Siri[1], WeChat[2] and other voice-based smartphone apps can expose you to voice hacking, warn scientists who are developing a new app to stop the growing security threat.
With just a few minutes of audio samples, attackers can replay your voice convincingly enough to trick people as well as top digital security systems, researchers said.
The consequences, from impersonating you with your friends to dipping into your bank account, are terrifying, they said.
Using only tools already on smartphones, a team of engineers led by University at Buffalo[3] in the US is creating an app to stop voice hacking.
A prototype proved highly accurate in stopping machine-based voice impersonation attacks, researchers said.
"Every aspect of your life is now on your phone," said Kui Ren, director of the Ubiquitous Security and Privacy Research Laboratory (UbiSeC) at UB.
"That is your security hub. It is really critical now. Hackers are out there, more than you can imagine. There is a whole underground grey market to sell your password and your personal information," said Ren.
The best way to protect your cellphone, he said, is to use several security methods.
Voice recognition[4] could become a more common security tool because more Internet-connected devices are being developed that do not have keypads.
"With the Internet of Things[5], what is a security interface? It is not like the phone. There is often no touch screen or keypad so voice authentication may be useful," Ren said.
Attacks can synthesise your voice, but these are detectable by existing algorithms. A human can imitate your voice, but again, existing technology can detect this.
A third method is replaying someone's actual voice, and...