Android ‘Trusted Voice': My Voice Is My Password

Today device unlocking has become far more secure over the years, from PIN number unlock to Pattern unlock and biometric unlocks including fingerprinting and facial recognition. But…
…What If Your Android Device Can Identify Your Voice before authenticating any access?
This exactly what Google is trying to provide its Android 5.0 Lollipop users.
Users running Android 5.0 Lollipop on their smartphone devices may soon be able to unlock their devices simply by saying “OK Google.”
“Smart Lock” is one of the most convenient security features provided in Lollipop that offers a handful of clever ways to unlock an Android device automatically, which yet includes:
  • Trusted Device
  • Trusted Places
  • Trusted Face
However, Google is now rolling out a new smart lock, dubbed “Trusted Voice,” that uses your voice as a password to unlock your device.
Just as your fingerprint or face recognition is considered distinctive enough for biometric recognition system purposes, so is your VoicePrint unique too enough to identify you.
Android’s Trusted Voice feature provides you the authentication of your Lollipop 5.0 device when you give an “OK Google” voice command.
This is not new the very first time Google is introducing this feature…
…the company is already offering voice recognition feature in devices such as the Nexus 6, but the function didn’t work for them as some of the voice commands provided by the users get blocked by a secure lock screen.
However, this new “Trusted Voice” smart lock resolves this problem by bypassing the lock based on how you say “OK Google,” which means now it won’t matter how you say OK Google.
How Secure is this system?
Now that’s the point which has to be discussed:
When you enable “Trusted Voice” on your smart device, pop up warns you that this feature is not as secure as other methods to lock the screen.
This is because someone with a similar voice could potentially fool your smartphone, or anyone could just use a recording of your voice to unlock your device.
So, Better Keep your Android Device away from mimicry artist;)
In real World, Biometric devices use similar voice verification as 2nd-factor of authentication, where an automated system can identify individuals by measuring their unique vocal characteristics.
If a sample of your voice matches, you are verified as being who you claim to be.
So far, it is not clear whether Google will keep users’ voice samples on Android device locally or it would send it to their Cloud as well.
FBI ALSO WANT YOUR VOICE SAMPLES
The FBI Biometric Center of Excellence strongly believes that voice recognition systems are an excellent choice for remote authentication. However, they are deeply interested in collecting massive voice samples around the World.
In 2014, the Operational Technology Division (OTD) of FBI launched a huge database of biometric information, including images of users’ faces, DNA, voice samples, fingerprints, irises, and palms, along with the details of scars, tattoos, and other body marks.
The Agency’s Database already loaded with intimate information about those people as well, who are never convicted of any crime in their entire life.
“Over the years, biometrics has been incredibly useful to the FBI and its partners in the law enforcement and intelligence communities—not only to authenticate an individual’s identity (you are who are say you are), but more importantly, to figure out who someone is (by a fingerprint left on a murder weapon or a bomb, for example), typically by scanning a database of records for a match,” said FBI on its website.
Considering Edward Snowden revelation about Big Tech Companies handling over users’ data to US Law enforcement suggests that ‘Trusted Voice’ could become a legitimate way by U.S Government to collect voice samples around the World if not protected properly.