Microsoft Could Bring Windows Hello to Android, iPhone

Posted on October 1, 2016 by Paul Thurrott in Android, iOS, Microsoft-Band, Mobile, Windows 10, Windows Phones with 12 Comments

Microsoft Could Bring Windows Hello to Android, iPhone

With Windows 10 version 1607, Microsoft has expanded the Windows Hello authentication technologies to include support for companion devices. That we knew. But those companion devices, surprisingly, will include both Android and iPhone handsets.

The question is whether those solutions will ever be made available to consumers.

News of this interesting development comes via IDG News, which curiously just mentions the iPhone half of the story. But it’s based, of course, on a Ignite 2016 session called Expand Windows Hello Family to companion devices and browser. I was tipped off to this story by reader Bob Berardino. So thanks for that.

“When you think about a user and the kind of devices they carry with them,” Microsoft senior program manager lead Anoosh Saboori said during the session, “they normally have the phone in their pocket, they [might] have some kind of wearable on their arm, some of them might have the security fobs given to them by their company, and many of us carry a badge with us that is used to gain access to different physical locations. We wanted to leverage these devices as a way to knowing the user.”

2nd-factor

Obviously, the phone is the best device to use, because more people have this device with them at all times compared to the other device types. It can be used as a PIN or biometric replacement, where the credentials are still stored on the PC. Or it can store the credentials right on the phone, where both the credentials and the second security factor are mobile; in this case, you could sign-in to any PC in your company’s offices. (Other device types, like fitness bands, may only be able to handle the first of those two scenarios, depending on the device.)

Saboori’s talk focused only on businesses—in fact, he referred to “Windows Hello for business” many times—but there’s no reason that the first of the two scenarios noted above couldn’t work on consumer PCs. In fact, I wouldn’t be surprised if the Microsoft Authenticator app became the conduit for this activity. But during the Q&A, he noted that an RSA demo he did earlier in the talk “was an iPhone solution,” which I suspect is what inspired the IDG story to focus on iPhone.

“There are other solutions coming for iPhone too,” he said, “more than one, but that [the RSA solution] is the closest one to shipping.” IDG should have kept listening, as Saboori later said that Android solutions were coming from partners too. But in both cases, I think he was referring only to business solutions.

Looking to the future, Saboori also noted that Windows Hello would someday be extended so that the PC will automatically lock when the companion device that unlocked it moves too far away from the PC.

 

Tagged with

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register
Comments (13)

13 responses to “Microsoft Could Bring Windows Hello to Android, iPhone”

  1. 5610

    If you build it (a banking website), that will work with Windows Hello authentication, they will come. Please someone, just give me one.

    • 2233

      I was happy that in iOS 10, my banking app updated to let me login via Touch ID.  I think you will get your wish in Windows.  I love having a Fingerprint reader on my keyboard and far prefer that to when the Surface is 'looking for me'.  In time, I see this becoming common place.  I was happy to see Microsoft start selling the fingerprint readers.  The key is to get all the Windows Hello tech out there so that people have a base to code for.

      • 5610

        Glad to see the fingerprint reader on iOS finally being put to great use. I was wondering about that as well. One of the lingering issues I deal with on a perpetual basis with normal users, is this constant and neverending password thing. This will be a huge game changer, and will drive the sales of this type of hardware. I can't wait for my first Windows Hello website logon, just so I can begin to show folks what is coming and how it will work.

  2. 5676

    So I have a question for ya Paul. How do I hear text messages and choose to read it, reply, ignore over bluetoth on an Android Alcatel idol 3 with Marshmellow? I thought I'd give Android a try to see what it's all about. The idol 3 was only $100 and it's a great phone but, Android, I just don't get it. I'm back on my WP after a week of anoying Android use. Yea some of the apps seem a bit more polished but nothing really super. WP works just fine for me. If the Alcatel idol 3 had Windows 10 Mobile I'd be jumping for joy and doing flips.

    • 5641

      I agree. iOS and Android seem like solid OS but then Windows 10 mobile has it's features. I find iOS sterile and frankly boring. It does what it does, very well and that's it. I think it's the main screen. As a tekky, I like flashing lights, spinnig things etc. I like things that don't quite work, that need a bit of TLC. Reminds me of Apple in the day when OS X was just starting out.

      My main gripe is the price of iOS (and good Android phones) compared to the current bunch of Lumia. You could argue that because Windows 10 mobile has a lower userbase, phone manufacturers have to entice them in with lower prices. With a phones average shelf life of 2-3 years (compared to a PC's much longer time) - take advantage while you can!

      On the other hand, I was given a Blackberry to try and frankly, just didn't like the interface / system. I can well imagine why that platform is dying but not so with Windows 10 mobile. Huge amount of potential to be realised.

  3. 5641

    Interesing proposal. The only problem is that Authentication is an operating system function and I can't imagine Apple or Google (but users of Android may e.g. Samsung) allow Microsoft to Authenticate users. This would mean trusting Microsoft technology to prove that the user is who they say they are and are authorised to access to the device.

    I could imagine a scenario where Microsoft Hello could use companion devices to authenticate a user and then authrise that user to use, say, a nearby PC - but Authentication and authorisation are very different security concepts.

     

     

    • 2525

      I got the impression it's more that you can use your phone - iPhone, Android, etc - as the second factor for your Windows PC/tablet.  Very similar to the Microsoft Account app where you'll get a notification on the phone and can approve or reject.

      Neat idea.

  4. 5486

    Windows Hello hasn't really gone anywhere since launch. It was extremely unreliable and difficult to use on the Lumia 950's (mainly retina scans), and wasn't much better on the Surface. Most people just carry on using passwords as normal, because that's what they're used to, and it doesn't require them to spend money on compatible 'Hello' kit.

    TFA is a very good thing to have, but getting people used to the idea is another thing altogether. Banks are also unlikely to trust Microsoft technology, so don't hold your breath on that one.

  5. 214

    I've been postulating the use of companion devices as the second (and perhaps most important) factor in authentication for a long time. Particularly nice with "prioximity" authentication - just get near a resource and it can recognize you (or not) - and if you meet its requirements - provide  access to the resource. They can also host the working (or master) instance of one's profile.

    It seems obvious to me that eliminating the use of passwords entirely is a desirable goal. Passwords can be hacked, copied, stolen, etc. Thus stealing or otherwise obtaining passwords is far and away the major goal of hackers - get the passwords - own the accounts. Tying access to a physical device - deprecating the value of the passwords - can break the back of these attacks. A real game changer for security.

  6. 5234

    Android already has Smart Lock with device proximity unlock.  This is Microsoft grasping at straws to stay relevant on mobile.

    • 442

      What?  You are taking two seperate items and trying to make them relevent to each other.

      Microsoft is just trying to utlize well known methods through other devices.  Nothing new there.  It's been done before, and can be done now.

  7. 5554

    More like Windows Goodbye.  Because Hello was DOA.

Leave a Reply