Google Duplex's gift for gab could be gift for hackers, too
When he saw Google demo the latest version of its voice assistant technology, Duplex, last week, Eric Smith was blown away. The demonstration showed the software calling a hair salon to book an appointment and a restaurant to reserve a table. Google’s side of the conversation sounded human, with “um-hmms” and “got its” tucked in.
“The speed at which it worked, its ability to retrieve information and respond in a way that was very natural, was incredibly impressive,” said Smith, the chief data and analytics officer at USAA.
“That naturalness is something we’ve been looking to achieve,” said Smith, who was involved in developing USAA’s voice assistant, Eva, as well as the bank’s interactive voice response system.
The list of possible uses in banking is long — as is the list of potential opportunities for cybercriminals to misuse the technology. Security is a worry with all voice assistants, but it is especially concerning in the case of Duplex, which seems so good at mimicking human speech. Smith and other bankers will have to do a lot of homework.
“We’re still learning about the capability of the technology and how the mechanics work behind the scenes to determine where we might want to apply that, he said. "I see us experimenting with that as part of our USAA Labs work. I don’t know what that interaction is yet, but we’ll figure out something that makes sense.”
USAA already works with the virtual assistant technology provider Clinc, which has voice and text interaction and powers the bank’s Alexa Skill. In USAA’s demo of its voice assistant, it shows a customer asking Alexa if he can afford to go out to dinner and Alexa providing an informed answer.
One thing Smith can envision Google Duplex doing for USAA is gathering information for a mortgage application.
“Having a bot to walk you through that process could be very helpful,” Smith said. “You could work at your pace, and it would be available when you need it to be available.”
Over time, the bot could become a personalized assistant helping customers with a variety of things.
There are also scenarios for which a humanlike voice assistant would be a mistake, Smith said.
“There are certain topics where today people don’t want to have that kind of conversation with a human,” he said. “An example is collections. If I have to talk to a human about a collections situation, it can be embarrassing, whereas if it sounds like a machine, maybe that’s OK.”
Another example is a death in the family. Because it serves military members and their families, USAA gets a lot of calls after a spouse has died in battle. At such times a bot, no matter how well trained, would probably be a bad idea.
“Within USAA we call those moments of truth,” Smith said. “We have a survivor relations team, the front-line people that handle the death of a partner or spouse across all the different lines of business we have. I would never see us putting a bot in front of that.”
Similarly, if a customer has lost everything in a hurricane, that would not be the best time for a bot interaction.
“That for us is when that human touch is needed,” Smith said. “Maybe a bot would get there some day.”
Smith’s biggest concern about Google Duplex is security, specifically authentication.
“How do you validate that the conversation is happening with the right person?” Smith said.
He would like to know more about how the technology works on the back end.
“How would that data flow?” he said. “How much of that would Google need access to, versus how much of that could be a call back to our environment? Where does the data have to sit for this to be effective, because especially in this day and age, we're keenly interested in managing sensitive data appropriately and ensuring trust with the member."
Due to security concerns, USAA would most likely start by testing Duplex for inquiries about balances and other types of information that are not transactions. Next it might test advice interaction: How much do I have to spend this month, how much should I save?
“Once we solve some of the security concerns, transactions will be addressed,” Smith said. “The positive thing is, I think there’s been enough advancement in things like multifactor authentication that there are ways we could overcome the security piece in rapid order, depending on how open Google is going to be to work with financial institutions like us.”
Google did not respond to a request for an interview by deadline.
Vijay Balasubramaniyan, CEO of Pindrop Security, has given a lot of thought to what fraudsters might do with Google Duplex.
“You’re going to face people who don’t have a high ethical standard to begin with trying to get away with a system that’s super good at fooling humans on the other end,” he said.
As long as the technology is limited to booking hair appointments, there is little danger.
But as it starts to do more, Balasubramaniyan said, criminals could use the technology to analyze conversation data and determine how best to get a call center agent to do their bidding.
“We see fraudsters who are really successful use tons of flattery and pressure to coerce a call center agent,” he said. “What if I build a system that learns those concepts? That is, there are certain agents where flattery is not going to get me far — but pressure will.”
A Google Duplex bot could use that knowledge to persuade call center agents to unwittingly help them drain victims’ accounts.
Also, if a hacker could get access to hours of recordings of someone speaking, they could synthesize that person’s voice accurately and be able to fool a human or a bot.
Pindrop, for instance, fed one of its systems the audiobook "Thrive," read by Ariana Huffington. The system synthesized her voice. When it was played it back to her, Huffington said she could not tell the difference. Such technology could be used to game a voice authentication system like the ones in use at many banks.
“At that point, you’re done. You’ve lost your voice,” Balasubramaniyan said.
Pindrop has a neural network-based system that not only analyses speech patterns but can detect if a voice is synthesized by a machine. Pindrop has taught its software to identify Duplex as a synthesized voice.
“We can tell machines to be suspicious,” Balasubramaniyan said.
Many observers complained that in the demo, Google Duplex seemed too human, that it could trick people.
“It is potentially deceptive,” said Jacob Jegher, senior vice president of banking and head of strategy at Javelin Strategy & Research. “I have no doubt there is a segment of the population that will feel they’re being played." He also suggests that people might start to get used to this as these systems become more prevalent.
Another critique was the Google Duplex might violate eavesdropping laws, which say you have to notify someone before recording them, as Google would have to do. But Google has already said it will provide "this call is being recorded," disclaimers.
Jegher also questions whether the Google Duplex will always work as flawlessly as the demo.
“This is the million dollar demo question,” he said. “Things go off flawlessly on stage. Will it be able to pull it off in day-to-day life? If you throw it a variable it can’t handle, how will that work? We don’t know that quite yet.”
How badly is it needed?
Google says Duplex will be ready later this year.
Balasubramaniyan said it will take a while for companies like banks to adopt it, because of its limited range. There’s a big difference between booking a hair appointment and being able to answer any type of query, he noted.
The most obvious use case for banks, saving money on calls to the call center, may not happen for some time, in Jegher’s view.
“There are numerous ways to reduce call center volume, and the industry has been working on that for years rather successfully,” he said. “That’s the whole goal with digital banking. A quarter of consumers don’t use digital servicing options because they either can’t find what they’re looking for or find it too hard to use.”
So basic improvements in mobile and online banking could deflect calls to the call center.
Google has leapfrogged Amazon in the voice assistant arena for now, but there will be lots of jockeying.
“If you look at advances in virtual assistants like Google Home and Amazon Alexa, this will be a game of pingpong over time,” he said. Alexa still does rudimentary things like play songs and turn on the lights.
“This is a whole other ballgame, where we’re looking at an ongoing person-to-person interaction,” Jegher said.
Balasubramaniyan noted that banks have realized the need to offer consumers voice interactions.
“Now that voice is becoming big, they’re all trying to figure out,” he said. “What do we need to create to stay ahead of the game?”
Editor at Large Penny Crosman welcomes feedback at firstname.lastname@example.org.