Proceedings of the 4th Conference on Conversational User Interfaces 2022
DOI: 10.1145/3543829.3544520
|View full text |Cite
|
Sign up to set email alerts
|

Leakage of Sensitive Information to Third-Party Voice Applications

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1

Citation Types

0
3
0

Year Published

2023
2023
2024
2024

Publication Types

Select...
2
1
1

Relationship

1
3

Authors

Journals

citations
Cited by 4 publications
(3 citation statements)
references
References 9 publications
0
3
0
Order By: Relevance
“…Many research prototypes and currently available HVAs are built with or on top of general-purpose commercial voice assistants [167]. The security and privacy of voice assistants in general is an active area of research-see [54,165] for a systematic review on the topic-and several issues have been revealed, including the extensive collection of sensitive user data, unauthorized access and questionable practices by third-parties and skills [25,52,53,70,161], along with inadequacies in the development and application of privacy policies [53,113]. Researchers are actively working on a range of solutions, such as mechanisms for providing user with meaningful verbal consent [31,162] and automated systems to identify policy breaches [52,207].…”
Section: Implications Unique To Healthcare Voice Assistantsmentioning
confidence: 99%
“…Many research prototypes and currently available HVAs are built with or on top of general-purpose commercial voice assistants [167]. The security and privacy of voice assistants in general is an active area of research-see [54,165] for a systematic review on the topic-and several issues have been revealed, including the extensive collection of sensitive user data, unauthorized access and questionable practices by third-parties and skills [25,52,53,70,161], along with inadequacies in the development and application of privacy policies [53,113]. Researchers are actively working on a range of solutions, such as mechanisms for providing user with meaningful verbal consent [31,162] and automated systems to identify policy breaches [52,207].…”
Section: Implications Unique To Healthcare Voice Assistantsmentioning
confidence: 99%
“…Other avenues of exploration could include the verification of fact sources and mandatory communication to users about the source of a skill's information before and during use. Exploration of this topic represents an exciting opportunity for future work, but will be made difficult by the dominant architecture where skills are hosted by third party developers outside of the control of vendors (resulting in difficulties when vetting and verifying third party software) with very recent work showing evidence of third-party skills serving misinformation [21].…”
Section: Unexpected Discoveriesmentioning
confidence: 99%
“…Additionally, to provide their vast range of services, they use both built-in skills and third-party applications called skills [14,5]. The disadvantage of this complex ecosystem is that users' personal information may be accessed or misused by unauthorised parties without the user's awareness [44,15,10]. For instance, this may occur when Spotify's service provider accesses users' login details while playing music via Alexa [6], and everyone within audible range may know the status of a smart door lock [34].…”
Section: Introductionmentioning
confidence: 99%