Remotely Unlock Your Windows PC via Fingerprint Scanner on Android [XDA Spotlight]

By | 7th October 2018
Unlock Windows 10 PC with Android fingerprint scanner

Over 2 years ago, I created a script using Tasker, a Tasker plugin called AutoTools, and an app called Unified Remote, to remotely unlock your Windows PC using the fingerprint scanner on your Android device. The script used AutoTools to authenticate your fingerprint and Unified Remote to perform remote inputs such as a tap, swipe, and paste to unlock your Windows PC. While it certainly works, it’s definitely not an ideal way to remotely unlock your PC. If Samsung Flow can be used to remotely unlock your Windows PC from a Samsung phone, why can’t any other third-party app? That’s exactly the question that XDA Member Andrew-X asked himself, and after months of work, he came up with a solution. He created an app called Remote Fingerprint Unlock which lets you unlock any Windows PC via the fingerprint scanner on your Android smartphone.

Remote Fingerprint Unlock Features

Remote Fingerprint Unlock supports the following device configurations:

  • x86 or x64 architectures
  • Windows Vista, Windows 7, Windows 8, or Windows 10 PCs
  • Android 6.0+

The free features include:

  • Support for remotely unlocking both local and online Microsoft accounts via fingerprint scanner
  • Set up 1 PC with 1 account for remote unlocking
  • Wi-Fi Tethering support

The pro features ($1.99 in-app purchase) include:

  • No advertisements
  • Adding multiple Windows PCs
  • Adding multiple accounts per Windows PC
  • Support Wake-on-LAN

How to setup Remote Fingerprint Unlock

Setting up Remote Fingerprint Unlock is fairly simple. All you need to do is download the Android app, install the Windows Fingerprint Credential Module, and go through the setup process in the app.

  1. Download and install Remote Fingerprint Unlock from the Google Play Store.
  2. Download and install the right Windows Fingerprint Credential Module for your Windows PC. (Be sure to read the setup instructions and warning thoroughly.)
  3. Open the Android app and go to the Scan section.
  4. Start the Scan operation and let it find your Windows PC.
  5. Tap on the PC you want to set up. You can choose to give it a name and/or send a Wake-on-LAN packet if you have the pro version.
  6. After adding the PC, go to the Accounts section.
  7. Tap on “Add Account.” Enter the username and password of the account you want to remotely unlock.
Remote Fingerprint Unlock Remote Fingerprint Unlock Remote Fingerprint Unlock Remote Fingerprint Unlock Remote Fingerprint Unlock Remote Fingerprint Unlock
  1. Now, try unlocking your PC. Lock your Windows PC and you should see a new user called “Fingerprint Unlock.” (See the feature image at the top of this article.) If it says the module is active, then you are able to proceed.
  2. Open Remote Fingerprint Unlock and go to the Unlock section
  3. Scan your fingerprint.
  4. If you set it up properly, you should see your Windows PC automatically unlock itself!

We recommend you check out the following XDA forum thread if you have any issues setting it up.

Check out the Remote Fingerprint Unlock thread on our forums

Remote Fingerprint Unlock (Free+, Google Play) →

Is it safe to use?

I understand that some of you may be wary of installing a Windows application such as this. While I can’t guarantee that the app is safe to use since it isn’t open source, I do believe that the developer is trustworthy after having run it through various malware analysis tools and asking the developer to address what issues the tools picked up on. I’ll quote our conversation below so you can decide for yourself:

Me:

I ran it through VirusTotal and HybridAnalysis and they picked up the following results:

  • Ikarus picks it up as “PUA.RVplatform”

  • TrendMicro picks it up as “Suspicious_GEN.F47V0908”

  • Filseclab picks it up as “Adware.CsdiMonetize.AI.twym”

After a week, the developer made some changes and reached back to me:

So, I did a few changes to the setup files a week ago and I have managed to reduce the number of detections to only 1/63 on VirusTotal, McAfee AV’s scanner being the only one that detected my setup as Adware. I have sent an email to them to report the false detection and I still haven’t received a response. This is the reason that I haven’t contacted you.

Surprisingly, I have scanned the latest release again and it comes clean. They probably updated their scanning engine, or whitelisted my setup but didn’t respond back. Either way, I’m glad that it’s finally not being falsely reported anymore.

However, the x86 version is still tagged as being malicious by Endgame, as seen here, even though the same AV does not detect the x64 version as being malicious. I’ll see if I can contact them somehow about this.

On Hybrid-Analysis, Filseclab detects it as being Adware.CsdiMonetize.AI.twym, most likely because I still include a Windows Update required for the application to run on Windows versions older than 10. The writing to the remote process “C:\Windows\System32\wusa.exe” refer to the aforementioned updates which are installed using the “wusa.exe” process and “C:\Windows\System32\cscript.exe” refers to the .vbs script that creates the Windows Firewall exceptions for the LogonUI.exe process (the process under which the application runs). The script is taken from here.

From his XDA thread, he also shared the following information:

I’ve spent about 40% of the development time making the app as secure as possible. The communication between modules is secured using TLS (SSL). The accounts are stored on your computer as they are required when unlocking. However, they are encrypted using a key that is generated based on your fingerprint. As per this article, the generated key is backed by a Trusted Execution Environment, which prevents an attacker from gaining access to the key even if he had compromised the kernel. In other words, only the enrolled fingerprints on your phone can access the key. If you do uninstall, reset your app or even if you change one of your registered fingerprints, the file where the accounts are stored is lost forever and you will need to reconfigure your accounts.

Lastly, research has been done to ensure that, even locally, your accounts are as safe as possible. No password is stored in-app and everything is done locally (between the app and the Windows module) and I’m not, in any way, shape or form, sending through the Internet or seeing anything that you type in-app.

Personally, I find the developer’s explanations to be sufficient. I’m surprised that, until the developer released his app, my Tasker script was the most widespread solution to unlock Windows PCs via the fingerprint scanner on Android. Looking back, my Tasker script was really inelegant, but nobody had made an app that could do better. Sure, Samsung had their own solution, but they limited it to Samsung Galaxy smartphones only. Thanks to Remote Fingerprint Unlock, I can remotely unlock my Windows 10 desktop PC using the fingerprint scanner on my OnePlus 6.