As the wearables market continues to grow, there is concern around associated security issues that make personal data vulnerable to hacking. However, a new innovation in voice-based log-ins and authentication software is poised to change this.
A team from the University of Michigan has developed a series of eyeglasses, ear-buds and necklaces that are embedded with security-tokens designed to remove the vulnerabilities that otherwise exist with traditional voice-based log-in systems.
The Danger of Current Systems
Giving verbal commands to electronic devices is growing in popularity, especially as IoT grows. However, this verbal channel is called ‘open channel’ by researchers, who know that it can be copied – or spoofed – by hackers. This means that where systems only use voice signatures as a means of authentication, serious security flaws can exist, and a secondary level of authentication is necessary to reduce risks.
The university team have created a system called VAuth, which is a wearable device that registers individual speed-based vibrations produced by the user’s body and then pairs them with the actual sound of their voice to create a signature which is both secure and unique to the user.
A Usable Prototype Ready to Develop
A prototype has now been built with an embedded accelerometer which is designed to record motion and Bluetooth to transmit the data to the device’s microphone. It is the first meaningful attempt to secure voice authentication and will ensure that voice assistants will only respond to the individual’s commands in a reliable way.
Its level of physical security is believed to be impenetrable even by sophisticated software hackers. The team hope that it will be developed towards commercialisation and eventually be adopted in home safety applications and banking.
The system may eventually form part of an increasingly sophisticated suite of developing technologies that tap into IoT and a growing reliance on digital devices to perform most everyday tasks – from home heating to shopping, flight booking and banking. Examples of other Endpoint Security Management technologies can be found at promisec.com.
The team tested the new system with a pilot of 18 users who made 30 voice comments. The accuracy level was at 97pc with a false positive rate of under 0.1pc, regardless of the wearer’s language, device positioning, mobility or accent. It’s a promising start for this technology.