Voice authentication is increasingly being utilized in remote banking, call centers, and other security-critical settings. It enables businesses to confirm the identity of their clients using a purportedly unique “voiceprint.” The vulnerability of automatic speaker verification systems (ASVs) to spoofing attacks instigated the development of countermeasures (CMs), whose task is to differentiate between bonafide and spoofed speech.
A method of attack developed by computer scientists at the University of Waterloo can successfully get beyond voice authentication security measures with a success rate of up to 99% after only six tries.
They developed a method to trick most voice authentication systems in six tries while avoiding spoofing defenses. They discovered the telltale signs in deepfake audio that indicate it is computer-generated and developed a program that eliminates these signs, rendering it indistinguishable from real audio.
In a recent test against the voice authentication system of Amazon Connect, they were successful 10% of the time in a four-second attack and 40% of the time in less than thirty seconds. After six tries, they had a 99.9% success rate with some of the less advanced voice authentication systems they targeted.
While voice authentication is undoubtedly preferable to having no additional security, the spoofing countermeasures are seriously deficient.
Andre Kassis, a Computer Security and Privacy Ph.D. candidate and the lead author of a study detailing the research, said, “The only way to create a secure system is to think like an attacker. If you don’t, you’re just waiting to be attacked.”
Kassis’ supervisor, computer science professor Urs Hengartner added, “By demonstrating the insecurity of voice authentication, we hope that companies relying on voice authentication as their only authentication factor will consider deploying additional or stronger authentication measures.”
- Andre Kassis, Urs Hengartner. Breaking Security-Critical Voice Authentication. 2023 IEEE Symposium on Security and Privacy (SP). DOI: 10.1109/SP46215.2023.00139