Microsoft Entra's Face Check is now in preview and it's going to be very hard to hack
Enabling the new policy shouldn't take more than 5 minutes.
3 min. read
Published on
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more
Microsoft introduces Face Check to Entra Verified ID, allowing commercial customers to enable authentication to their platform by real-time selfie matching methods. The new capability that was just announced by the Redmond-based tech giant, is now in preview and will be released generally in the following weeks.
Microsoft says it will greatly enhance the security for organizations everywhere, and will not access any sensitive data when requesting the user for the identification selfie.
Face Check, powered by Azure AI services, adds a critical layer of trust by matching a user’s real-time selfie and the photo from their identity document (such as a passport or driver’s license). By sharing only the match results and not any sensitive identity data, Face Check improves user privacy while allowing organizations to be sure the person claiming an identity is really them.
Microsoft
The Redmond-based tech giant says the feature has already been successfully tested by organizations such as Bemo, a leading company for cybersecurity operations, and Face Check is successful in verifying identity and detecting impersonations.
The liability of granting admin [role] access to the wrong person is high, so Face Check provides an extra layer of insurance. In the past we had to trade off between increasing risk of fraudulent access or increased compliance risk by collecting personally identifiable information in an ad hoc manner. Now we can verify the identity of an employee instantly and with high confidence, without trading off between security and compliance
Bemo
Microsoft Entra’s Face Check is also quite simple to implement, and according to Microsoft, it can be enabled in 5 minutes. Admins will have to enable the policy on a wide scale, for the organization to be able to authenticate using it.
The policy is customizable, and admins can choose which members of the organization must authenticate using Face Check. Once that is set in place, those members will receive messages to set up their Face Check authentication method.
It will also be hard to impersonate, or hack, as the policy will verify and validate the selfies against a Verified Employee credential, or even official state-issued government IDs. And Microsoft doesn’t intend to stop here, as in the following weeks, the Redmond-based tech giant will take into consideration other means of verification that go along with the Face Check, such as work history, or legal entity verification.
While this might sound a bit extreme, let’s not forget Microsoft is the subject of many cyberattacks, and its products and services are often targeted by threat actors. Outlook and Azure Pipelines were two of the recent services affected by these attacks.
Plus, impersonating employees through phishing attacks has been at a peak on the Microsoft 365 platform, recently, so, any kind of protection is welcomed.
