Page 30 - GS190401
P. 30
CoverStory
Researchers found overlapping skill sets among service Solving for security
providers. Google, for example, is both a platform and
software integrator. The report characterized business- Gary Glover, vice president of assessments at
to-business and business-to-consumer channels by target SecurityMetrics, sees ease of use as a key driver of voice
market and function. B2C channels typically involve commerce adoption, particularly around the home, where
consumer products and services; B2B channels help consumers can ask Alexa to buy things. "These tasks are
organizations manage administrative tasks. simple to execute at home on a connected device, but I
don't see voice recognition being widely implemented in
"In B2B deployments, voice assistants are finding their retail; there are too many authentication issues," he said.
biggest home in the [organizational] space, with their
largest degree of usage being intelligently sorting and Recalling a recent DefCon presentation called Your Voice
booking meetings and appointments," researchers wrote. is My Passport, Glover cautioned against using voice as
"These can range from conference call scheduling to office an authentication method. With voiceprints all over the
cleaning, depending on how the assistant is deployed Internet, hackers can break voice with a minimum of
within a given company." effort, spoof a target and get into a service that's deployed
today, he stated. DefCon presenter and data scientist
Architecting change John Seymour noted when people say, "my voice is my
passport" to authenticate online, the irony is completely
Scott Goldthwaite, president at Aliaswire, a payment lost on them.
processing platform provider, called voice "the original
killer app for mobile phones," noting that voice assistants Glover mentioned another trending concern in the security
make it easy to transact and pay bills. In his view, community is VoiceAI, which can detect frequencies that
growing and scaling these technologies will ideally are inaudible to humans. Security analysts raised the
require principled design, tangible benefits and a strong possibility that hackers could use white noise or high
supporting infrastructure. frequencies to mask malicious commands. James Vincent,
a reporter specializing in robotics and AI, suggested that
When people change the way they shop, service providers transmitting stealth messages to VoiceAI is common
must change the way they pay, not the other way around, practice among device manufacturers and marketers.
Goldthwaite added. He pointed out that Samsung Pay
and Apple Pay introduced a new way to pay when in- "Using ultrasound as [a] discreet form of digital
person payments were already easy and fast. Consumers communication is actually pretty common," Vincent
presented cards at the POS. Mobile wallets required wrote in "Inaudible ultrasound commands can be used to
consumers to interact with their phones and merchants to secretly control Siri, Alexa and Google Now," published
integrate the solutions into their POS, adding complexity Sept. 7, 2017, by The Verge. "As pointed out in a Fast
without removing friction. Company report on the topic, Google's Chromecast and
Amazon's Dash Buttons both use inaudible sounds to pair
"Digital assistants have simplified online searches, to your phone. And advertisers take advantage of these
shopping and commands but require a lot of complexity secret audio freeways too, broadcasting ultrasonic codes in
in the back end to make transactions seamless, secure and TV commercials that work like cookies in a web browser;
reliable," he said. "It's easy to ask Alexa about the weather. tracking a user's activity across devices."
It's difficult to ask Alexa to pay my mortgage and add an
extra $100 to principal. Translating these concepts into Protecting IoT assets
machine learning can be complicated."
An independent study commissioned by Gemalto and
Kevin Shamoun, CEO at Zeamster, a platform hosted by published by Juniper Research in October 2018 describes
Amazon Web Services, said his company has developed the Internet of Things as interconnected devices, software
a slew of B2B Alexa commands. "Our partners and their and communications protocols. Titled IOT Security: The
merchants can ask Alexa to close a batch, light up a Key Ingredients for Success, the study calls for a multilayered
terminal or transact on a specific terminal in the store. approach to protecting IoT assets.
But the best feedback we've received from larger ISOs has
been about Alexa's batch totals skill." "The idea of layers in cybersecurity is a fundamental
concept," researchers wrote. "The reason for this is that,
Zeamster partners estimated that approximately one third should one layer fall to the efforts of a cybercriminal, other
of help desk calls are batch total requests, which digital layers remain in place that help to mitigate any potential
assistants can mostly eliminate, Shamoun said. "With damage done."
integrated voice, a business owner sitting at home can ask
a digital assistant for batch totals. There are so many other As Juniper previously noted in The Digital Assistants of
skills we can do, but eyeballs go up when we mention our Tomorrow, the voice value chain is also a multilayered
batch total feature." landscape, populated by cloud-based service providers,
device manufacturers and sales channel partners.
30
