Free Trial
Contact Us
Podcast

Root Causes 526: Voice Biometrics Are Worthless

Hosted by
Tim Callan
Tim Callan
Chief Compliance Officer
Jason Soroko
Jason Soroko
Fellow
Original broadcast date
September 12, 2025

Based on the ready availability of AI-based voice cloning, we declare voice biometric authentication to be utterly valueless.

Podcast Transcript

Lightly edited for flow and brevity.
Tim CallanTim CallanSo Jason, it's been a while since we talked about deep fakes. We've been remiss. But there was just a funny little news item recently that you called my attention to. What was it?
Jason SorokoJason SorokoSam Altman, CEO, current CEO of OpenAI, was speaking to banks specifically, and banks have doubled down, tripled down, quadrupled down on voice biometrics. A lot of people call, the number on the back of a credit card and there's a voice authenticator. Saying this is you.
Tim CallanTim CallanI have services that will do that.
Jason SorokoJason SorokoSo do I. So I bet you there's not a bank in the world that doesn't have electricity, right, that doesn't use some form of voice authentication or verification of some form, and Samuel was making the point that that probably wasn't a good idea a while ago, but with current, absolutely mainstream AI technology available to everybody, including your grandmother, today, the ability to take somebody's voice and copy it is no problem at all. Sam Altman was making the point, there's probably never been a time more than right now where we have to declare voice as being something that cannot distinctly identify you.
Tim CallanTim CallanAbsolutely. I mean, I think this is even a problem with video. But it's a gross problem with voice.
Jason SorokoJason SorokoWe're sitting here in a podcast studio, we've got our handy dandy, fantastic engineer sitting behind the desk over here, and I tell you that I've processed, Tim, a ton of audio just with playing around with this podcast and audio is one of those things where it's the ability to manipulate it in ways where there's just no way to know that it was manipulated. In other words, being able to take our voices off of this podcast even, off of the public, and being able to recreate us, I wouldn't be shocked if we find ourselves being recreated elsewhere saying anything.
Tim CallanTim CallanAbsolutely. I mean, yes. I mean, we did, at this point a long time ago, more than a year ago, we did a podcast that started with an AI simulation of our voices that was just based on a couple minutes of both you and me from earlier episodes of this podcast.
Jason SorokoJason SorokoI recall, Tim, you, reminding me that one of our executive team members - I won't name who it was - said flat out, I thought that was you guys for real speaking.
Tim CallanTim CallanUntil you broke in.
Jason SorokoJason SorokoSo we're talking about like a person who's plugged in, very intelligent, could not distinguish us.
Tim CallanTim CallanThat's a low stakes scenario. We have seen like plenty of real attacks in the real world where real money is at stake. This fundamental idea that I'm going to dial in to something where there's money, like a bank account or a trading account, and I'm going to make this statement, which is always the same - whatever it is - was it my voice is my ED badge or whatever you're supposed to say. It's easy enough to determine what that is. It's easy enough to make a recording of that based on a deep fake of anybody where you can lift their voice. You can be, I mean, it's bad enough for you and me, where we're putting our voice out there where everybody can see it. But any senior executive at any publicly traded company is talking to the market. There's lots of ways you can get lots of people's voice and this is just a very broadly available technique.
Jason SorokoJason SorokoLet's talk about the attack, the really bad attack vector for the bank. This is what Sam Walton was referring to indirectly, which is account takeover.

So I want to be able to completely take over a person's bank account and be able to log in as them online. Well, one of the easiest ways to do that if you don't have the username and password and multi-factor authentication is to call up the bank and answer a couple of probably not terribly difficult questions to answer, knowledge-based questions.
Tim CallanTim CallanThat you might be able to just get through a little bit of research.
Jason SorokoJason SorokoThat's correct. Then, if the only other thing you have, the only other bar that you have to get over is you have to have the same voice as that person who was recorded previously as part of the security system. Well, my voice is certainly not a secret, Tim. Neither is yours. If that's it, then the username and password is not the bar that the attacker needs to get over. They simply need to be able to answer those knowledge-based questions and have copied somebody's voice. That's all. So that's a very low barrier to account takeover. That's what Sam Altman was worried about.
Tim CallanTim CallanAbsolutely. I think that's exactly right, and account takeover being kind of the immediate, obvious attack. I also think that if we have even a little bit of imagination, we can imagine these same basic techniques applied all kinds of ways to all kinds of things.
Jason SorokoJason SorokoTim, voice authentication is all over the place.
Tim CallanTim CallanIt's just fundamentally, foundationally insecure, irretrievably insecure.
Jason SorokoJason SorokoI've talked to so many people about biometrics. Tim, you and I have done whole biometric episodes in the past. If you've missed any of those, please google it, because we've talked about this 10 ways from Sunday. I think a lot of people are still under the impression that biometrics are some kind of just the secret sauce of how to do authentication well. To me, there are usages for them. But I think we have to take voice off the table.
Tim CallanTim CallanLike you can make the case. You can say, you know what, if I take a high res picture of you, I can actually get the information I need to fool an iris scan. But gosh, ain’t no script kitty in Vietnam going to be using that to get my North American bank account. So that one, you got to think of the scenario. All these things. How do these come in? How do they make sense? But voice can be sent from anywhere. Like voice is as bad as username and password in terms of the level of engagement and involvement the attacker needs to use it. It's really no different than a stolen set of logging credentials. No different.
Jason SorokoJason SorokoYou’ve inspired me to almost think of doing an episode where not even sure it's ethical, but it's almost like, how much of Tim's biometrics can we collect. Just what's publicly available?
Tim CallanTim CallanHow would you get my voice?
Jason SorokoJason SorokoIf there's any high resolution images of you available - -
Tim CallanTim CallanYou could conceivable get my iris.
Jason SorokoJason SorokoAnd all of a sudden, it kind of gets crazy.
Tim CallanTim CallanMaybe you could get the way I type.
Jason SorokoJason SorokoOh, behaviorals is one of the easiest things to get.
Tim CallanTim CallanOnce you're key logging me. You get how I use the mouse, how I type, you can get those things. Fingerprint without physical contact might be hard.
Jason SorokoJason SorokoNot impossible, if you were absolutely being targeted, but you're making the point that there are certain kinds of biometrics that are better than others. Geez. I just thought of a new episode. Not all biometrics are created equal, Tim.
Tim CallanTim CallanNot all biometrics are created equal. There's an episode.

Stay informed with expert insights

Subscribe to Root Causes for engaging discussions on PKI, digital security, and best practices for protecting your organization's critical assets. Don’t miss an episode!

Listen on Apple PodcastsListen on SpotifyListen on SoundCloud