<
https://www.vice.com/en/article/dy7axa/how-i-broke-into-a-bank-account-with-an-ai-generated-voice>
"The bank thought it was talking to me; the AI-generated voice certainly
sounded the same.
On Wednesday, I phoned my bank’s automated service line. To start, the bank
asked me to say in my own words why I was calling. Rather than speak out loud,
I clicked a file on my nearby laptop to play a sound clip: “check my balance,”
my voice said. But this wasn't actually my voice. It was a synthetic clone I
had made using readily available artificial intelligence technology.
“Okay,” the bank replied. It then asked me to enter or say my date of birth as
the first piece of authentication. After typing that in, the bank said “please
say, ‘my voice is my password.’”
Again, I played a sound file from my computer. “My voice is my password,” the
voice said. The bank's security system spent a few seconds authenticating the
voice.
“Thank you,” the bank said. I was in.
I couldn’t believe it—it had worked. I had used an AI-powered replica of a
voice to break into a bank account. After that, I had access to the account
information, including balances and a list of recent transactions and
transfers.
Banks across the U.S. and Europe use this sort of voice verification to let
customers log into their account over the phone. Some banks tout voice
identification as equivalent to a fingerprint, a secure and convenient way for
users to interact with their bank. But this experiment shatters the idea that
voice-based biometric security provides foolproof protection in a world where
anyone can now generate synthetic voices for cheap or sometimes at no cost. I
used a free voice creation service from ElevenLabs, an AI-voice company."
Via
The RISKS Digest Volume 33 Issue 64:
http://catless.ncl.ac.uk/Risks/33/64#subj26
Cheers,
*** Xanni ***
--
mailto:xanni@xanadu.net Andrew Pam
http://xanadu.com.au/ Chief Scientist, Xanadu
https://glasswings.com.au/ Partner, Glass Wings
https://sericyb.com.au/ Manager, Serious Cybernetics