In today’s digital chorus, your voice is the newest solo. It’s not just for singing in the shower or whispering sweet nothings anymore. No, it’s now your unique password, your very own vocal barcode. However, just as we’re crooning over the idea of voice authentication, hackers are hitting a high note, mastering the art of mimicking it.
The science behind voice authentication
When enrolling in voice authentication, you are asked to repeat a specific phrase in your own voice. Think of it as your vocal passport. You repeat a phrase, and the system pulls a unique “voiceprint” from it and stores it. Next time you try to access it, you repeat a different phrase, and the system checks it against your stored voiceprint. If it’s a match, you’re in.
MORE: ARE YOU READY FOR AI VOICE CLONING ON YOUR PHONE
How hackers use deepfake software to create fake voices
As voiceprints became more prevalent, hackers realized they could leverage machine learning-enabled deepfake software to generate convincing copies of a victim’s voice using minimal recorded audio. Now, what’s a deepfake, you ask? It’s essentially a digital doppelgänger, an artificial intelligence that can mimic voices or faces with unsettling accuracy. In the case of audio deepfakes, the software studies the nuances, pitch, inflections, and rhythm of a voice sample. Then it generates a voice that’s eerily similar to the original. Yes, we’re talking about ventriloquist’s dummies coming to life here, parroting back voices in a way that can fool not only human ears but also the latest voice authentication systems. In response to these vocal imposters, developers strummed a counter-beat: they devised “spoofing countermeasures” to distinguish the authentic voices from the mimics, the human from the machine-made.
Voice authentication systems vulnerable to deepfake audio attacks
However, researchers at the University of Waterloo have found a way around these countermeasures. They’ve figured out how to make the deepfake audio sound so real that it can fool most voice authentication systems. In a recent test against Amazon Connect’s voice authentication system, they managed a 10% success rate within four seconds, jumping to over 40% in less than 30 seconds. For less advanced systems, they achieved a whopping 99% success rate after only six attempts.
MORE: MOVE OVER SIRI – APPLE’S NEW AUDIOBOOK AI VOICE SOUNDS LIKE A HUMAN
How to prevent cyber crooks from stealing your vocal identity
Not all is lost in this symphony of cyber shenanigans, though. There are ways to ensure your vocal solo isn’t stolen and used in a hacker’s remix. Let’s conduct a deeper dive into these safety measures, your very own cybersecurity vocal warmup:
- Be aware of voice replay or voice cloning: One way fraudsters can carry out voice authentication fraud is through voice replay attack or voice cloning, where they record a person’s voice during a phone conversation and then use it to authenticate themselves as that person in a subsequent call.
- Be cautious when sharing personal information: It’s important to be cautious when sharing personal information, including your voice, and to only share it with trusted sources. If you’re enrolling in voice authentication, make sure you’re doing so with a reputable company or organization.
- Be wary when answering phone calls from unknown numbers or people: Be cautious when answering phone calls from unknown numbers or people, as they could be recording the call. Additionally, be wary of unsolicited requests for personal information or verification codes, as these can be signs of a scam.
- Enable two-factor authentication whenever possible: Two-factor authentication adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.
- Strengthen your passwords: 1Password$2.99 a month, billed annually
- Keep your software up to date:
- Use secure networks: Your digital security is only as strong as your weakest link, and often, that’s the network you’re using. Make sure you use secure and trusted networks when using voice authentication. Your home Wi-Fi is your personal recording studio. At the same time, public networks are the equivalent of singing your password out on a crowded street. If you wouldn’t share your bank account details at a coffee shop, don’t share your voiceprint there.
- Disable voice assistant when not in use: When you’re not using your voice assistant, switch it off or mute it. It’s like packing up your microphone after a concert—you wouldn’t leave it on for someone else to use, would you? If it’s not needed, power it down. You’ll save on battery life and keep snoopers at bay.
- Invest in identity theft protection services:
- Identity Guard. Identity Guard will monitor personal information like your Home title, Social Security Number (SSN), phone number, and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. One of the best parts of using Identity Guard includes identity theft insurance of up to 1 million dollars to cover losses and legal fees and a white glove fraud resolution team where a US-based case manager helps you recover any losses.
- Special for CyberGuy Readers: Identity Guard. Read more of my review of best identity theft protection services here.
MORE: DON’T LET SNOOPS NEARBY LISTEN TO YOUR VOICEMAIL WITH THIS QUICK TIP
Kurt’s key takeaways
In the grand orchestra of technology, each of us has a part to play in ensuring our own digital safety. Voice authentication, despite its potential vulnerabilities, is still a significant step forward in personal security technology. It’s a leap from the monotone hum of passwords to the vibrant symphony of unique voiceprints. However, as the researchers at the University of Waterloo remind us, no system is foolproof. We must stay vigilant, practice good cybersecurity hygiene, and remain aware of the latest tech trends.
Now that you know your voice can be your password, are you ready to sing the chorus of voice authentication, or would you stick to the old-school beat of typing passwords instead? Let’s hear your thoughts in the comments below.
FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.