Robots Storm the Castle Click - Short Edition
Similar Content
Browse content similar to Robots Storm the Castle. Check below for episodes and series from the same categories and more!
Transcript
| Line | From | To | |
|---|---|---|---|
Coming up later on BBC News will be Newswatch. | 0:00:00 | 0:00:02 | |
First, though, it's Click. | 0:00:02 | 0:00:53 | |
Welcome to the south coast of England, and the country's | 0:00:53 | 0:00:56 | |
biggest fortification, Dover Castle. | 0:00:56 | 0:01:05 | |
They say an Englishman's house is his castle. | 0:01:05 | 0:01:08 | |
This week, this castle is mine. | 0:01:08 | 0:01:09 | |
Like every other home in the land, it needs to be well | 0:01:09 | 0:01:12 | |
defended, because these days, it is constantly under attack. | 0:01:12 | 0:01:15 | |
The walls make it out burglars, but today's | 0:01:15 | 0:01:17 | |
digital invader is wily, and can worm its way | 0:01:17 | 0:01:19 | |
in through the smallest gaps. | 0:01:19 | 0:01:22 | |
Last week's global cyber attack on companies in around 150 countries | 0:01:22 | 0:01:25 | |
shows just how vulnerable systems can be, even if you are not called | 0:01:25 | 0:01:28 | |
into clicking dodgy links. | 0:01:29 | 0:01:37 | |
So this week, we're looking at cybersecurity. | 0:01:37 | 0:01:39 | |
It's me versus the bad guys out there. | 0:01:39 | 0:01:41 | |
And they might be small, but there's a lot of them. | 0:01:41 | 0:01:47 | |
So what can I do to shore up my defences? | 0:01:47 | 0:01:50 | |
One thing is through biometrics. | 0:01:50 | 0:01:51 | |
Gadgets already recognise our fingerprint, and now | 0:01:51 | 0:01:53 | |
banks are starting to identify us using our voices. | 0:01:53 | 0:01:56 | |
So how secure is it? | 0:01:56 | 0:02:00 | |
Is it possible, for example, to fake someone's voice? | 0:02:00 | 0:02:02 | |
We asked Dan Simmons to give it a go, or most precisely, | 0:02:02 | 0:02:05 | |
to find the one person who might stand a chance at breaking | 0:02:05 | 0:02:09 | |
into his bank account. | 0:02:09 | 0:02:10 | |
Thanks, Ben. | 0:02:10 | 0:02:12 | |
Well, one of the things that you might not know about me is that | 0:02:12 | 0:02:16 | |
I am the only member of the Click team to have a twin brother. | 0:02:16 | 0:02:20 | |
Hi. | 0:02:20 | 0:02:20 | |
His name is Joe, and we kind of sound quite alike. | 0:02:20 | 0:02:23 | |
We kind of do sound quite alike. | 0:02:23 | 0:02:25 | |
But I came out first, and he just copied me. | 0:02:25 | 0:02:28 | |
Yeah, well, for this report, it's going to be Joe trying | 0:02:28 | 0:02:31 | |
to copy me... | 0:02:31 | 0:02:33 | |
TOGETHER: ..as we try to break into a bank. | 0:02:33 | 0:02:36 | |
But first, we're going to need some help. | 0:02:36 | 0:02:43 | |
Yep, I really think this guy is going to help us. | 0:02:43 | 0:02:46 | |
Right, good, good. | 0:02:46 | 0:02:50 | |
All right, nice to meet you. | 0:02:51 | 0:02:53 | |
If you'd like to sit down... | 0:02:53 | 0:03:01 | |
What we're going to do first is I have this little | 0:03:01 | 0:03:04 | |
analysis tool here. | 0:03:04 | 0:03:05 | |
And what this will do is just detect, first of all, | 0:03:05 | 0:03:08 | |
the pitch of your voice. | 0:03:08 | 0:03:10 | |
This system that you're trying to break in is analysing your voice | 0:03:10 | 0:03:13 | |
in lots of different ways. | 0:03:13 | 0:03:15 | |
So there will be about 100 different variables it is picking up on. | 0:03:15 | 0:03:18 | |
