Siri, WeChat and Other Voice-based Apps May Put You at Risk of Voice Hacking: Study
Attacks can synthesise your voice, but these are detectable by existing algorithms.
Representative Image: (REUTERS/Suzanne Plunkett)
Siri, WeChat and other voice-based smartphone apps can expose you to voice hacking, warn scientists who are developing a new app to stop the growing security threat.
With just a few minutes of audio samples, attackers can replay your voice convincingly enough to trick people as well as top digital security systems, researchers said.
The consequences, from impersonating you with your friends to dipping into your bank account, are terrifying, they said.
Using only tools already on smartphones, a team of engineers led by University at Buffalo in the US is creating an app to stop voice hacking.
A prototype proved highly accurate in stopping machine-based voice impersonation attacks, researchers said.
"Every aspect of your life is now on your phone," said Kui Ren, director of the Ubiquitous Security and Privacy Research Laboratory (UbiSeC) at UB.
"That is your security hub. It is really critical now. Hackers are out there, more than you can imagine. There is a whole underground grey market to sell your password and your personal information," said Ren.
The best way to protect your cellphone, he said, is to use several security methods.
Voice recognition could become a more common security tool because more Internet-connected devices are being developed that do not have keypads.
"With the Internet of Things, what is a security interface? It is not like the phone. There is often no touch screen or keypad so voice authentication may be useful," Ren said.
Attacks can synthesise your voice, but these are detectable by existing algorithms. A human can imitate your voice, but again, existing technology can detect this.
A third method is replaying someone's actual voice, and here is where Ren's invention comes in. Any replay must be broadcast on a speaker, and speakers have magnetic fields.
Ren's system uses the magnetometer in a phone, which is there for the phone's compass, to detect a magnetic field.
In addition, the system uses the phone's trajectory mapping algorithm to measure the distance between the speaker and the phone.
It requires a phone user to be close to the phone when speaking to guarantee that anyone using a replay of a voice over a mechanical speaker is close enough that the magnetic field can be detected.
The system requires that the phone be moving - swung in front of the mouth - when the voice recognition is being used. When a replayed voice is moved, the magnetic field changes and the phone can detect this.
Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.
Recommended For You
- Aamir Khan Looks Like a Hobo in Leaked Pics from Laal Singh Chaddha Sets
- 2019 is Ending But the 'Beginners' Memes are Just Starting
- Thief Calls Houseowner 'Kanjoos' in a Note after He Returns Empty-Handed
- Panipat Box Office Day 1: Arjun Kapoor, Kriti Sanon's Film Has a Slow Start
- Former Mumbai Cricketer Robin Morris Arrested Over Alleged Kidnapping: Report