Rise of the chatbot: security concerns

How businesses that decide to deploy a chatbot as part of their customer service strategy can ensure best practice security Rise of the chatbot: security concerns image

 

Propelled by recent advances in artificial intelligence and machine learning, businesses are embracing chatbots as an efficient way to engage customers, as well as save time and money by automating certain functions. In a business world in which customer service, especially timely and relevant communication, is the most important factor to success, chatbots can be instrumental in getting ahead of the game.

Essentially an extension of other Human Interface Mediums (your phone, the internet), chatbots enable customers to interact with their service providers via a robot messenger. Moving beyond the simple ‘question and reply’ format of the original chatbots, today’s bots have become so advanced that they can order your shopping, tell you the weather, order you a taxi or even give you personal advice.

Chatbots use software that harnesses artificial intelligence (AI) to process language from interactions between humans and virtual assistants. The reason for the attraction is simple: people find the messaging medium to be more intuitive, more natural and comfortable. So, for businesses dependent on customer service, building a chatbot is an easy way to provide customers with an improved customer experience that streamlines interactions, providing desired information faster and more efficiently than a human customer service agent. In fact, Gartner predicts that only one-third of customer service interactions will require human interaction by the end of this year.

>See also: 5 things marketers need to know about chatbots

As chatbots become increasingly intelligent, they are being equipped with additional capabilities, including the ability to process financial transactions. If you are comfortable using Facebook Messenger or WhatsApp to chat with your friends, then using it to make payments or check your account balance by just a matter of writing a message, versus having to open a new internet banking app, makes sense. This type of transaction through chatbots is already being seen in the US where Uber is integrated into Facebook Messenger, which added a payments solution for businesses in late 2016, meaning users can order and pay for their Uber through a simple message.

Chatbots are a new, exciting frontier for businesses but, as with any new medium, in particular those involving financial transactions, consumers and businesses are right to be wary of security concerns. However, as long as the fundamental principles of security – process, people and technology – are properly applied, chatbots can be an integral part of an organisation’s customer-centric strategy.

Process

Process and regulation concerning data handling and storage is particularly pertinent to chatbots. By their nature, chatbots collect and store information from users and, through machine learning, use this data to train themselves to respond to questions more accurately. Where this information is stored, what it’s used for and who can access it are questions that must be addressed. Organisations must establish rules and processes regarding data storage before implementing a chatbot, and transparency around this is essential for customers who will be using the bot.

People

Any new medium takes time for the population to learn and adopt, which potentially exposes new risks, such as new methods of social engineering attacks. As chatbots become better at imitating humans, the technology will be used by hackers in phishing scams and other social engineering attacks. For example, if a cybercriminal gains access to a chatbot programme they can imitate the bot and use social engineering tactics to establish a rapport with users in order to entice them to click on a malicious link or hand over sensitive information. This is frequently the first stage of a cyberattack, allowing a cybercriminal to penetrate perimeter defences and set up a base of operation inside the network.

End-user education is central to reducing the potential risks of social engineering attacks via the new channel. Due to the connected nature of chatbots, it’s significantly easier to educate users and reduce these risks with technology, as compared to the first introduction of Internet banking. However, if a cybercriminal does manage to use chatbots to trick employees and break their way into the network, protecting privileged credentials will prevent an attack from advancing.

>See also: A CIO’s guide to chatbots: Everything you need to know

Technology

Chatbots can be secured using many of the same security methods used for other mobile technologies; 2FA, behavior analytics, biometrics and AI are just some of the newer technologies that address the issues of authentication and encryption that are central to chatbot security.

Take user identity authentication, where a user’s identity is verified with secure login credentials, such as a username and password, that are then are exchanged for a secure authenticated token that is used to continually verify the identity of the user. With chatbots, there are new mechanisms for user identification. For instance, once you successfully register your Facebook ID to your bank account (for example via a 2FA authentication), your Facebook account can be your userID.

Additional security measures such as two-factor authentication, where a user is required to verify their identity through two separate channels, or biometric authentication that requires a user to verify their identity using a unique physical marker such as a fingerprint or retina scan, can offer an extra layer of security for user authentication.

For maximum security, chatbot communication should also be encrypted. This is especially important in highly regulated industries such as healthcare and finance that handle very sensitive information.

Chatbots represent an exciting new technology that offer businesses huge potential for sales, marketing, and customer service. When deploying a chatbot, organisations should address any security risks by applying the same security principles as with existing mediums, in the same three areas of process, people and technology. By ensuring best practice across these three areas, businesses can fully embrace chatbots’ vast potential.

 

Sourced from David Higgins, director of strategic accounts, CyberArk

Latest news

divider
AI & Machine Learning
Opening the door for more human-like conversations with bots

Opening the door for more human-like conversations with bots

22 March 2019 / Voice-enabled-everything is a dominant theme at any tech show. We have moved on from mere [...]

divider
Business Skills
CTO view: the growing convergence of information technology and operation technology

CTO view: the growing convergence of information technology and operation technology

21 March 2019 / Delving into the role of the CTO, Information Age is on a mission to understand [...]

divider
Retail
Why mobile-first is crucial for omnichannel retailers

Why mobile-first is crucial for omnichannel retailers

21 March 2019 / Big brand high street retailers have been no stranger to unflattering headlines including such phrases [...]

divider
Business Skills
Managing challenges of scale, speed and personal information in the big data era

Managing challenges of scale, speed and personal information in the big data era

21 March 2019 / Worldwide, 2.5 quintillion bytes of data are created every day and, with the expansion of [...]

divider
Cybersecurity
Cyber security skills shortages driving outsourcing

Cyber security skills shortages driving outsourcing

21 March 2019 / Despite heavy investment in security tools, businesses throughout the world are struggling to deal with [...]

divider
M&A
Industry 4.0 shifting from buzzword to reality

Industry 4.0 shifting from buzzword to reality

21 March 2019 / The latest M&A market report from international technology mergers and acquisitions advisor, Hampleton Partners, sheds [...]

divider
Automation
Burnett: Look beyond RPA hype

Burnett: Look beyond RPA hype

21 March 2019 / There is a snag with you and me: we both suffer from a condition: the [...]

divider
Digital Transformation
Business leaders disillusioned with business transformation

Business leaders disillusioned with business transformation

21 March 2019 / If Lewis Carol, had been an analyst specialising in digital transformation, he may well have [...]

divider
IT management
Build a strong B2B eCommerce infrastructure in an increasingly fast world

Build a strong B2B eCommerce infrastructure in an increasingly fast world

20 March 2019 / Consider the relevance of B2B eCommerce infrastructure in the case of making a sale to [...]

Do NOT follow this link or you will be banned from the site!

Pin It on Pinterest