“I couldn’t believe it — it had worked.”
Conned by a Clone
If you’re not already worried about AI voice cloning, you probably should be.
Testing the technology’s limits, journalist Joseph Cox at Vice broke into his own bank account by using an AI-synthesized clone of his voice to prove his identity — highlighting both the technology’s dangerous potential as well as the shortcomings of voice biometrics.
When Cox called the automated service line of UK-based Lloyds Bank, the robot on the other end asked him to state why he was calling. He directed it to “Check my balance,” by using an AI-synthesized sound clip of his voice.
The bank then asked for his date of birth, which Cox punched in, before asking him to say aloud “my voice is my password.”
“My voice is my password,” Cox’s voice clone stated.
“Thank you,” the bank replied. And there you go: a human-directed AI voice clone conned its way into a bank account, gaining its wielder access to the account’s balances and recent transactions.
“I couldn’t believe it — it had worked,” Cox wrote.
New: we proved it could be done. I used an AI replica of my voice to break into my bank account. The AI tricked the bank into thinking it was talking to me. Could access my balances, transactions, etc. Shatters the idea that voice biometrics are foolproof https://t.co/YO6m8DIpqR pic.twitter.com/hsjHaKqu2E
— Joseph Cox (@josephfcox) February 23, 2023
Catch Em If You Can
Thankfully the wielder happened to be the owner this time, but there’s no guarantee that malicious hackers in the future won’t be able to pull off the same con on unsuspecting individuals.
Cox used a cheap and popular AI voice cloning tool from ElevenLabs, which you may have already seen deployed in viral memes of a fake Joe Biden voice and the gutters of 4chan.
To produce a convincing copy, all a user of the tool has to do is upload samples of whatever voice they want to clone, and type in what they want the clone to say — no technical expertise required.
Cox says he used other AI tools to try to pull off the bank job, but none other than ElevenLabs were able to bypass authentication.
Voice biometrics is used at a number of banks, including Chase, Wells Fargo, and TD Bank to verify account holders calling in over the phone.
Lloyds Bank, where Cox’s clone faked its way into, claims that its “safe” Voice ID security feature analyzes over “100 different characteristics of your voice, which like your fingerprint, are unique to you.”
Right now, voice cloning fraud isn’t exactly taking the world by storm since it isn’t always practical for a hacker to obtain your voice — unless you’re famous — but it’s probably best not to rely on it as your sole line of defense.
And while your voice may be unique to you, it’s clearly not unique to an AI — in the eyes of biometrics, anyway.
More on AI: Voice Actors Enraged By Companies Stealing Their Voices With AI