Microsoft's Recall Feature Faces Security Concerns Despite Updates

Microsoft Recall screenshots credit cards and Social Security numbers, even with the "sensitive information" filter enabled 🔗

Despite promising to filter personal data out, Recall still captures it.

Microsoft's Recall feature, which captures screenshots to provide a searchable memory of user activity, has returned to Windows Insiders after security upgrades. Despite having a "sensitive information" filter designed to block the capture of credit card numbers and social security numbers, the filter has shown inconsistent performance. Tests revealed that Recall still captured sensitive data in various scenarios, although it performed correctly on some e-commerce sites. Microsoft acknowledges the need for improvement in the filter and assures users that it will continue to enhance this functionality. However, concerns remain about the potential for sensitive information to be accessed by unauthorized users, especially since the app's security relies on Windows Hello, which can be bypassed if someone knows the user's PIN.

What is Microsoft's Recall feature?

Recall is a tool designed to take screenshots of user activity on a PC, allowing users to search through their digital memory using natural language.

How effective is the "sensitive information" filter in Recall?

The filter is intended to prevent the capture of sensitive data like credit card numbers and social security numbers, but tests have shown that it works inconsistently, capturing sensitive information in certain scenarios.

What security measures does Recall implement?

Recall encrypts captured data and requires a Windows Hello login to access the app. However, users can still be vulnerable if someone knows their PIN, allowing unauthorized access to the app.