Voice AI expands attack surface for speaker biometrics as APIs proliferate

Deepfake voices are already a challenge for authentication systems. But the task is getting tougher, as big players pursue voice AI products that could turn speech into a scalable attack surface for identity systems, creating a world in which synthetic speech represents a real identity infrastructure risk.

The latest to join the likes of ElevenLabs and OpenAI in offering APIs for voice biometrics is xAI – the same firm that gave the world Grok the Deepfake Nude Machine. The company has launched standalone Speech-to-Text (STT) and Text-to-Speech (TTS) APIs, “both built on the same infrastructure that powers Grok Voice on mobile apps, Tesla vehicles, and Starlink customer support.”

The market for speech APIs is getting busier. Rapid advances in voice AI are lowering costs and skill barriers for voice cloning, and companies such as Deepgram and AssemblyAI already have established user bases. Others will follow xAI into the market.

The cumulative result is an undermining of trust in voice as an authentication factor – and a need to rethink speaker biometrics in the context of agentic identity.

Grok, say ‘I need help’ in the voice of Morgan Freeman

Grok’s APIs will make it even easier for millions of people to create believable synthetic voices. For text-to-speech, which converts written text into spoken audio, the API “delivers fast, natural speech synthesis with detailed control via speech tags, and is priced at $4.20 per 1 million characters.” It supports 20 languages and five distinct voices, and offers the ability to manipulate delivery with speech tags.

Grok’s record on nefarious use speaks for itself. What are the chances the same user base that flooded X with fake nudes will see the potential for fraud and mischief in the AI’s TTS API? It is a rhetorical question, but it has real-world implications for voice as a reliable biometric modality for identity infrastructure.

In recent weeks, ElevenLabs launched a system to enable companies to deploy AI agents. According to USA Today, the tool “allows teams to convert internal documentation and workflows into conversational agents, without the need for extensive technical development.”

“These agents are designed to follow structured processes, but deliver responses that sound natural within context.”

This month, Microsoft also launched three new foundational AI models, including a voice generation engine, MAI-Voice-1.

Consider how many phone calls already come from bots. Now consider how easily one might use AI to clone the voice of your loved one. The threshold for certainty is disappearing, at least without rigorous voice liveness and continuous monitoring. The question stands to become, is voice worth the risk?

Be careful whose voice offers an answer.

Voice morphing attack blends identities to bypass voice biometrics: study

A new research paper explores a signal-level approach to voice morphing attacks that exposes vulnerabilities in biometric voice recognition systems.

The abstract describes Time-domain Voice Identity Morphing (TD-VIM) as “a novel approach for voice-based biometric morphing” which “enables the blending of voice characteristics from two distinct identities at the signal level.” TD-VIM allows for seamless voice morphing directly in the time domain, allowing “identity blending without any embeddings from the backbone, or reference text.”

“In biometric systems, it is a common practice to associate each sample or template with a specific individual,” the authors say. Advanced Voice Identity Morphing (VIM) enables the generation of a sample that blends the identities of two or more speakers. “The morphed voice sample can be used to match all identities whose voice samples are employed to generate morphing attacks, thus posing a high risk to application scenarios, such as banking and finance, where single identity verification is essential.”

To explore the problem, the research team “created four distinct morphed signals based on morphing factors and evaluated their effectiveness using a comprehensive vulnerability analysis.” Data was benchmarked against the Generalized Morphing Attack Potential (G-MAP) metric, “measuring attack success across two deep-learning-based Speaker Verification Systems (SVS) and one commercial system, Verispeak.”

“Our targeted analysis on Verispeak highlights TD-VIM’s success rate in challenging advanced SVS defenses,” says the conclusion. “The findings underscore TD-VIM’s potential to bypass sophisticated verification measures, emphasizing the importance of enhancing SVS security.”

The research comes out of the Indian Institute of Technology and the Norwegian University of Science and Technology (NTNU).

Many smartphones don’t detect face biometrics spoofs or properly warn consumers

Biometric liveness detection remains a significant “flaw” and a “vulnerability” of most Android smartphones with facial unlocking. Most are still prone to simplistic and low-cost spoofs available to inexpert attackers, according to an analysis by Which?.

The publication notes that iPhones are generally immune to spoofs with printed 2D photos, due to the depth-sensing capability of Face ID. Some newer Google Pixel devices were also not fooled by flat images in Which? testing.

The convenience factor of native device face biometrics is identified as such sometimes, and Which? acknowledges that “some manufacturers have made strides in providing clearer warnings during setup.”

