How Apple's new Face ID compares to Microsoft's Windows Hello

Convenience and security are often at odds in the tech world, but that hasn't stopped most companies from attempting to fuse the two. With Microsoft, we have Windows Hello, a biometric system that can log you in with a fingerprint, or facial or iris scans. Apple, which uses Touch ID as a fingerprint login system, has now come up with something new, first unveiled at the September 2017 Apple event.

Apple wants to get rid of the iPhone's Home button and with it TouchID, so it's testing out what it calls "Face ID" on the upcoming iPhone X. Face ID works in a similar way to Windows Hello, in that it uses an IR sensor and camera to identify your face for a fast, secure login. There are, however, some differences between the two technologies, which we'll examine here.

What is Windows Hello facial recognition?

With Windows Hello, there are two types of biometric recognition through cameras: iris and facial. The facial recognition side of Windows Hello works by bouncing infrared (IR) light off your face and picking it up with a camera. An image of your face is then compared against one that's stored on your PC. If they match, you're logged in. The iris scanning side — famously found in the Lumia 950, 950 XL, and HP Elite x3 — instead takes a picture of your iris and compares it to one stored in your device.

Although there are no confirmed reports of Microsoft's implementation of iris scanners being defeated, other iris scanners have been bypassed, as have facial recognition methods. Android Central reported on the iris scanner in the Samsung Galaxy S8 being spoofed with a printed IR image and a fake contact lens. An article from The Guardian explains how researchers from Carnegie Mellon University were able to fool Face++ facial recognition by wearing some funky tortoiseshell glasses. In some cases, like with the Samsung Note 8, all it took was printing out a picture of a face and holding it up to a camera.

Windows Hello facial recognition puts a stop to some spoofing thanks to the IR camera. Printed and digital images don't appear in the IR camera, so it would take more to get past the technology. Remember, pretty much any gate is permeable to someone with the means and time to break it.

Another security concern is where your biometric data is stored. Microsoft explicitly says that biometric data collected from Windows Hello facial recognition never leaves the device (opens in new tab). From Microsoft:

The biometric data used to support Windows Hello is stored on the local device only. It doesn't roam and is never sent to external devices or servers. This separation helps to stop potential attackers by providing no single collection point that an attacker could potentially compromise to steal biometric data. Additionally, even if an attacker was actually able to get the biometric data, it still can't be easily converted to a form that could be recognized by the biometric sensor.

This data is protected in part by a Trusted Platform Module (TPM), which is a microchip that enables extra security through encrypted keys. Overall, you can consider your biometric data relatively safe. Even if someone were to steal the data, it would be near impossible to recreate your face or fingerprint from the information.

See the best laptops with Windows Hello support

If you're thinking this sounds a lot like Xbox's Kinect, you're not wrong. There are similarities, especially when we look at Intel's own lineup of cameras, known as RealSense. These cameras can handle 3D recognition (albeit at a much shorter range than the Kinect) and depth through a set of cameras. A group of IR dots is projected from the camera, a grid of your face is formed, and it is then analyzed by the camera. This is different from the other brand of Windows Hello facial recognition — like that found in Surface devices — which implements its own recognition through pictures with IR cameras.

What is Apple's Face ID?

In 2013, Apple bought a company called PrimeSense, which is the company that helped make the Xbox's Kinect camera. For this reason, Face ID uses similar technology, albeit in a smaller, more condensed form. Instead of a Kinect having to track an entire body moving around a living room, you have a system consisting or IR and depth cameras that only has to focus on the face.

Apple's system is called "TrueDepth," and it is similar to what Intel has created with RealSense. TrueDepth shoots out about 30,000 IR lights (minuscule dots that are unseen by the human eye) onto your face that are then picked up by the IR camera. The lights (or dots) are processed by Apple's A11 Bionic Neural Engine, which is a system separate from the main processor. A grid based on your face's 3D shape is formed, and only someone with the same grid is able to log into the iPhone.

This TrueDepth system is expected to eliminate some of the issues we've seen in the past, where you can defeat facial recognition safeguards. Apple expects Face ID will even go so far as avoiding defeat from recreated 3D models of faces. Phil Schiller, senior vice president of worldwide marketing at Apple, said in the keynote speech that Hollywood makeup artists were brought in to test whether professional 3D recreations of faces would fool FaceID. (It's interesting to note that Schiller didn't actually say whether or not Face ID was fooled by these phony faces.)

In an article on iMore, editor Rene Ritchie answered some security concern questions, like where the Face ID data is stored. Apple sent iMore this comment on Face ID:

Face ID data never leaves the device, is encrypted and protected by the Secure Enclave.

The Secure Enclave is similar to a TPM chip in that it stores an encrypted version of your data that can't easily be cracked. Like with Windows Hello, you can expect your biometric data to remain relatively safe in your device.

