Joseph Cox of Vice recounted how he called his bank’s automated service line to test this theory out. When prompted to say, “My voice is my password,” rather than uttering the statement himself, he played a clip he had made with an AI voice creation tool to say it. Within seconds, he was given access to his account.
He said: “I had used an AI-powered replica of a voice to break into a bank account. After that, I had access to the account information, including balances and a list of recent transactions and transfers.”
He said that when he later tried the same thing with an account at the UK financial institution Lloyds Bank, his first attempt failed. However, after playing around some more with the AI software from ElevenLabs, having it read longer texts to improve the believability of its cadences, he did manage to get inside the account.
He explained how easy the software is to use. He recorded a few minutes of speech and uploaded it to ElevenLabs; it then created the synthetic voice, which was capable of saying whatever text he entered into the site.
This means that anyone with access to recordings of someone else’s voice could potentially pull off a similar feat. Although the software says it is for providing voices for videos, books and newsletters, it doesn’t have robust safeguards in place to prevent abuse.
Lloyds Bank boasts that its Voice ID program is safe and unique to each person, analyzing more than 100 characteristics such as how fast you talk, your accent and how you use your vocal cords. It says it can even recognize you if you have a sore throat or cold – but apparently it can’t tell human voices apart from AI-generated ones.
Wells Fargo, TD Bank, Chase, and many others employ similar technology. Many banks enable users to conduct banking activities over the phone, including checking their account balances and transaction history and transferring money.
Rachel Tobac, SocialProofSecurity CEO, told Motherboard: “I recommend all organizations leveraging voice ‘authentication’ switch to a secure method of identity verification, like multi-factor authentication, ASAP.”
She added that the technology makes it possible for people to breach a person’s account without having ever interacted with them in real life.
In fact, Cox noted that people have already used the software in question to replicate people’s voices without their consent. For example, they can take clips of people’s voices that are already available online – whether it’s a TikTok or YouTube video of a social media influencer or even an ordinary person or news footage of politicians and other celebrities – and use them to clone their voice.
Members of 4chan have used the software to make it sound as though celebrities are making racist and transphobic comments; in one incident, they used the voice generator to make it sound like actress Emma Watson reading Mein Kampf. After the incident made headlines, ElevenLabs said that although it is capable of tracing generated audio back to specific users, it is also exploring additional safeguards, such as requiring users to provide payment information or full ID identification.
Relying on voice authentication to protect your bank account is not a smart move these days. At the very least, users should set it up to use a second factor for authentication as well. As AI tools continue to evolve and improve at a rapid pace, what seem like cutting-edge authentication measures now could soon become very easy to breach.
Sources for this article include: