0

Can voice input as a password be a useful security measure as an alternative to a strong password and biometrics (face, thumb, signature etc)?

The voice inputted as a password will be saved as a sound wave file in the system and while the authenticating end user has to input his voice with the same wordings he / she had spoken while saving the password. In case the system detects the same speech (voice match with his/her saved inputted voice as password), the system will authenticate him to log in to the system.

What are the bottlenecks and limitations to this security authentication measure of voice input?

schroeder
  • 123,438
  • 55
  • 284
  • 319
Prashant Akerkar
  • 111
  • 3
  • 1
    Sounds easy to compromise to me, i.e. record sound and replay. Recording the sound can probably be done by a stealth device not noticeable by the user or not even very near to the user. And with some machine learning proper sounds can also be created from the sound captured by the user at different places, i.e. deep fake audio. – Steffen Ullrich Apr 09 '22 at 06:49
  • Have you looked this up? There is already a lot out there on this topic: https://www.google.com/search?q=Voice+input+as+security+measures+for+system+authentication – schroeder Jul 18 '22 at 07:54

1 Answers1

2

The term you might be looking for is Voiceprint.

Is it secure when done using a single saved recording? No, for reasons mentioned in the comments. Does it approach secure when one instead trains an AI on several pieces of audio and prompts the user to say a random phrase? Depending on the total impact of an attack, maybe.

The attack vector against it is a GAN ("deepfake", or some similar mechanism) which is used to synthesize believable audio from text. It's funny, the security of this decreases the more famous one is. For the average person this would be a fairly intimate attack but not very technically advanced or even expensive these days: https://www.resemble.ai/pricing/

foreverska
  • 1,115
  • 11