Seems ironic at first glance, but it's really a different domain. - Voice rec for personal identification. Posted: Sep 22nd, 2017 - 3:47 am In Reply to: Nuance Leads 19 Vendors in Fraud Detection in Newly Published Analyst Report - sm
For instance, instead of swiping an access card at a door, the person says his name and a password. The access system then analyzes his voice pattern, decides whether it's authentic or not and either unlocks the door or does not.
So this is the domain called "biometrics" and includes not only voice rec, but also things like fingerprint recognition, retina pattern recognition, etc.
All such systems can be subject to fraudulent attempts to defeat them or fool them - and that's what this analysis was about. How good are different vendors' systems at recognizing such attacks?
So, for instance, you (Miss Evil) might kidnap the manager of a bank and force him to speak his name and password into a recorder. Then, at the door of the bank, you play the recording. Will the system let you in or not?
Or, you know someone who's an excellent impersonator and hook up with them to do the bank manager's voice.
Of course, with things like Siri and Alexa, this now extends onto the Web and involves potentially risky applications that are mediated by voice...such as perhaps getting your bank balance using only vocal commands.
Just the other day, a woman's parrot placed an order on Amazon with Alexa. She found out about it when the shipping confirmation came to her email box. Had no idea what happened until she noticed her parrot hollering at the Alexa thingie which was near its cage. "Alexa!" "How may I help you?"...etc.
This was a very bright bird. Amazon, not so much, although they did offer to take the $15 purchase of decorative gift boxes back.
So, this voice thing is infiltrating lots of things - perhaps you'll tell your microwave "cook 50% power 5 minutes". Whether it's important to (a) just understand what command or request you're making, or (b) also authenticate you as a person with certain privileges, access rights as well will, of course, depend on the nature of the task. Microwave, not so much. Arming/disarming the security system, of course. TV blocked channels, perhaps.
The Opus Research report just says that the Nuance system (which is not directly related to anything we use) was best at recognizing fraudulent voice patterns.
Now, here is where our recent experience with Nuance DOES come into play. For these systems to work, there must be a central server or distributed servers where the analysis of your voice is performed, and that means storage of authenticated examples of your voice. If someone hacks into the server(s), they can do one of two things: They can download your samples to be used in an attack on a system that trusts you using your sample at the door or otherwise injecting it into the access process. Or they can upload and replace your samples with some of their own and simply use their own voice then to impersonate you.
Here, based on the recent hacking catastrophe - and Nuance's incredibly incompetent response to it - is where I think I'd probably pass on Nuance (if I were purchasing such a system) and take a hard look at whichever company came in at Number Two in the ratings.
The Opus Research analysis is more "nuanced" than what I've described (looking at things like maintaining security across enterprise systems, etc.), but that's the gist of it.
Post A Reply Reply By Email Options
Complete Discussion Below: (  marks the location of current message within thread)
|
