Researchers Find Numerous Risks in the Alexa Skills Ecosystem

• A large number of Alexa skills were found to be problematic in more than one way.
• Researchers uncovered privacy and security risks as well as inconsistencies in the vetting process.
• The space is just too unregulated and “open,” and users rely on their own judgment to stay safe.

A team of university researchers (Ruhr-Universität Bochum + North Carolina State University + Google) has decided to perform a systematic in-depth analysis of the Alexa Skills ecosystem, using 90,194 sourced from seven different stores. Their purpose was to identify security and privacy risks and also gaps in the vetting process.

Unfortunately, and as the team explained during the recent NDSS conference, there are several problems with a large number of skills used by a substantial number of Alexa-powered device owners.

Before we move to the findings, allow us to give you an introduction to what Skills are. These are small custom-made apps created for Amazon’s Alexa, the AI-power virtual assistant that “lives” inside millions of IoTs around the globe.

Skills are like add-ons that extend Alexa’s functionality, so they are created by third-party companies that want to help their customers enjoy the convenience of using their services through Alexa. For example, Domino’s Pizza has a skill that allows users to order pizza right from their Amazon Echos.

So, here are the main issues discovered by the researchers:

• Many non-native skills share the same invocations as Amazon-maintained skills. This can lead to involuntary or even secret background activation.

• A significant number of skills are the products of malware authors who are giving them names that denote some correlation with well-known companies.
• Several skills go through malicious or at least shady back-end code changes after approval from the Skills store reviewers.

• There’s the potential to configure skills to request permissions relevant to personal information access without using the permission API which is there to protect the end-user.
• Less than one-fourth of all available skills have a privacy policy. Those targeting kids and the younger audience in general are the worst, with only 13.6% linking to a privacy policy page.

• 23.3% of all skills analyzed don’t even disclose the data types that are associated with the requested permissions, so users have no way to know what’s going on with their data.

As it becomes obvious from the above, Amazon has a lot of work to do if they’re planning to clean the skills mess and make the ecosystem safe for the users. Because one cannot rely on Amazon’s immediate and also effective response, users are advised to be very careful with what skills they choose to install on their devices. In general, we would suggest that you keep the number of skills on your Echos to the absolute minimum needed.

[UPDATE] February 27, 2021 - Statement for Amazon spokesperson: