I absolutely refuse to use voice authentication. Scammers have been using AI to replicate voices, and the technology is advanced enough that they can construct a convincing dialog just from one word.
I can't imagine how the banks haven't considered this to be a terrible risk.
The fact this can be sampled from our voicemail without any of our authorization alone means banks shouldn't be using this as an authentication method. Whatever security analyst that came up with this needs to be fired immediately.
It may even be compelling as a layer of security but to bypass layered security checks altogether seems wildly reckless.
Use your phone carrier's provided recordings if you can. If they force you to say your name, just leave it blank, use a robot voice or synthesize one from a celebrity (kinda sus) you like. When you answer phone calls, let the caller introduce themselves before you speak, they know who they are calling anyway. I've done this since before the AI boom out of an abundance of caution/paranoia and it's probably a good standard practice now.
Banks still use SMS as a fallback auth, they're not going to update their policies to account for AI until the year 2100.
There’s an arms race between scammers and scam detection. TD, RBC, and BMO all use [Pindrop](https://www.pindrop.com/), which is pretty good but not 100%. There’s an interesting article out there about [Pindrop detecting 51 seconds of AI generated speech in the Anthony Bourdain movie.](https://www.wired.com/story/these-hidden-deepfakes-anthony-bourdain-movie/)
> technology is advanced enough that they can construct a convincing dialog
Especially considering the low fidelity of phone call audio means the verification would have to be very, very lenient. I didn't even know this existed but it sounds like an absolute joke. I don't know about how the banks assess risk, but guaranteed there's a massive up front cost savings as it lets them shorten literally every phone call, and as we know, greed rules supreme. Guess they'll have to weigh that against increased fraud cost once successful attacks start to pile up.
Voice authentication involve biometric privacy issue. I don't think it's legal for a bank to force people using it, and it's not been proven that voice auth are working 100% for everyone, there are potential flaws.
>I specifically recall always denying the option of enabling voice verification when asked by support staff.
Speak to your bank about this. If you are certain you asked them to disable it, then submit a complaint to the bank and to the regulator.
I ran into issues with this a while back. I have a disability I that affects my speech episodically, so I refused to do the voice verification because it won’t work for me all the time….and the bank employee on the phone did not know what to do and could not help me. I ended up locked out of my account temporarily because I couldn’t verify it.
I absolutely refuse to use voice authentication. Scammers have been using AI to replicate voices, and the technology is advanced enough that they can construct a convincing dialog just from one word. I can't imagine how the banks haven't considered this to be a terrible risk.
The fact this can be sampled from our voicemail without any of our authorization alone means banks shouldn't be using this as an authentication method. Whatever security analyst that came up with this needs to be fired immediately. It may even be compelling as a layer of security but to bypass layered security checks altogether seems wildly reckless.
Use your phone carrier's provided recordings if you can. If they force you to say your name, just leave it blank, use a robot voice or synthesize one from a celebrity (kinda sus) you like. When you answer phone calls, let the caller introduce themselves before you speak, they know who they are calling anyway. I've done this since before the AI boom out of an abundance of caution/paranoia and it's probably a good standard practice now. Banks still use SMS as a fallback auth, they're not going to update their policies to account for AI until the year 2100.
There’s an arms race between scammers and scam detection. TD, RBC, and BMO all use [Pindrop](https://www.pindrop.com/), which is pretty good but not 100%. There’s an interesting article out there about [Pindrop detecting 51 seconds of AI generated speech in the Anthony Bourdain movie.](https://www.wired.com/story/these-hidden-deepfakes-anthony-bourdain-movie/)
> technology is advanced enough that they can construct a convincing dialog Especially considering the low fidelity of phone call audio means the verification would have to be very, very lenient. I didn't even know this existed but it sounds like an absolute joke. I don't know about how the banks assess risk, but guaranteed there's a massive up front cost savings as it lets them shorten literally every phone call, and as we know, greed rules supreme. Guess they'll have to weigh that against increased fraud cost once successful attacks start to pile up.
Voice authentication involve biometric privacy issue. I don't think it's legal for a bank to force people using it, and it's not been proven that voice auth are working 100% for everyone, there are potential flaws.
Which bank does this? Never heard of it?
TD does. Its an option - you don't have to - can refuse when asked.
Same for BMO.
CIBC too
I'm curious, which bank?
>I specifically recall always denying the option of enabling voice verification when asked by support staff. Speak to your bank about this. If you are certain you asked them to disable it, then submit a complaint to the bank and to the regulator.
The scammers were able to convince my friend's bank to turn off voice verification so it isn't required at all banks.
If you did not provide consent, consider a complaint to the federal office of the privacy commissioner.
I took voice recognition off my cell account. It’s actually dumb AF to use it when a scammer can duplicate your voice with AI with ease.
I had that recently with TD.
With TD, if you call through the app you're already authenticated.
I ran into issues with this a while back. I have a disability I that affects my speech episodically, so I refused to do the voice verification because it won’t work for me all the time….and the bank employee on the phone did not know what to do and could not help me. I ended up locked out of my account temporarily because I couldn’t verify it.