Long story short: Sound-Proof is secure! The attacks recently published in “The Sound of the Phones” have all been mitigated by our latest implementation.
We are very happy to inform you that we received early notice of an academic article published in ACM CCS 2016 that presents a number of attacks against zero-effort ambient audio two-factor authentication (that’s us!).
The authors showcased how Sound-Proof can be attacked by “injecting” sound in the ambient where the phone is recording. Thankfully, the attacks presented could be mitigated with a number of solutions that we have promptly implemented in the latest versions of the mobile application.
If you are interested to learn more about this topic please do not hesitate to get in touch with us!Home