus, Huawei, Fujitsu, HP, Lenovo, Xiaomi, Plantronics, Symantec, and other companies are developing devices for Windows Hello, Saboori said.
Microsoft is using authentication standards developed by FIDO Alliance, which boasts members companies like Intel, Google, ARM, Samsung, Visa, Bank of America, Qualcomm, RSA, and Lenovo.