Yet many Android smartphones do not, it says, including models from OnePlus and Motorola. OnePlus did just release a new phone with in-display 3D ultrasonic fingerprint biometrics from Qualcomm.

Which? labs has tested 208 phones since October of 2022, and found 2D printed photos were good enough spoofs to fool the face biometric unlock systems of 133 devices, or 64 percent of them.

Testing during 2025 revealed a 13 percent improvement, year-over-year, after a brutal 2024 in which the share of spoof-prone devices rose dramatically.

Samsung’s Galaxy S26 has adequate biometric presentation attack detection (PAD), Which? says, but previous models including the Galaxy S25 do not. At least the manufacturer properly warns consumers that its facial recognition is a convenience feature, rather than a high-security one.

While banking apps and digital wallets no longer accept 2D Android face biometrics as a secure authentication factor, Which? warns that users relying on face biometrics to unlock their phone risk a phone thief with their photo reading their text messages, sending emails from their account, which could allow them to reset passwords for other services, access photos and other sensitive documents and view additional information like wallet history and partial payment card information.

The publication advises all smartphone users to unlock their phones with a PIN or fingerprint biometrics. A complex PIN or password provides the “highest” security level, it says. Patterns provide the lowest, Which? says, because they are easily shoulder-surfed. Shoulder surfing is not mentioned in the password guidance.

Which? will also avoid giving “Best Buy” or “Great Value” recommendations to phones that do not adequately inform users about the limits of their face biometrics capabilities.

As for those apps that do recognize a difference between on-device convenience authentication factors and higher-security biometrics, hopefully they have strong injection attack detection (IAD).

Ghost Murmur whispers the arrival of zoemetrics

By Professor Fraser Sampson, former UK Biometrics & Surveillance Camera Commissioner

There are two things about biometrics that make it an endlessly evolving discipline: our signatures of humanity and our ability to track them. The UK’s National Cyber Security Centre defines biometrics as “the automated recognition of individuals based on their biological and behavioural characteristics.” The reach of that automation is expanding rapidly as technology reveals new indicators of personhood and unlocks our capacity to detect them reliably and remotely.

In the latest feat of biometric virtuosity to make the headlines, US forces deployed what some sources called “never-before-used technology” to locate and rescue a downed airman from an Iranian mountain region. The ‘Ghost Murmur’ tool was described by several news outlets as futuristic but – a bit like the plots in dystopian fiction – the actuality is already here.

Biometric technology is unlocking so many modalities (things that we can measure like fingerprints, faces and DNA) that, as I have suggested elsewhere, we are entering the field of zoemetrics where every manifestation of life can be weighed and weighted. While we can attach transmitters to inanimate objects like golf balls and surfboards (although, astonishingly, not yet vehicles), the wonder of zoemetrics is that we are all emitting natural signals all the time, many of them unique to us – and their traceability is blooming with our ingenuity. AI-enabled technology is giving us ever more imaginative ways of calibrating human life and zeroing in on features of individual biological uniqueness that can distinguish us from everyone else. As modalities like voice and pulse recognition have shown, once you can isolate and reliably compare a set of variables for congruence with a pre-determined pattern, you get confirmation of identity which is the grand prize for security, forensics and criminal investigation.

Given the saturation of technology in our ‘expository society’, it’s not surprising when people are found by advanced surveillance capability even in remote settings, but locating a lone human soul so quickly in a vast and unpeopled landscape is still a remarkable feat.

In a dynamic military context, the delay from flash to bang can be short but in law enforcement the latency is different; the policing environment presents a different type of battlefield. Introducing groundbreaking technology can be frustrating and the path from innovation to implementation is often labyrinthine and laborious. A decade after its initial adoption, UK policing is still anguishing over facial recognition technology, with front-line teams perplexed at why their organisations haven’t introduced technology that their teenage offspring are already bored with. While retail businesses are pioneering the sustainable benefits of live facial recognition (LFR) for preventing crime, the police still give advance notice of the few sites where it will be in use so that individuals can ‘opt out’ of being found by it.

By contrast, the take up speed for crime-enabling technology is almost instant and the life cycle from breakthrough-to-bin is as long or as short as opportunity dictates. With the only entry requirement being technical possibility and few, if any, barriers to adoption, the return on investment for the criminal use of biometric technology is a steal. AI-powered technologies are expanding the reach of individual and organised criminals and some of the biggest risks to our communities won’t be prevented by posting a constable at the gates. The availability of Deepfakes-as-a-service is an example of where the impact of AI-enabled technology on the criminal justice system has yet to be understood while the use of drones, molka surveillance, doxxing and swatting is growing.

