An audio spectrum representing voice hacking.

Voice hacking grants others unwanted access to your devices.

There appears to be no rest for the world of cyber security. Hackers are vigilant and in order to keep the personal and private information of the public safe, cyber security experts must be as well. A popular target for hackers are smartphones and other mobile devices. As people rely more and more on this form of technology for everyday task, the more likely they become a victim of security threats. The companies who create these devices constantly update them to prevent such events. However, hackers are crafty. For example, their newest method to hack your phone involves using cutting-edge voice hacking.

Mimicking You Through Voice Hacking

While still in its infancy, sending commands to your smartphone or mobile device via voice controls is on the rise. Digital assistants like Siri, Cortana, Alexa, and others are becoming an essential part of the user experience. Even Apple has dedicated their time to updating Siri with a better intelligence.

What’s troublesome is that hackers can record audio samples while you are engaging with these digital assistants. They are able to mimic your voice, convincing other that they are you. This malicious technology allows hackers access to personal accounts and security mechanisms.

In an interview with Forbes, Yuval Ben-Itzhak, chief technology officer at AVG, warns against using speech recognition apps, recommending that users disable them right away. “At the moment, leaving biometric technology as it is today is like leaving a computer without a password and just allowing anyone to walk by, click and take an action,” says Ben-Itzhak.

Stopping Voice Hacking in Its Tracks

The researchers at the University at Buffalo have the same thoughts as Ben-Itzhak. That’s why they’ve developed a way to detect and prevent hackers from using obtaining your voice patterns. The engineers were able to create an app that stops voice hacking using a smartphone’s existing components.

“Technology is advancing so fast; we have to think of different ways. The strategy is using multiple lines of defense. We call that defense in depth,” says Kui Ren, Ph.D., director of the Ubiquitous Security and Privacy Research Laboratory (UbiSeC) at UB, and one of the study’s lead authors.

Ren and his team’s study focused on hackers replaying someone’s voice to access a device. Hackers will use speakers to perform such a task. The app uses the following tools:

  • A magnetometer in a phone to detect the speaker’s magnetic field.
  • The phone’s trajectory mapping algorithm to measure the distance between the speaker and the phone.

The app also uses movement to detect the difference between a person and a replayed voice, the latter’s magnetic field changes when moved.

“We cannot decide if voice authentication will be pervasive in the future. It might be. We’re already seeing the increasing trend,” Ren said. “And if that is the case, we have to defend against voice replay attacks. Otherwise, voice authentication cannot be secure.”

This research is crucial to keeping digital users safe. Some technology already exists that prevent other forms of voice hacking from occurring. Hopefully, people will soon be able to add the University at Buffalo’s app to their phone’s security.