Which form of facial identification is better?

Without actually testing the two technologies side by side, it's difficult to claim one technology is superior. One thing to keep in mind is that most convenient login methods — fingerprint reader, iris scanner, and facial recognition — have been beaten by people with enough time and means. Since Face ID is essentially a member of the same group, it will be interesting to see how long it takes for someone to spoof it, or if they're able to.

What we do know is how well Windows Hello's facial recognition works. We've have had plenty of time using it, both on Windows 10 and Windows 10 Mobile, and it's been proven to log in without fault far more often than not, often instantaneously. Whether it's easier to spoof than Face ID is yet to be seen, but it seems like Apple took its time studying past success stories, investing in the companies behind those success stories, and creating something secure and convenient.

An initial impression of Apple's Face ID — without actually using it — is positive. The Face ID demonstration at the keynote speech, ignoring the failed login that Apple has since explained away, was impressive. The iPhone X itself has the hardware needed to perform an in-depth scan of your face (the animated emojis showed off the tracking capabilities), and the separate Neural Engine that processes the information should allow for blazing fast logins.

Windows Hello is already available

Windows Hello is readily available in many laptops and phones, whether through fingerprint, facial, or iris scans. If your device doesn't have the proper hardware built in, you can always go with a third-party option to add biometric functionality.

An IR camera from Mouse (about $70) (opens in new tab) can attach to your laptop or monitor and will allow you to log into Windows with just your face. Mouse also offers a fingerprint reader (about $50) (opens in new tab) that plugs in via USB.

See our review of the Mouse IR camera and fingerprint reader

If you're looking for something with a few more features, you'll no doubt want to check out the Logitech BRIO webcam. It supports 4K resolution, HDR, and Windows Hello, all in a slim package. Sure, it costs about $200 (opens in new tab), but it's pretty much the only webcam you'll need for the foreseeable future. Check out our review for much more information.

See our review of the Logitech BRIO 4K webcam

Cale Hunt
Senior Editor, Laptop Reviews

Cale Hunt is formerly a Senior Editor at Windows Central. He focuses mainly on laptop reviews, news, and accessory coverage. He's been reviewing laptops and accessories full-time since 2016, with hundreds of reviews published for Windows Central. He is an avid PC gamer and multi-platform user, and spends most of his time either tinkering with or writing about tech.

