Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

HomePod's multi-user support could use iPhones to secure Siri queries using personal data

The HomePod could offer support for Siri with multiple users in the future without worrying about a user's personal data being accessed, with Apple coming up with a method to authenticate the speaker is authorized to make potentially sensitive queries using the presence of a nearby iPhone.

Siri on the iPhone effectively provides access to all of the device owner's data in an unrestricted fashion, albeit within the bounds of what Siri could be asked. As an iPhone is a personal device, there is relatively little in the way of concern about this, as the iPhone is almost always within easy access of its owner, who can limit Siri's usage by others quite easily.

The same cannot be said for devices like the HomePod, which is designed to be used communally, with multiple people able to take control of playback by asking Siri. Due to this, Siri on HomePod operates slightly differently, with less of a range of queries available due to the potential for someone else to ask personally sensitive queries.

Apple offers Personal Requests as an option that can allow or prevent access to iCloud-connected apps like Messages, Calendar, and Reminders, which can be used to limit what could be accessed on a linked user account via a HomePod. However, users may wish to have the freedom to ask personal questions about their own data without needing such a setting, but at the same time closing the opportunity for others to do so when they are not present.

A patent application for a "Personal domain for a virtual assistant system on a communal device" effectively describes how a HomePod-like system with Siri could take advantage of personal devices to answer questions featuring personal data.

According to the filing, published by the US Patent and Trademark Office on Thursday, the communal device would receive a query from a user, and determine if it is a query that requires access to personal data. If personal data is required and is specific to that user, the communal device would pass the request along to the user's personal electronic device, namely the HomePod would forward it to the user's iPhone if it is available locally.

A HomePod in the house could use the local presence of an iPhone as confirmation to proceed with a personal data request.

The request to the personal device could consist of asking for permission to access the user's data itself, if it is locally held, or to acquire the data from the personal device. The personal device could then feasibly ferry the requested data back to the communal device for further processing of the initial request.

The communal device could also pass the request completely to the personal device for processing remotely, such as for sending a text message to a known contact. This would mean no personal data would be transmitted to the communal device at all.

It is suggested the personal device could provide an audio indication that it has received a request from the communal hardware. While this would be useful for the system in general, it would also indicate to users that a request was made to their iPhone, confirming their own query was handled correctly, or that someone else was attempting to do something similar.

To prevent such a system from being used with all potential users, there is the suggestion that a "trust relationship" could be established between the two devices prior to any requests featuring personal data. In practical terms, this would mean a homeowner's iPhone could have requests made to it by a HomePod within the home, but a visitor's iPhone would not be trusted and its data would remain inaccessible until a relationship is created.

The patent application also delves into how the communal device could try to identify and connect to personal devices by network discovery or over a cellular network if Wi-Fi isn't usable, the use of encryption for further protecting data, and the use of an unlock authorization command on the communal device before being able to proceed with accessing personal data on trusted personal devices.

A flowchart showing the decision-making processes relating to personal data requests between communal and personal devices.
A flowchart showing the decision-making processes relating to personal data requests between communal and personal devices.

While Apple does file numerous patent applications on a weekly basis, the existence of the filings are not necessarily a confirmation a product, service, or feature will be made available to consumers in the future, but it does advise of areas of interest for the company's research efforts.

Adding multi-user support to Siri has been a question Apple has been trying to answer for a while, and has appeared in a few patent filings. One patent from August 2018 suggested how Siri could recognize a user's "voice print", using it as a form of authentication to gain access to that particular user's personal data for requests.

Another patent in October continued the concept, with the detection of the user's voice and determining if it is the registered users allowing an iPhone to unlock and perform a query. The voice print could use a "statistical model of the characteristics" of a user's pronunciation of phonemes to create a signature, along with voicing, silences, stop bursts, nasal or liquid interference, and frication, among other elements.

Key to both is that the authentication would occur during normal speech, rather than requiring the use of a specific passphrase.

The possibility of multi-user Siri on HomePod was also raised in January 2018, with strings in one iOS beta and graphical assets hinting at the ability to recognize multiple voices, and to provide custom responses.