Vulnerabilities of Audio-Based Biometric Authentication Systems Against Deepfake Speech Synthesis
Mengze Hong, Di Jiang, Zeying Xie, Weiwei Zhao, Guan Wang, Chen Jason Zhang
TL;DR
This work systematically evaluates the resilience of audio-based biometric authentication against contemporary deepfake speech, combining ECAPA-TDNN-based speaker verification with XLS-R/AASIST deepfake detection on a Mandarin benchmark. It reveals two critical vulnerabilities: modern voice cloning can bypass state-of-the-art ASV with only tens of minutes of target speech, and in-domain detectors fail to generalize to unseen synthesis methods, posing real-world security risks. The findings call for architectural innovations, adaptive defenses, and multi-factor authentication, emphasizing the need for continually updated training data and features that capture invariant synthesis characteristics. Practically, the study highlights the urgency of defense-in-depth to protect high-stakes applications against rapidly evolving audio deepfakes.
Abstract
As audio deepfakes transition from research artifacts to widely available commercial tools, robust biometric authentication faces pressing security threats in high-stakes industries. This paper presents a systematic empirical evaluation of state-of-the-art speaker authentication systems based on a large-scale speech synthesis dataset, revealing two major security vulnerabilities: 1) modern voice cloning models trained on very small samples can easily bypass commercial speaker verification systems; and 2) anti-spoofing detectors struggle to generalize across different methods of audio synthesis, leading to a significant gap between in-domain performance and real-world robustness. These findings call for a reconsideration of security measures and stress the need for architectural innovations, adaptive defenses, and the transition towards multi-factor authentication.
