Windows 10 allows users to use enhanced anti-spoofing features for facial biometric authentication methods. Anti-spoofing is a technique of recognizing spoofed data packets coming from untrusted sources, are dropped off allowing only authentic data packets. Windows Hello feature, introduced with Windows 10 is a technology, as described by Microsoft that inculcates biometric authentication for better security in Windows 10. Fingerprint scanners have now become old school, owing to the huge range of smartphones with this feature available in the market. Windows Hello works by scanning your face, iris, or fingerprint and then logging you into your device. For face detection, one of the potential threats is the possibility of unlocking the phone by using photo of the authentic user. The anti-spoofing technology comes into play and a photo cannot be used to login to the device.
The following tutorial will show you how to enable the enhanced anti-spoofing feature in Windows 10. The feature will be available only to those devices that support facial features or Windows Hello. So, even if the setting exists, you cannot use it if your device doesn’t support. The feature can be enabled through the local group policy editor. The facial features policy allows you to enable the service. The feature is not configured by default. The non-configured state implies, users will be able to choose whether or not to use enhanced anti-spoofing on supported devices.
If you enable this policy setting, Windows will require all users on the device to use anti-spoofing for facial features, on devices which support it.
If you disable this policy setting, enhanced anti-spoofing is turned off for all users on the device and they will be unable to turn it on.
Steps to Enable Enhanced Anti-spoofing in Windows 10
1. Press Win+R to open Run window.
2. Type gpedit.msc and hit Enter to open the Local Group policy Editor.
3. Now go to the following location Computer Configuration > Administrative Templates > Windows Components> Biometrics > Facial features.
4. In the right panel, you will find the policy setting Use enhanced anti-spoofing when available. Double tap on it to enable/disable it.
5. Choose the desired option. Click Apply and then OK.