Microsoft Recall Can Still Potentially Screenshot Your Sensitive Information

Earlier this year, Microsoft Recall, the auto-screenshotting “photographic memory” feature for Windows 11 Copilot+ PCs, was delayed due to large-scale security flaws. Now that it’s back, to some extent, some users have found it’s still not the most secure feature, especially if you want to view your bank account or credit information online. 

Recall first reached a few testers last month, but since Dec. 6, It has been available to all with a Copilot+ PC in the Windows Insider beta. The feature first debuted in May, but security researchers found it too easy to access the logs of AI transcripts for screenshotted images. The new version of Recall encrypts all those logs and gives access to the feature behind a Windows Hello login. The system should also automatically detect and quit screenshotting any “sensitive information,” like bank information.

However, Avram Piltch at Tom’s Hardware reported that the filters aren’t filtering nearly as much as they should. The “filter sensitive information” settings should stop the AI from screenshotting any site or document with a credit card number. However, Tom’s Hardware found it would still screenshot a Notepad doc containing that information. It will also screenshot a fake loan application PDF. It even screenshotted a dummy page Piltch created, including a line for entering credit card info.

That doesn’t mean the filter isn’t working. Piltch said it would refuse to screenshot on two payment sites he tried. In its November 22 blog post, Microsoft said you can select specific websites that Recall won’t screenshot. The company added, “If you find sensitive information that should be filtered out for your context, language, or geography, please let us know through Feedback Hub.” 

Gizmodo contacted Microsoft for comment, but we did not immediately hear back. In this instance, Microsoft truly has to account for every possibility. If the AI recognizes some commerce sites, it may not recognize every instance where you enter your credit card information. All screenshots should still be locked away behind a Windows Hello security login, but the feature remains a potential vector for a bad actor to access sensitive information.

Recall remains an opt-in feature, and it’s off by default when you load it on a PC in the Insider channel. It’s still a beta product, so issues are bound to crop up. Microsoft has had to notify users on its Nov. 22 blog post that the feature wouldn’t save any screenshots if you install Build 26120.2415 after you load up the Windows beta build.

I’ve been using it on the side, but it’s the kind of feature you need to use for a long time before you can gauge its worth. You need to build up a sizable number of screenshots and then let your memory erode enough to make it worthwhile. It’s also still, obviously, a beta. None of the Copilot+ PCs shipped with the AI models on board, requiring you to download them once you sign up for the Insider build. As The Verge points out, it’s strange to know that your work, conversations, and online lifestyle are constantly recorded. What may be more shocking than all the issues that still need ironing out is that Microsoft planned to release Recall half a year ago without all this extra fine-tuning.