Microsoft has been dealing with a lot of blowback ever since the reveal of its Recall software, powered by Copilot+. As a recap, every few seconds, Windows will take snapshots of whatever you're doing on your computer. These snapshots can then be searched, and your device will profile what's going on in those photos. As an example, you may be looking for the time you were looking at a specific image, and Recall can find that image using natural language.

On the surface, Recall seemed to be an interesting feature. All of your data is stored on-device, and the AI that analyzes those snapshots is running locally. You can exclude apps, set the maximum amount of storage that it can use, and even pause it if you're doing something you don't want Recall to see and save.

While all of that was a little creepy to some people, the damning evidence came once people got Copilot working on Windows machines early. The data was stored in a plaintext database and wasn't encrypted, meaning that any program on your PC with elevated permissions could see what was in there. That could include the time you logged into your bank, the time you sent some personal messages or the time you paid for something online.

As a result, it was back to the drawing board with Microsoft, and Recall was delayed for an unknown length of time. At the time, Microsoft committed to making Recall an opt-in experience, rather than an opt-out experience, but gave no further information. Now it's coming back to Copilot+ PCs, and Microsoft has outlined how exactly it will keep your data safe.

How Recall will keep your data secure

For real, this time

Recall's data, first and foremost, is encrypted and makes use of secure key management. Every snapshot taken by Recall is encrypted, with encryption keys stored securely with assistance from the Trusted Platform Module (TPM). These keys are tied to a user's Windows Hello Enhanced Sign-in Security and require biometric credentials to be enrolled in order to search Recall content. Additionally, the sensitive operations that manage this encrypted data are performed within a Virtualization-based Security (VBS) Enclave, which functions as a secure environment isolated from the rest of the system, preventing unauthorized access.

A VBS Enclave is a software-based trusted execution environment (TEE) inside a host application and utilizes Hyper-V to create an environment that's higher-privileged than the rest of the system kernel. VBS is a core feature of Windows and is used by security features like Credential Guard, too. It protects all of the data from being accessed outside of contexts that it's not supposed to be and is a long-standing feature of Windows that can be trusted.

Thanks to the VBS Enclave, all services that handle snapshots and associated data, including decryption and indexing processes, are isolated from the rest of the system. Programs within an Enclave can also use cryptographic attestation protocols to check that the environment is secure before performing sensitive operations.

Finally, when a user wants to access their stored snapshots, they must authenticate through Windows Hello. This is the built-in biometric system in Windows that's aimed to ensure that only the true owner of the device can access their data. As a fallback, PIN will be accepted only after Recall is configured, so that a user can avoid data loss if a sensor is damaged.

Recall sessions are also designed to timeout, requiring the user to re-authenticate, which prevents malware from leveraging a previously open session to steal information. This reduces the window of opportunity for unauthorized access, be it through malware or even physical access to the machine.

Recall's new architecture

Security-first

Microsoft has outlined Recall's new security architecture, separated into five core components.

• Secure Settings
• Semantic Index
• Snapshot store
• Recall User Experience
• Snapshot Service

First and foremost, Microsoft says that settings are secure by default, meaning if tampering is detected, they automatically revert to their secure state. This prevents another application from modifying those settings and potentially trying to take the machine over. Also, data in Recall is managed through a semantic index that converts images and text into encrypted vectors, all of which are encrypted by keys protected within the VBS Enclave. The snapshot store holds these snapshots along with metadata such as timestamps, app dwell times, and launch URIs. All search queries are performed within the Enclave, too.

Finally, the Snapshot Service, which saves, queries, and processes data returned by the Enclave, ensures that only authorized users can retrieve data. To prevent unauthorized access, data from snapshots is only released after proof of human presence has been acquired, and access sessions are time-limited. The system includes protections such as anti-hammering mechanisms and concurrency limits to prevent malicious overloading or tampering attempts.

Recall might be good this time

Here's hoping

All of this seems promising, and with the usage of security features that safeguard other data in Windows, it seems that Microsoft is thinking the right way around this time. Whether or not that holds up once Recall rolls out to devices obviously remains to be seen, but given the PR nightmare that was Recall when it first launched, the company would want to get it right to avoid a repeat of that again.

Of course, Microsoft is also working on putting this all together in time for other Copilot+ CPUs arriving, like AMD's Ryzen AI 300 series and Intel's Core Ultra 200V series. AI is becoming more and more important on PCs (according to the tech industry, anyway), and features like Recall are ones that may actually prove to be useful going forward.

As for Recall, with the steps Microsoft is taking to ensure that Recall is safe and secure, it might actually be worth giving it a shot once it launches.