Hello, I'd like to access my account, please, today... | 0:03:18 | 0:03:24 | |
Hello, I wondered if I could access my account today. | 0:03:24 | 0:03:27 | |
You see there are pretty big differences between them. | 0:03:27 | 0:03:29 | |
So who do you think is the bigger Adam's apple, out of both of you? | 0:03:29 | 0:03:34 | |
I can't see mine. | 0:03:34 | 0:03:34 | |
TOGETHER: Yayayayahh... | 0:03:35 | 0:03:41 | |
It's the first time I've tried to use the telephone banking | 0:03:41 | 0:03:43 | |
service, and I'm not set up, so I am hoping... | 0:03:43 | 0:03:46 | |
LAUGHS | 0:03:46 | 0:03:47 | |
How many - how long do you want to make this? | 0:03:47 | 0:03:49 | |
A bit shorter, OK, a bit shorter. | 0:03:49 | 0:03:51 | |
That wasn't axactly the way you said it the first time. | 0:03:51 | 0:03:54 | |
I'd like to take everything out, today, please. | 0:03:54 | 0:03:57 | |
That was. | 0:03:57 | 0:03:57 | |
I'd like to take everything out, today, please. | 0:03:57 | 0:03:59 | |
I'd like to take everything out, today, please. | 0:03:59 | 0:04:01 | |
That is - that is close. | 0:04:02 | 0:04:03 | |
That's not true. | 0:04:03 | 0:04:04 | |
That is not true. | 0:04:04 | 0:04:05 | |
Excellent, that is brilliant. | 0:04:05 | 0:04:06 | |
Thank you very much. | 0:04:06 | 0:04:07 | |
No worries at all! | 0:04:07 | 0:04:13 | |
What're you dressed like that for? | 0:04:13 | 0:04:15 | |
Well, we're doing a job, aren't we? | 0:04:15 | 0:04:17 | |
I've got a gun. | 0:04:17 | 0:04:19 | |
You don't need a gun, do you? | 0:04:19 | 0:04:20 | |
Your voice is your weapon. | 0:04:20 | 0:04:22 | |
Take that off! | 0:04:22 | 0:04:27 | |
Erica is the voice of NICE - NICE is the voice security provider | 0:04:27 | 0:04:31 | |
for Citibank credit card-holders in the US, among others. | 0:04:31 | 0:04:33 | |
Hi, nice to meet you, too. | 0:04:33 | 0:04:41 | |
Joe's going to try to break into my account, what chances do | 0:04:41 | 0:04:44 | |
you think he has? | 0:04:44 | 0:04:45 | |
Very slim. | 0:04:45 | 0:04:45 | |
What advice can you give me to try and break into his account? | 0:04:46 | 0:04:49 | |
Well, you've known him your entire life, so try to imitate his voice. | 0:04:49 | 0:04:53 | |
She seems very confident about this - what - | 0:04:53 | 0:04:55 | |
what why is it that you think that, maybe, my twin brother can't break | 0:04:55 | 0:04:59 | |
into my account? | 0:04:59 | 0:05:00 | |
Voice biometrics is the most accurate form of identification | 0:05:00 | 0:05:02 | |
there is for access into financial institutions. | 0:05:02 | 0:05:04 | |
Why? | 0:05:04 | 0:05:04 | |
Why? | 0:05:04 | 0:05:10 | |
It registers over 100 different characteristics with voice. | 0:05:10 | 0:05:12 | |
Half of them personality and the half are physical. | 0:05:12 | 0:05:14 | |
And you do look a little bit different, | 0:05:15 | 0:05:17 | |
and your voices are different, so you will have different vocal | 0:05:17 | 0:05:20 | |
characteristics. | 0:05:20 | 0:05:26 | |
So therefore, what percentage chance do you think I have? | 0:05:26 | 0:05:28 | |
It would be one out of several hundred thousand. | 0:05:29 | 0:05:31 | |
How do you make it so that I can access my | 0:05:31 | 0:05:34 | |
account, even if, like, at the moment, I have a little | 0:05:34 | 0:05:37 | |
bit of a... | 0:05:37 | 0:05:38 | |
COUGHS | 0:05:38 | 0:05:38 | |
As I said, there's over 100 characteristics, | 0:05:38 | 0:05:40 | |