With so many political pronouncements appearing in all caps braggadocio, genuine claims for innovation can struggle to make themselves heard, but the police talk about ‘game changing’ biometrics without hyperbole and I agree with them. Some AI-enabled solutions offer them never-before capabilities for preventing harm and investigating crime, capabilities that can be deployed affordably, quickly and at scale. If crime can be characterised as a ‘game’, technology is changing its rules for all sides. The potency of ‘now possible’ technology runs both ways and its availability is reshaping the very nature of risk from which the state is tasked with protecting us.

The trade secrets of the tools used to locate and recover the airman are preserved for now, but the silken drape has been pulled back and the concept exposed. Once revealed, new biometric applications usually trigger another race – work to echo ghost murmur will have started even before the AI scriptwriters set about creating the movie of the same name, with equally energetic efforts being made to detect, disrupt and defeat this latest tool.

Controlling how all this shrink world technology – from allometry to zymmetry – is deployed is a continuing challenge for governments and its effective regulation is the 64PB question that seems to be defeating the brightest policy minds. In liberal democracies, technological possibility (what can be done) must be balanced with legal permissibility (what must/must not be done) and societal acceptability (what people support being done) but, as all sectors know, the political hurdles can often be higher than the technical ones.

Meanwhile, a continuing challenge is the speed at which cutting edge technology leaps from pre-alpha stage to public release. As I have reported to the UK parliament, tech consumerism means capabilities that were once the preserve of state intelligence agencies have become available to all of us – what the state has today, we’ll be shopping for tomorrow. When will we be able to buy ghost murmurs on Amazon or Alibaba? We will have to wait and see, but the first optical sports watch is already ticking.

About the author

Fraser Sampson, former UK Biometrics & Surveillance Camera Commissioner, is Professor of Governance and National Security at CENTRIC (Centre for Excellence in Terrorism, Resilience, Intelligence & Organised Crime Research) and a non-executive director at Facewatch.

White House fraud crackdown sharpens focus on digital identity

The Trump administration’s March 6 Executive Order 14390, aimed at combating cybercrime and fraud, has prompted a significant response from the identity verification industry.

While the order is officially focused on law enforcement and prosecuting cyber-enabled fraud, many see it as part of a broader shift in federal policy that emphasizes the importance of digital identity verification in preventing fraud before it affects federal systems.

The executive order highlights the growing concern over how cybercrime is impacting American citizens, draining savings, stealing identities, and threatening critical infrastructure.

It calls for stronger federal coordination to combat cyber-enabled fraud, with an emphasis on prosecuting fraud-related activities such as scam centers. However, industry experts argue that the government needs more than just enforcement—it needs stronger preventative measures, especially in digital spaces where fraudsters can impersonate legitimate individuals.

Key players in the identity verification industry, such as Carahsoft and Socure, emphasize that identity assurance is a crucial tool in preventing fraud. Fraud often begins when attackers impersonate a real person or take over an account, bypassing weak identity verification systems.

These vulnerabilities can be exploited before fraud is even detected, making it essential for federal systems to strengthen their identity verification tools.

Jordan Burris, head of public sector at Socure, calls for digital identity to be treated as foundational national infrastructure, stating that many of today’s fraud schemes rely on the ability to convincingly impersonate individuals.

Whether it’s account takeovers or synthetic identity fraud, the common denominator is the failure to verify identities effectively.

“Now let me say the quiet part out loud,” Burris said. “We are still missing the boat on the one lever that changes the economics of fraud at scale: digital identity,” Burris said.

“Identity is the root of many of the scams and cybercrime-enabled fraud schemes plaguing Americans today,” Burris continued. “Whether it is account takeover, benefits fraud, synthetic identity abuse, or impersonation scams, the common denominator is the ability of fraudsters to convincingly pose as someone they are not.”

The company’s argument is that fraud, account takeover, and impersonation are not peripheral issues in cyber policy. They are core issues, and a national anti-fraud strategy will remain incomplete if digital identity is treated as a secondary compliance or customer-experience function rather than a strategic control.

While the executive order itself does not mandate a national digital identity system, it stresses the need for improved identity verification across federal agencies. This includes critical entry points like online applications, account recovery, and digital portals that are most vulnerable to fraud.

Vendors and analysts argue that digital identity verification should be treated as a core element of anti-fraud strategy, rather than a secondary compliance issue.

