The Case for Voice Biometrics in Virtual Assistants

I was reminded again today of the inherently flawed system that enables our virtual assistants to do our bidding. While voice recognition is one thing (not trivial in the slightest), actually identifying the source of that voice is another.  Siri, Alexa, Google, and Cortana are all pretty good at responding to your voice request with an action or an answer to a question.  This is incredibly convenient for allowing me to stay on the couch and ask Alexa to turn the thermostat up a few degrees or to dim the living room lights.  However, she could care less WHO asks her, just that the request was made.

This has been a minor nuisance in the past, even in our house.



Other examples have ranged from humorous to disgusting.. really, who adds "big fart" and "hunk of poo" to their shopping lists?  Oh right.. kids.

This seemingly comical behavior that Alexa or Siri will do whatever you ask her to, becomes less so when you combine it with your physical security systems or home automation which can trigger things like the unlocking of deadbolts, the opening of garage doors, or summoning your fancy Tesla S.

Posted on Reddit, comes the story of a man who automated most of his house including the August door locks and used Siri and HomeKit for voice commands.  This enabled him to unlock the door by asking Siri to do it. Now instead of 'sled dogs' being added to his shopping list by the kids, the locks could be activated by anyone within shouting distance of the iPad.  While Redditors were quick to point out that he should have required a PIN to use HomeKit devices, that would make the virtual assistant pretty useless.  Get up, type in a PIN on the iPad, then issue the voice command?  Sha, right.  As if...

 It's clear that unauthenticated voice commands are problematic.  So what can the developers of these virtual assistants do about it?  Why not look at speaker recognition to identify the individual making the request and authenticate based on voice characteristics?  This is moving forward for other sensitive transactions like voice banking.  There's a great infographic from Nuance that talks about the science and debunks some of the myths. This would reduce or eliminate rogue requests from unauthorized parties and allow you to use voice-triggered HA systems more securely.

In the meantime, if you're on a conference call with a number of people who work from home, I encourage you to ask Alexa to play Jingle Cats or order diamond earrings from Amazon and see how many Echos you can get to respond.

Wink Hub 2 News

Not only has Flextronics seemingly saved the Wink from the PR nightmare that was brick-a-thon 2015, but they've really made some significant strides to push the HA market forward.  Recently they announced the new Wink Hub that touts the addition of BLE, enhanced local support, wired connectivity, and simplified device discovery. It also look much nicer meaning I can probably take it out of the cabinet that it's been relegated to.

Probably no need to use the old hub as a Zwave hub since mesh networking takes care of any remote connectivity issues that may arise.  Guess it's destined for eBay to be picked up for pennies on the dollar.  Actually, I think I only paid $20 for it at the time when it was part of some promotional bundling deal with bulbs.  

Noticeable absences are HomeKit and maybe some cloud-to-cloud support, but honestly i don't think that Apple is going to prevail here if they require an AppleTV or iPad to be left at home for on-the-go automation.