Dec 13, 2024 10:48:00

Windows 11's 'Recall' app takes screenshots of credit card numbers even when confidential information filters are turned on

The operation history search AI '

Recall ', announced by Microsoft in May 2024, has been postponed due to concerns about security and privacy, and a preview version for Windows Insiders was released in November 2024. When overseas media Tom's Hardware tested this preview version of Recall, it was found that it was storing confidential information even when the 'confidential information filter' was enabled.

Microsoft Recall screenshots credit cards and Social Security numbers, even with the 'sensitive information' filter enabled | Tom's Hardware
https://www.tomshardware.com/software/windows/microsoft-recall-screenshots-credit-cards-and-social-security-numbers-even-with-the-sensitive-information-filter-enabled

On May 21, 2024, Microsoft announced a new product category called 'Copilot + PC' that integrates AI into PCs, and revealed that it will be equipped with 'Recall' as its main feature. Recall is a function that periodically takes screenshots of users' PC operations, scans them with optical character recognition (OCR), and stores them in a database so that users can check their operation history later.

Microsoft announces new AI feature 'Recall' for Windows 11, a powerful AI search function that records everything you see and do on your PC and allows you to search later - GIGAZINE

On the other hand, Recall stores confidential information such as passwords and bank account numbers entered by users, and there is a risk of information leakage due to hacking. Therefore, the risk of Recall has been discussed around the world, including an investigation by the UK's data watchdog. In response, Microsoft announced that it would postpone the release of Recall and review its functions.

Subsequently, Microsoft announced security and privacy measures such as 'Screenshots and other Recall-related information is always encrypted' and 'Encryption keys are protected by the TPM and can only be operated in a special virtualization-based security space.' Recall will be available on Copilot+ PC from November 22, 2024. Windows 11 Insider Preview Build 26120.2415 (KB5046723) has been released for Windows Insiders.

Testing of the controversial Windows 11 'Recall' feature has finally begun - GIGAZINE

According to Tom's Hardware, Recall has a feature called 'Filter sensitive information,' which, when enabled, will not save screenshots of passwords, credit card numbers, etc.

However, when Tom's Hardware enabled Recall's confidential information filter and entered a fictitious credit card number, username, and password into Windows Notepad, Recall captured this screen.

It has also been reported that Recall captured Social Security numbers, names, and dates of birth entered into PDF loan application documents on Microsoft Edge.

Tom's Hardware also created a custom form where users were asked to enter their credit card information, including the brand, card number, security code, and expiration date, and Recall then captured the screen after they had already entered this information.

On the other hand, when entering a card number on the payment page of the real online stores 'Pimoroni' and 'Adafruit', Recall captured the blank form before input, but did not capture the filled-in credit card information input screen.

Tom's Hardware noted that 'when it comes to real-world commerce sites, Recall worked well, but it's nearly impossible to identify all the sensitive information displayed on the screen and avoid captchas.'

Microsoft responded to the results by saying, 'If Recall detects sensitive information, like credit card details, passwords, or personal identification numbers, we won't store a snapshot of it. We'll continue to improve the feature, so please send us feedback if you find any sensitive information that should be excluded in your context, language, or region.'