With Windows 10 version 1607, Microsoft has expanded the Windows Hello authentication technologies to include support for companion devices. That we knew. But those companion devices, surprisingly, will include both Android and iPhone handsets.
The question is whether those solutions will ever be made available to consumers.
News of this interesting development comes via IDG News, which curiously just mentions the iPhone half of the story. But it’s based, of course, on a Ignite 2016 session called Expand Windows Hello Family to companion devices and browser. I was tipped off to this story by reader Bob Berardino. So thanks for that.
“When you think about a user and the kind of devices they carry with them,” Microsoft senior program manager lead Anoosh Saboori said during the session, “they normally have the phone in their pocket, they [might] have some kind of wearable on their arm, some of them might have the security fobs given to them by their company, and many of us carry a badge with us that is used to gain access to different physical locations. We wanted to leverage these devices as a way to knowing the user.”
Obviously, the phone is the best device to use, because more people have this device with them at all times compared to the other device types. It can be used as a PIN or biometric replacement, where the credentials are still stored on the PC. Or it can store the credentials right on the phone, where both the credentials and the second security factor are mobile; in this case, you could sign-in to any PC in your company’s offices. (Other device types, like fitness bands, may only be able to handle the first of those two scenarios, depending on the device.)
Saboori’s talk focused only on businesses—in fact, he referred to “Windows Hello for business” many times—but there’s no reason that the first of the two scenarios noted above couldn’t work on consumer PCs. In fact, I wouldn’t be surprised if the Microsoft Authenticator app became the conduit for this activity. But during the Q&A, he noted that an RSA demo he did earlier in the talk “was an iPhone solution,” which I suspect is what inspired the IDG story to focus on iPhone.
“There are other solutions coming for iPhone too,” he said, “more than one, but that [the RSA solution] is the closest one to shipping.” IDG should have kept listening, as Saboori later said that Android solutions were coming from partners too. But in both cases, I think he was referring only to business solutions.
Looking to the future, Saboori also noted that Windows Hello would someday be extended so that the PC will automatically lock when the companion device that unlocked it moves too far away from the PC.