  • Windows Hello works wonderfully on PCs but the phone version is broken beyond belief. It flat out doesn't even work on my Lumia 950... and why is it still in beta?
  • Works perfectly on my 950XL, I just wish they had never added back in the success animation, was so much faster without it..
  • Hahahaha! I like that animation and works fine with my XL but my wife has problems with her 950. I always though she was doing something wrong but it might not be the case.
  • Works perfectly fine on my XL and my daughter's 950. We all use the MOUSE for our desktops at home.
  • It is in beta because it is Windows Hello as a service.  Got it? As a service? :p  Just joking but could be true.
  • Works perfectly on my Lumia 950!
  • It works on my 950xl, you know except when it crashes my phone when I turn on the screen to unlock it.
  • It wasn't working on my Lumia 950, either. It could hardly ever recognize my iris, and when it did, it would take ages. I realized using my fingers to enter four digits would take less time, so I turned off Windows Hello altogether. 
  • It works but it is not practical at all. You need to bring the phone very close to your face, it should work within a ''table distance'' otherwise it is useless.
  • Train it a few times, that resolved the proximity issue for me, not it actually work too far for my confort lol
  • That's totally opposite of my Lumia 950 which works perfect! Hmmmmm
  • I'm on Fast Ring and it works really well on my 950.
  • While iris scanning and facial recognition is both under windows hello, the technologies are very different and iris scanning is harder to accomplish well
  • I only had issues on my 950 in direct sunlight. You do have to kind of learn the right range to hold your phone for best results. Once you establish that habit, you never think about it again and it just works. I do think SP4-style facial recognition is much better. Apple was smart to use that on the phone rather than iris recognition. I have no doubt it will be much better than what the 950/950XL does. 
  • Works great for me. 
  • Not sure what is wrong with your 950, it works just fine on mine, half the time it kicks in before I can finish my passcode.
  • Let me try it right now...
  • Only Windows Central can put it to test.  I guess we all have to wait till iPhone X comes to reviewers hand.  I can't wait for Zack to compare it to Windows Hello.
  • - “has now come up with something new”… No, it’s not new! - “but it seems like Apple took its time ‘Copying’ past success stories”… Yes it invested buying a company, but as usual, Apple bought that company copying an idea others used before! - “and creating something secure and convenient”… As convenient as much as it fail in stage during its presentation, so you don’t really know yet if it is ‘Secure’, but so far it’s not really ‘Convenient’ while failing!  
  • There I was thinking I was the only one that read the same crap. I am wondering how this article with what you captured would have been written if MSFT was Apple and Apple was MSFT. Let me try. - MSFT have come up with late old technology once again, following the likes of Apple innovation as usual. -but it seems like MSFT took it's time copying Apples's more than 3 years old innovative success stories as new in this day and age. -and creating what is already perfectly done by Apple to just blow up in their face on stage, did they try it before the demo?,  We are sure they will explain that fubar away as usual and will become copying genious as usual.
  • I was initially skeptical that Apple got rid of Touch ID and replaced it with this. It sounds to me - as somebody who doesn't really know what I'm talking about - that spoofing a face would be easier than spoofing a fingerprint or an iris. I also heard a bit about potential legal issues: something like law enforcement (in the US) can force you to unlock with your face in a way they can't with a password or fingerprint. I don't care at all about the "notch" but what sounded like a step back in security turned me off of the idea of maybe switching to it if/when Windows 10 on mobile devices stops being a realistic option. I find the fingerprint on the Elite x3 plenty fast enough. The iris is reasonably quick, too, but I always default to fingerprint because I can unlock it and authenticate in one touch.
  • In the US at least fingerprints can be compelled to be given to unlock. They take your prints if arrested. As far as facial recognition I think it is the same. The law as I understand it is that you cannot be compelled to give up a passcode that is in your head, but biometric data is not strictly yours
  • The police in the US can ask you to unlock your phone with a fingerprint, but cannot ask you to type in a password.  Not sure which camp Face ID will land in.  If you want to keep the cops out, use a PIN. 
  • You write an article titled "Is Apple's Face ID better than Windows Hello?" and yet go on to say "Without actually testing the two technologies side by side, it's difficult to claim one technology is superior." Why didn't you just wait til you had an iPhone X? Got a sales quota to meet via affiliate links? Classic case of using click bait and having subpar journalistic integrity.
  • I know. I'm starting to lose faith in this site.
  • No, they were actually asking their readers to tell them, so they didn't need to do any work themselves.
  • The face ID is better.  Its on a current supported OS,  with lots going for it...where as hello is on a phone thats 2 years old and with a bailed on OS!
  • What are you talking about? Windows 10 isn't a current supported OS? Facial recognition is not on any Windows Phone, so I don't know why you brought that up. That's the only part of Windows Hello that's comparable to Face ID.
  • This article is talking about NO windows 10 mobile is not a current supported OS.  windows 10 10 mobile NO...stop playing symantics police...thanks!   Why bother to compare the two?  windows hello is ON WINDOWS 10 Mobile devices using retina which is part of Face ID...jesus...fanboys.
  • No it isn't....
  • so it's a proven technology. what's the reason to be negative about a 2-year feature on a phone that works?
  • What's new, You have these Apple / iPhone folks masquerading as windows writers. Now, they do not need to test anything Apple to show positive review of it. I bet if you put Apple logo on current Lumia 950 XL (with freaking windows OS) and put MSFT logo on iPhone X and its iOs 11, the 950 XL with apple Logo will win No Testing required... Just follow the damn logo.
  • My impression was that it's just an article discussing/comparing the technologies behind them (which I think is a valid article to have without having testing the two) and am assuming they will test it side by side when they can. The article can probably be titled more accurately, but I don't think this is a case of having "subpar journalistic integrity"
  • Real0395,  When it comes to fanbabies in here...if you do not jerk off microsoft 110% of the time,  it's "subpar journalistic integrity"!  get used to it!