and a cough or cold only affects about two. | 0:05:40 | 0:05:42 | |
So we still have all those other characteristics to work with, | 0:05:42 | 0:05:45 | |
and we still have identification. | 0:05:45 | 0:05:47 | |
And has anybody fooled the system through the front door? | 0:05:47 | 0:05:49 | |
Basically, pretending to be somebody they're not? | 0:05:49 | 0:05:51 | |
No. | 0:05:51 | 0:05:53 | |
Can I asked another question? | 0:05:53 | 0:05:55 | |
It might just be a bit out the ballpark, but is this legal? | 0:05:55 | 0:06:00 | |
I'm here to break into the account of Dan Simmons. | 0:06:12 | 0:06:15 | |
Joe, you really don't need the gun. | 0:06:15 | 0:06:17 | |
What do I have to do? | 0:06:17 | 0:06:19 | |
Let's give this a shot. | 0:06:19 | 0:06:20 | |
OK? | 0:06:20 | 0:06:20 | |
Hi, yes, I'd like to access my current account, | 0:06:20 | 0:06:23 | |
if I can, please? | 0:06:23 | 0:06:28 | |
Yes, it's probably about ?10, something like that. | 0:06:28 | 0:06:30 | |
Yeah. | 0:06:30 | 0:06:31 | |
Thanks very much. | 0:06:31 | 0:06:35 | |
Yeah, that's great. | 0:06:35 | 0:06:35 | |
Thank you. | 0:06:35 | 0:06:38 | |
You failed - but close. | 0:06:38 | 0:06:39 | |
Wow, look at how close this is over here. | 0:06:40 | 0:06:42 | |
Look at that! | 0:06:42 | 0:06:46 | |
If we come over here, it you can see there's the threshold | 0:06:46 | 0:06:50 | |
level, and that - that is pretty close. | 0:06:50 | 0:06:52 | |
That was not a bad first go. | 0:06:52 | 0:06:54 | |
That just came out of nowhere. | 0:06:54 | 0:06:55 | |
First go, very good. | 0:06:55 | 0:06:56 | |
It came out of absolutely nowhere! | 0:06:56 | 0:06:59 | |
Very good. | 0:06:59 | 0:07:01 | |
But that's how you test the system, isn't it? | 0:07:01 | 0:07:07 | |
Yes, we that's how we test the system. | 0:07:07 | 0:07:09 | |
We tested with twins, and siblings, and imitators. | 0:07:09 | 0:07:11 | |
You know, a fraudster wouldn't get three chances, | 0:07:11 | 0:07:13 | |
and the reason a fraudster wouldn't get three | 0:07:13 | 0:07:17 | |
chances is that we would register the multiple failures, | 0:07:17 | 0:07:19 | |
and it would dynamically increase the threshold on the third, | 0:07:19 | 0:07:22 | |
and put a flag on the account. | 0:07:22 | 0:07:24 | |
Right, that is not to say, of course, that it's | 0:07:24 | 0:07:27 | |
impossible, is it? | 0:07:27 | 0:07:29 | |
It's not impossible, it's just very improbable. | 0:07:29 | 0:07:35 | |
So, Dan, your bank account is still safe, although your twin | 0:07:35 | 0:07:38 | |
got away with some pretty cool stationery. | 0:07:38 | 0:07:40 | |
Yeah, the old fashioned way. | 0:07:40 | 0:07:41 | |
Were you surprised that the voice attack didn't work? | 0:07:41 | 0:07:44 | |
Yeah, I was, actually. | 0:07:44 | 0:07:45 | |
We really tried hard to match up our voices. | 0:07:45 | 0:07:48 | |
You know, we used the voice coach and the rest of it, | 0:07:48 | 0:07:51 | |
and it just bubbled under what we needed and couldn't get in. | 0:07:52 | 0:07:58 | |
What about the simpler stuff that we have been asked by banks | 0:07:58 | 0:08:01 | |
in the last few years, like "My voice is my password," | 0:08:01 | 0:08:04 | |
did you try that? | 0:08:04 | 0:08:05 | |
Oh yeah, we had a crack at that. | 0:08:05 | 0:08:07 | |
To get into my account, my twin needs my sort code | 0:08:07 | 0:08:10 | |
and my account number, things I have helped him out with. | 0:08:10 | 0:08:13 | |
