cross-posted from: https://fedia.io/m/disabled/t/346115
Banks have started capturing customers voice prints without consent. You call the bank and the robot’s greeting contains “your voice will be saved for verification purposes”. IIUC, these voice prints can be used artificially reconstruct your voice. So they could be exfiltrated by criminals who would then impersonate you.
I could be wrong about impersonation potential… just fragments of my memory from what I’ve read. In any case, I don’t like my biometrics being collected without my control.
The countermeasure I have in mind is to call your bank using #Teletext (TTY). This is (was?) typically a special hardware appliance. As a linux user, TTY is what the text terminal is based on. So I have questions:
can a linux machine with a modem be used to convert a voice conversation to text?
how widespread are TTY services? Do most banks support that, or is it just a few giant banks?
if street-wise privacy enthusiasts would theoretically start using TTY in substantial numbers, would it help the deaf community by increasing demand for TTY service, thus increasing the number of businesses that support it?
Maybe a bit late, but I’ve worked on this kind of functionality. I did not work on the algorithm, but the guys who did say:
- Voice print data is not enough to reconstruct the voice
- There is an input validation step specifically to detect TTS, so you may have trouble. EDIT nvm I read TTY wrong lol, still interesting they check for this
This is of course based on trust, but these are the claims.