Skip to main content

Google’s new patent hopes to protect the Google Home from being hijacked

If you love talking to Google Assistant, it’s not hard to believe that a hacker would enjoy the same privileges. And now, Google is patenting a new system that seeks to protect you and your Google Home from being hijacked. Per a recently filed patent, Google is looking to prevent so-called “audio attacks” that involve ill-intentioned actors issuing false commands to your smart home system.

Devices like the Google Home are “capable of receiving, processing, and executing voice commands,” Google writes in its patent. “In some instances, voice commands are preceded by indicator words or phrases, known as hotwords.” And while it’s useful for you to simply say, “OK Google,” or “Alexa,” the ease of use also makes these devices particularly susceptible to attacks. Google, however, thinks that it may have found a way to prevent this from happening.

Per the patent, the method in question seems to work a bit like two-factor authentication, whereby logging into one account requires you to verify your identity by entering a passcode sent to a different account. Similarly, in the new patent, Google suggests a system in which a speaker first receives a message indicating that an improper voice command has been detected by one device. Then, the system would determine a user account associated with this device, and find a second device associated with the same account. Finally, the system would send a message to the second device, either asking for verification of the original command or alerting the user that something strange is afoot.

“By monitoring its own audio output, a device can guard against fraudulently issued voice commands,” Google noted. “When a falsified voice command is detected, the model blocks the standard processing of voice commands to avoid execution of the fraudulent command.”

Of course, it is not entirely clear how or when this model will be implemented — even though Google has now patented the idea, it doesn’t necessarily mean that the company will act upon it anytime soon. But as concerns around internet-connected devices and their vulnerabilities grow, it certainly seems that such a system will soon be absolutely necessary.

Editors' Recommendations