Using tools already on smartphones, including the compass, researchers are developing an app to stop machine-based voice impersonation attacks on voice-based smartphone apps such as Siri and WeChat. With just a few minutes of audio samples, attackers can replay your voice convincingly enough to trick people as well as top digital security systems. Also Read - Top 5 best stock trading apps in India in 2021: Tradingview, investing.com, INDmoney, moreAlso Read - Top 5 Android apps that help quit smoking
The consequences, from impersonating you with your friends to dipping into your bank account, are terrifying. “We cannot decide if voice authentication will be pervasive in the future. It might be. We’re already seeing the increasing trend,” said Kui Ren, Professor at University at Buffalo in New York, and one of the study’s lead authors. “And if that is the case, we have to defend against voice replay attacks. Otherwise, voice authentication cannot be secure,” Ren said.
Voice recognition attacks can come in various forms. Attacks can synthesise your voice, but these are detectable by existing algorithms. A human can imitate your voice, but again, existing technology can detect this. A third method is replaying someone’s actual voice, and here is where the new invention comes in. Any replay must be broadcast on a speaker, and speakers have magnetic fields. ALSO READ: Amitabh Bachchan, to Rakhi Sawant: Who we wish should be the voice for Apple s Siri in India
Ren’s system, scheduled to be presented at the 37th International Conference on Distributed Computing Systems in Atlanta, uses the magnetometer in a phone, which is there for the phone’s compass, to detect a magnetic field. In addition, the system uses the phone’s trajectory mapping algorithm to measure the distance between the speaker and the phone. When a replayed voice is moved, the magnetic field changes and the phone can detect this. ALSO READ: Your smartphone apps may be secretly talking, breaching security: Study
The research team plans to refine the system and soon make it downloadable as an app.