He also needs to know my birthdate, but that's probably something | 0:08:13 | 0:08:16 | |
he already knows. | 0:08:16 | 0:08:17 | |
The question is, can my voiceprint give me any extra | 0:08:17 | 0:08:20 | |
protection? | 0:08:20 | 0:08:24 | |
Secret bank, we're not getting any bank names away. | 0:08:24 | 0:08:26 | |
Good afternoon. | 0:08:26 | 0:08:27 | |
Welcome to HSBC. | 0:08:27 | 0:08:27 | |
Oh, it's... | 0:08:27 | 0:08:34 | |
Please enter your sort code, or... | 0:08:34 | 0:08:36 | |
Oh, I've got this one. | 0:08:36 | 0:08:41 | |
Now, interestingly,it's the PIN number, and the account number, | 0:08:41 | 0:08:44 | |
which, if you are from the days from the old cheque-book, | 0:08:44 | 0:08:53 | |
then both of those things you'd use to print objects. | 0:08:53 | 0:08:55 | |
So if you've got an old cheque from somebody you already know | 0:08:55 | 0:08:59 | |
that. | 0:08:59 | 0:08:59 | |
..your date of birth. | 0:08:59 | 0:09:00 | |
He knows my date of birth because we share the same | 0:09:00 | 0:09:03 | |
date of birth. | 0:09:03 | 0:09:04 | |
After the tone, please repeat the phrase "My voice your password". | 0:09:04 | 0:09:07 | |
My voice is my password. | 0:09:07 | 0:09:11 | |
I'm sorry, I didn't catch that. | 0:09:11 | 0:09:13 | |
After the tone, please repeat the phrase "My voice your password". | 0:09:13 | 0:09:16 | |
My voice is my password. | 0:09:16 | 0:09:21 | |
Welcome to HSBC Advance. | 0:09:21 | 0:09:29 | |
The balance of your account is ?1.21p credit. | 0:09:29 | 0:09:33 | |
I'm off to the bank! | 0:09:33 | 0:09:35 | |
For your available balance... | 0:09:35 | 0:09:38 | |
I thought it would be more than that, Dan. | 0:09:38 | 0:09:40 | |
LAUGHS | 0:09:40 | 0:09:42 | |
Evil twin was in. | 0:09:42 | 0:09:49 | |
Perhaps more surprising when you consider the service | 0:09:49 | 0:09:51 | |
providers test their systems with twins to improve security. | 0:09:51 | 0:09:53 | |
I can get into other accounts, apparently, | 0:09:53 | 0:09:55 | |
Dan, so... | 0:09:55 | 0:09:56 | |
HSBC told us: | 0:09:56 | 0:09:57 | |
Major security no no man works at an undisclosed financial | 0:10:15 | 0:10:17 | |
institution. | 0:10:17 | 0:10:18 | |
Oh. | 0:10:18 | 0:10:21 | |
He manages innovation, because they have an | 0:10:21 | 0:10:23 | |
innovation unit. | 0:10:23 | 0:10:24 | |
So what's he been innovating? | 0:10:24 | 0:10:25 | |
Just watch the way he uses his phone, because his security | 0:10:25 | 0:10:28 | |
system is doing just that. | 0:10:28 | 0:10:30 | |
And even with all his login details, I'll | 0:10:30 | 0:10:34 | |
need to replicate how he holds, taps, and tilts his device. | 0:10:34 | 0:10:41 | |
Ha, hi! | 0:10:45 | 0:10:49 | |
Chris, would you mind lending me that for a moment? | 0:10:49 | 0:10:53 | |
No luck. | 0:11:03 | 0:11:06 | |
It's beaten me. | 0:11:06 | 0:11:10 | |
That'll be yours, then. | 0:11:10 | 0:11:14 | |
Brilliant security tips there, unfortunately I think | 0:11:23 | 0:11:25 | |
they have arrived a little bit too late for me. | 0:11:25 | 0:11:28 | |
Still, there you go. | 0:11:28 | 0:11:30 | |
Thanks for watching and I really, really hope that I will | 0:11:30 | 0:11:33 | |
see you soon! | 0:11:33 | 0:11:34 | |
Hello and welcome to Newswatch, with me, Samira Ahmed. | 0:12:01 | 0:12:06 | |
Coming up: the party manifestos are all out. | 0:12:06 | 0:12:08 | |
How well has the BBC done on explaining | 0:12:08 | 0:12:11 |