CNET también está disponible en español.

Ir a español

Don't show this again

HolidayBuyer's Guide
Smart Home

Fooling Amazon and Google's voice recognition isn't hard

If your roommates sound like you, they might be able to use your smart speaker to access your info or make purchases. Here's how you can protect yourself.

Tyler Lizenby/CNET

One of my colleagues was able to spend a bunch of money on my credit card using the Amazon Echo and Google Home ($129.00 at Dell Home). Both services also freely gave my coworker Chris my personal info because they both thought he sounded like me.

To be clear, Chris wasn't trying to steal from me or spy on me. We were trying to find out how easy it is to fool the voice recognition feature of Google's digital assistant (just called Google Assistant) and Amazon's digital assistant Alexa. As it turns out, it's not hard.

What is voice recognition?

You can train both the Google Assistant and Alexa to recognize your specific voice in their respective apps. Once you've trained them, both services will customize their responses to your particular voice. Ask Google "what's on my calendar today," and you'll get responses from your own personal calendar. Ask Alexa for a briefing, and she'll play your customized news feed. It's a handy feature that I quite like. If you have a voice controlled smart speaker such as the Google Home or Amazon Echo, you can even train them to recognize multiple voices, so each family member can access their own information.

Can you trick your digital assistant?

When Google first announced this feature this Spring, we found it was easily confused by similar sounding voices. Now that both Google and Amazon offer the feature, we wanted to see if we could intentionally trick both digital assistants. Turns out, we can.

Now Playing: Watch this: Tricking voice recognition on Amazon Echo and Google...
5:07

Chris successfully imitated three male colleagues here in our Louisville office. Two of the women in our office, Megan and Molly, were able to imitate each other without even trying to do an impersonation. Check out the video above to watch these impersonations in action.

What our results mean

I'm not suggesting you toss your Amazon Echo or Google Home in the trash to preserve your security and avoid erroneous purchases. Someone still has to be within shouting range of these speakers to get access to your stuff, so you only need to worry about the people inside your house. With that in mind, you might want to take a couple of precautions if you have a big family or a lot of roommates.

If you're not worried about your personal info, but don't want your kids doing an impression of you and making purchases, both assistants let you turn off voice purchasing while keeping your the rest of your personalized results intact.

voice-confusion-7

Thankfully, I was able to cancel the purchases Chris made on my account. 

Tyler Lizenby/CNET

How to turn off voice payments

In the Google Home app, click settings in the upper left corner of the main page, then go to "more settings." Click "payments" then toggle off "Pay through your Assistant." In the Alexa app, click the settings icon in the upper left corner, click the "Settings" button, scroll down to "Voice Purchasing" and toggle off the "Purchase by voice" option.

Note that in the Alexa app, you can also enable a voice code option. This is off by default, so members of your house don't even have to sound like you if voice purchasing is on and this is turned off. If you turn it on, you'll have to enter a four-digit PIN. Then, you'll have the option to allow recognized speakers to skip the PIN.

amazon-voice-purchasing

You can turn off purchasing and personalized results in both apps.

Screenshot by Andrew Gebhart/CNET

In our tests, we weren't able to get around entering the PIN. To an extent, that's a good sign for Alexa's security, as Chris wasn't able to make a purchase on my behalf without that PIN once I enabled this option. But the feature also wasn't working correctly, as it didn't even allow me to skip the PIN when making a purchase, which it should have after I used the pin correctly the first time. Also, if a roommate hears you enter the PIN, there's nothing stopping them from making a purchase.

How to turn off personal results

If you don't want your roommates or family members accessing any of your personal information, both Google and Amazon let you turn off the feature entirely. Start from the same "More settings" menu in the Google Home app, then scroll down to your shared device such as your Google Home. Click the device and you can toggle off "Personal results."

With Alexa, you again start from the "Settings" menu. This time, click "Your Voice" and then click "Forget my voice." Note that while turning off personal results in the Google Home app turns off purchasing as well, Alexa forgetting your voice won't actually stop you from making voice purchases, so make sure you turn that off as well using the steps above.

Trusting your voice

Google warns you when you first set up voice recognition that a similar voice might be able to access your info. In response to this story, Kara Stockton on the Google Assistant team offered the following statement over email: "Users shouldn't rely upon Voice Match as a security feature. It is possible for a user to not be identified, or for a guest to be identified as a connected user. Those cases are rare, but they do exist and we're continuing to work on making the product better."

Amazon claims Alexa is more secure as it listens to the entire utterance and not just the wake word. We were still able to fool Alexa in our tests, but the extra security means your impersonator has to be a little more skilled when issuing a longer command. It also means they can't just record you saying the wake words, then issue any command they want.

Amazon declined our request for comment. 

I like the fact the digital assistants built into your smart speakers can get to know you. Just be sure to use caution when giving Alexa or Google Assistant access to your info. Take into account your living situation, who's regularly around the speaker, and what info your let each service access. Otherwise, your friendly virtual assistant could easily turn into a digital traitor.