As AI continues to gobble up all data available on the Internet, its reach has expanded to the realm of biometrics – including our voices. Our voices contain distinctive characteristics that allow them to be used as biometric identifiers or “voiceprints.”
Voiceprints have been used as security mechanisms for years, from authenticating bank account access, to allowing a smart assistant to identify preferences, to automating check-in for a telemedicine appointment.
The downside of using our voices as identifiers, however, is that malicious actors have developed voice-driven scams. AI has exacerbated this problem by creating simple and inexpensive ways for bad actors to generate highly accurate artificial copies of our voices: the process of voice cloning.
Voice Deepfakes Now a Simple Process
Straight out of Disney’s The Little Mermaid, a recent Consumer Reports review of popular voice cloning apps found that it is “easy” to create deepfake clones of nearly any voice without the subject’s consent.
The privacy protection features of many voice cloning apps are minimal and easily subverted, often only requiring a user to enter a signature or check a box certifying that they are abiding by the product’s terms of service, or to record a “consent” statement in the subject’s voice. Notably, many voice cloning apps are available to the general public at no cost.
Voice cloning uses AI to generate a synthetic copy of a person’s voice. The technology, built on AI and machine learning algorithms, analyzes a voice recording to identify pitch, tone, inflection and speech pattern nuances.
It then generates a digital voice that can say things that the person may have never said in a voice that is often so accurate, it is difficult to distinguish from the original. (Think of The Little Mermaid’s Ursala saying things in Ariel’s voice that Ariel never said or, in real life, OpenAI’s AI personal assistant allegedly using Scarlett Johanson’s voice without her consent.)
As the technology evolves, the number of voice cloning apps increases and the sample size of the voice recording necessary to generate a highly accurate clone decreases. McAfee researchers were able to produce an 85% voice match using only three seconds of audio and were able to achieve a 95% voice match by training models on only a small number of audio files.
Notably, short videos perform well on social media platforms, and even the shortest of TikTok videos should be at least 10 seconds long – three times the length necessary to create a high-match voice clone if the creator narrates.
Moving Beyond Celebrity Impersonations
Celebrity voices are protected via state-codified privacy tort law. Tennessee pushed the limits of such legislation with the Ensuring Likeness, Voice, and Image Security Act (the ELVIS Act), which adds “voice” as a protectable attribute for personal rights.
This 2024 advancement came in response to the now-infamous Drake/The Weeknd AI-generated song controversy, and in addition to safeguarding recognizable voices from commercial exploitation also creates liability for anyone who “makes available” tools whose primary purpose is to replicate someone’s voice without authorization.
While exploitation of celebrities’ voices makes headlines, the more frequent targets of voice cloning are ordinary people. A clone of almost anyone’s voice can be used in malicious cybercrime.
Voice cloning has increased the sophistication and success of “family emergency” scams, with scammers using a voice clone of a family member’s voice to convince a relative that they are in legal trouble or have been injured and need money sent (to the scammer) immediately.
Advances in voice cloning have also increased the effectiveness of business email compromise (BEC) cyber-attacks, with scammers using the cloned voices of corporate executives in messages to employees directing them to transfer millions of dollars or confidential information (to the scammer). And as tax season quickly approaches, voice cloning scams add a new weapon to cybercriminals’ already robust arsenals.
Illinois’ Biometric Information Privacy Act (BIPA) established foundational biometric privacy protections that have been adopted across the country. BIPA includes voiceprints as protected identifiers. Other state laws protect voice data, including the New York State Stop Hacks and Improve Electronic Data Security (SHIELD) Act and the California Consumer Privacy Act (CCPA).
Last year, voice actors filed a class action lawsuit against an AI startup, alleging that it deceived them in order to get their voice recordings, from which it generated unauthorized AI clones that it used for advertising, in violation of the New York Civil Rights Law and the US Copyright Act. Although well intended, these laws are unlikely to deter even slightly tech-savvy malicious actors.
Voice Cloning Presents a Unique Security Challenge
The fast-paced evolution and growth of AI presents unique challenges to the way we authenticate and protect our identities. Solutions in the form of voice clone recognition and prevention software are evolving but struggle to outpace malicious use of the tech.
Significantly, global revenue for the voice cloning industry is predicted to reach $10bn by 2030. We are confronting a scenario where cybersecurity risks associated with voice cloning are outpacing regulation.
Until we can watermark our identities, we must remain on alert for scams that feel deeply personal or make us act impulsively. Because getting your voice back from the cyber sea witch rarely has a Disney fairytale ending.