The headline could not have been worse for anyone who cares about the burgeoning field of voice biometrics for secure authentication.
Author Joseph Cox detailed how he had used ElevenLabs to create a digital twin of his voice that was good enough to fool his bank’s Voice Password algorithm.
“Online trolls have already used ElevenLabs to make replica voices of people without their consent, using clips of the peoples’ voices online,” Cox warned. “Potentially anyone with even a few minutes of their voice publicly available—YouTubers, social media influencers, politicians, journalists—could be susceptible to this sort of voice cloning.”
We live in a scary world, indeed. But there are measures you can take to strengthen your protection. In addition to multi-factor authentication, there are specific techniques in voice biometrics that can be used to guard against hacks like this:
Footprint Playback Detection
Footprint playback detection identifies audio samples being used by a potential Fraudster that have already been received and processed by the voice biometric engine. It operates on the premise that a human doesn’t repeat the passphrase phrase the same – ever.
Channel Playback Detection
Channel playback detection identifies that the audio is been played back through some sort of speaker device.
Liveness Detection analyzes biometric features to determine that the speaker is alive and present. It can include challenging users to speak random phrases to confirm they are not a pre-recorded track.
Synthetic Speech Detection
Synthetic Speech Detection analyzes various acoustic and linguistic features, including pitch, rhythm and other phonetic properties, and compares it against human speech patterns to detect deviations indicative of synthetic speech.
These are just some of the ways to strengthen voice biometric authentication solutions against AI voice hacks.
“No security system is 100% secure,” says Brad Scott, Senior Product Manager, LumenVox, “but voice biometrics still offers an easier and more secure solution than traditional authentication solutions like answers to knowledge-based questions.”