Apr 22, 2025 13:00:00

Although Microsoft's 'Recall' has been improved by encrypting files, it can be executed only with a PIN, so confidential data protection measures are still not reliable

Windows' AI feature '

Recall' has begun to be offered on a trial basis, which takes detailed screenshots of a user's PC operations, scans the information with optical character recognition (OCR), and allows users to search for it later with AI. Technology media have been checking and reviewing the specifications. Among them, the biometric authentication required to launch Recall has become a hot topic.

Microsoft Recall on Copilot+ PC: testing the security and privacy implications | by Kevin Beaumont | Apr, 2025 | DoublePulsar
https://doublepulsar.com/microsoft-recall-on-copilot-pc-testing-the-security-and-privacy-implications-ddb296093b6c

In depth with Windows 11 Recall—and what Microsoft has (and hasn't) fixed - Ars Technica
https://arstechnica.com/gadgets/2025/04/in-depth-with-windows-11-recall-and-what-microsoft-has-and-hasnt-fixed/

Recall is a function that saves information by continuously capturing the PC screen, but the release has been delayed several times due to the risk of leaking highly confidential information such as credit card numbers. Microsoft is working to improve the problematic function, and released a limited version in April 2025 as a preliminary step to the release.

After two delays, Microsoft finally rolls out release preview version of Recall for Copilot+ PC - GIGAZINE

Technology media Ars Technica and security expert Kevin Beaumont have tried out Recall and listed some of its pros and cons.

First of all, Recall is opt-in, meaning that it will not work unless the user explicitly gives permission, and you will be asked whether or not to enable Recall when setting up your PC.

Beaumont criticized Microsoft for not adequately explaining the risks involved when enabling the app, but credited the company for making both the 'Yes' and 'No' buttons the same color. This type of software often uses a pattern of making the options favorable to the company more prominent and the options on the other side more subdued, to guide users to the colored options, but Microsoft did not adopt this practice.

Once you've signed into Windows, Recall will ask you to activate it using

Windows Hello , after which it will fade into the background, leaving only an eye-like icon in your system tray.

However, Beaumont points out that there is a problem with Windows Hello. Microsoft explains that 'To launch and use Recall, you must enable at least one biometric option in Windows Hello, either facial recognition or fingerprint,' and that 'Every time you launch Recall or change its settings, Windows Hello will ask you to verify your identity,' which makes it seem as if biometric authentication is required every time you launch the app, but in fact it is not.

According to Beaumont, biometric authentication is only required during initial setup, and after initial setup, you only need to use a four-digit PIN to start the device. Anyone who knows the PIN can start the device, so Beaumont pointed out that this was a big mistake on Microsoft's part, sharing the story of how 'I let my partner touch it, and in just five minutes he had access to everything I did on my PC.' However, this is still a test release, so it may change in the future.

Other improvements include the fact that screenshots and OCRed text are now encrypted, instead of stored in plain text. Ars Technica comments that 'Microsoft appears to have solved Recall's biggest problem.'

On the other hand, there were also problems with the filtering not working properly. Recall is designed to filter out highly sensitive information such as credit card numbers so as not to record them, but when Beaumont tried it, the numbers were recorded properly and later appeared when he searched for 'credit card'.

Also, when Recall filters something, the status icon in the system tray changes to a small triangle and says 'Some content has been filtered,' but Ars Technica pointed out that it's a bit troubling that it doesn't know which app or what text was filtered.

In addition, the data acquired by Recall is stored locally, so the possibility of it leaking to the outside is somewhat suppressed. There may be a problem with insufficient capacity to store screenshots, but Ars Technica explains this point as follows: 'Depending on how often you use your PC and how many items you filter, hundreds of MB of images are stored per day. A system with a 1TB SSD is allocated 150GB of capacity by default, but only 25GB of that will be enough to store several months' worth of data.'

You can add apps and sites you don't want Recall to save to an exception list. Incognito browsers also won't capture your screen. When Ars Technica ran two windows, one in normal mode and one in incognito mode, side-by-side, Recall chose not to capture any screens at all.

'Recall's snapshots and databases are encrypted, which is a much better design, but if attackers find a way around this encryption, it could wreak havoc,' Beaumont said. 'Microsoft knows this and has tried to stop it by encrypting the database files, but with ransomware gangs launching Windows zero-day attacks almost every month, and patches arriving months later, this could be bad news.'