  • When it comes down to it, it'll be which is the easiest to set up (Apple from what I can tell so far), and which will permeate the market the fastest (Apple obviously). Microsoft should have mandated the darn things to be standard in every PC or it's adoption will just linger as "that's cool, but I don't want to pay the extra 100$ for something spiffy," sorta thing.
  • Yet when Microsoft tries to mandate things they also get flack for it as well. Though, I do think more people should use it. 
  • SO pretty much is the same tech with a little different angle or excuse to say it new stuff. I wonder about who is going to have patent wars about this. Because they are pretty much the same tech and even from the same original creator of prime. And people said that the Kinect was dead on the sand, without knowing it just evolve into most new hardware!
  • I would imagine that the company that created the tech would hold the patent. It's Microsoft's own fault for not trying harder to kep them on board, as the Kinect system is really good so applying that same level of polish to a phone is fantastic.
  • Doesnt matter which is better, you can be sure the iphone X will be the phone of choice for Microsoft's leadership team. Pretty much all anyone needs to know.
  • how are you drawing this conclusion?
  • Because Nadella already uses an iPhone?
  • i love windows Hello fingerprint reader WORK 99.9 % for me
  • If Face ID only requires you to raise your iphone 10 to chest high before looking down at it and works consistently, then I would say it is a better than Hello. If not, and it is chin high as Apple presentation showed, which is similar to Hello on 950, then they are on par... 
  • And almost useless. I see no reason to use the IR sensor on my GS8 when it is already unlocked before it even leaves my pocket due to the fingerprint sensor. Rarely if ever is my phone unlocked by retina before fingerprint.
  • I'm with you there.  A fingerprint unlock is so much quicker for a phone. It's unlocked before it's out the pocket if I want.  On my 950xl it was painful, in part because of speed but mostly orientation.  On my x360 PC though, Hello works great, but that's because I sit at a PC before using it and it's quicker than a password or PIN entry.
  • Fingerprint scanners are much easier to spoof, hence why other biometrics are pursued.  Just because it is easier/faster doesn't mean it is safer.
  • One thing Windows Hello has over FaceID is that you don't have to swipe the screen up after a face scan!  
  • First, we are all just speculating, we don't have an iPhone X to test yet.  The only real time example we saw failed (yes, they had a reason why, but it still failed on demo).  Here are my thoughts. 1.  Basically (as the article states) it is a Kinect in tiny form, more like real sense Intel than IR Lumia 950.  So the basic idea is sound. 2.  IR based tech (which this is using for the "grid map") sucks in direct sunlight.  The sun is a much bigger IR source than any IR flood light on your camera, so I'm betting this sucks in daylight (so does the Lumia 950 system).  Be prepared to get it really close to your face when in direct sunlight. 3.  Indoors the system will probably work well and at longer distance than the Lumia 950 system.  The "map" the 950 is using is narrower so you have to look dead on at the sensor, here you will probably have some wiggle room at the angle and depth of attack... though the demo fail and their excuse makes me worry about how many "false lock outs" you will get when you leave your phone sitting on the wireless charging pad in the office for example. 4.  One design, one implementation, bad news.  It had better work great because they bet the farm on it.  My biggest complaint with the 950 was that they put all their biometric eggs in one basket (Iris scanner).  However, other vendors gave you a choice (the Elite X3 has both the iris scanner and a fingerprint reader), choice favors MS.  Look at all the implementations of Windows Hello in laptops/tablets/desktops.
  • Plus the article undersold one big point.  There are no recorded successful exploits of the system used in the 950/950XL.  That is a pretty big deal from a security standpoint.  Granted it could be the "viruses on linux" solution, there weren't enough 950/950XL in the wild for exploits to be developed, but I'm guessing some people tried.
  • i thought the main criticism of the 950 and 950xl was that iris scanning was not suited to mobile devices over a finger print scanner   i.e. You have to pick it up it takes longer etc   and now apple do it, just to get rid of the home button! and its accepted!
  • It appears that Apple was working on Touch ID under the oled screen, but they could not get it to work on time before the announcement. So they went for Face ID which could be temporary solution until the new Touch ID development is complete. So the question is if Face ID doesn't sell well, would they go back to Touch ID under the screen, or do they continue with Face ID for iPhone 11 and beyond...
  • 950 tech was iris scanner, it was slow and not very accurate. The iPhone X has face recognition, which is based on IR 3D parsing of your face (the article explains the difference). The main point on where a login method is viable or not is basically how fast and reliable it is whether it's iris, face, fingerprint, voice, whatever. 950 scanner wasn't. iPhone scanner is. Even fingerprint had to evolve a lot to be viable in phones. It used to be slow and bulky (see ATMs) but now most Android phones have readers that take less than a sec to scan with relative precision.
  • Windows Hello and the Brio do a great job with logins. Only not having a password would be faster. 
  • I never understood what the technology was in the Windows Hello hardware in Surface Pro 4 and newer. I mean, it's not Intel RealSense, is it? What's the difference then?
  • My take away is that, it's going to be similar to Hello on PC's, and it's going to suck in direct sunlight. It was good of Microsoft to basically hand Apple the technology by scrapping Kinect though and not absorbing/getting exclusivity with the company behind the tech, that was a genius move.
  • If there's one thing I've learned here in the comments, if you’re not first, it's already too late. Sorry, Apple!
  • Well, that's what everybody keeps hammering about MS and the mobile space, so unless everyone has double standards yeah, Apple are lagging in this area.
  • Considering Apple has a viable mobile will better. And Apple supports their client base.
  • oh... what's that logic?  viable mobile OS ==> better face recognition???
  • Good point. It will continue to developed this was my intent. W10M is done. Does that make more sense? Thanks,
  • Sometimes Windows Hello just don't work in Win10 desktop, even I am looking at the camera at the perfect position and orientation.  It just doesn't respond.  I don't think it is an accuracy problem - the problem just goes away next time without re-calibrating.  I believe it is a bug.  This happens several times a week, in my SP4 and Surface Studio.  Seems that the problem is less frequent in Surface Studio.