The conversation has also shifted to new technologies such as AI and deepfakes, which are making it easier for attackers to create convincing fake identities at scale. This evolution in fraud tactics makes it more important than ever to implement strong identity verification and fraud detection systems.

Industry responses suggest that the next phase of the administration’s efforts should focus on elevating digital identity as critical infrastructure. This would require coordination across sectors and transparent measures of success to identify weaknesses and address vulnerabilities.

The White House’s follow-up executive order, creating the Task Force to Eliminate Fraud, underscores the shift from broad policy to actionable steps. As identity verification companies highlight, strengthening systems to prevent fraud from entering at the entry points is just as crucial as taking down fraudulent networks after the fact.

“If the administration wants to deliver on the promise of this strategy, the next phase should elevate digital identity as critical infrastructure, drive cross-sector alignment at the highest levels, and measure results transparently so we know what is working and where vulnerabilities persist,” Burris said.

Prosecuting fraud and disrupting scam centers are the most visible parts of the administration’s approach. But the more important long-term test may be whether agencies strengthen the systems that establish digital trust in the first place.

If the federal government continues to rely on fragmented or low-assurance identity controls, cyber-enabled fraud will remain hard to contain. If the president’s order leads agencies to adopt stronger identity proofing and authentication across programs and platforms, its effects could be more lasting.

In that sense, the order is doing two things at once. Publicly, it signals a tougher federal posture toward cybercrime, scams, and predatory fraud. Operationally, it is driving a broader argument that identity needs to sit much closer to the center of federal anti-fraud policy.

The responses from businesses and analysts all point in that direction. Together, they suggest the next phase of the administration’s response may be judged not only by prosecutions and takedowns, but by how seriously agencies address the identity weaknesses that fraudsters continue to exploit.

In sum, the key takeaway is that, while prosecuting fraud remains vital, the federal government must also focus on making it harder for fraudsters to penetrate systems in the first place.

As the government takes steps toward better coordination and stronger technology procurement, the role of digital identity verification will be central in shaping the effectiveness of the strategy outlined in Executive Order 14390.

Gender gaps threaten progress on global legal identity goals, Vital Strategies CEO warns

As countries work toward universal legal identity under SDG 16.9, greater focus on gender inclusion is needed to ensure women and girls are not left behind.

That is the message from Mary-Ann Etiebet, President and CEO of Vital Strategies, who argues that legal identity systems must be designed to reach those most at risk of exclusion.

In a recent paper, Etiebet acknowledges global progress in birth registration, but highlights persistent gaps in Sub-Saharan Africa and the disproportionate impact on women and girls.

“The consequences of remaining unregistered and unrecognized fall hardest on girls,” she writes and that “inequities follow girls into womanhood, limiting their rights and benefits, including marital protections such as spousal support or inheritance, financial inclusion, voting, and universal health coverage.”

According to Etiebet, one of the action points governments must engage as they pursue their legal and digital identity plans is to make sure everyone is counted, and the best way to do so is to digitize birth registration systems to make them accessible even to people in the remotest communities.

Etiebet goes on to say that digitizing birth registration is not enough at this point. To her, countries must go a step further by linking these civil registration systems with their national identity ecosystems in an integration move that can make identity management more sustainable.

Thailand and Vietnam are cited as good global examples in the integration of birth registration and national ID. With regard to African countries, she mentions the likes of Ethiopia, Kenya, and Rwanda, where efforts in this regard are said to be far advanced.

In Rwanda, for instance, Etiebet praises how the country saw a massive jump in birth registration from 63 percent in 2016 to 94 percent two years ago, following the digitization of the process. The country has also made efforts in linking children’s health data to their identity registration details so that primary health workers can easily follow up on things like routine vaccination schedules.

To better remove barriers to inclusion, Etiebet also urges countries to make digital ID a part of digital public infrastructure (DPI) ecosystems that enable full and unrestricted access to a wide range of public services.

According to her, it is not just about building a DPI ecosystem, but doing so in a manner that reduces rather than exacerbates inequalities. She also appeals that for DPI to make sense, countries must ramp up their efforts in the fight against invisibility, with closer attention paid to women and their rights in order to guarantee all of their other rights.

Meanwhile, a recent analysis by two staff members from Vital Strategies decried the failing nature of digital health systems and called for more inclusion in the design process. To them, a human-centered approach seems to be a workable option which can make those systems better used, trusted, and relevant to the realities they intend to address.