chatbot security

How strong authentication can bolster chatbot security and customer trust

Chatbots open up new opportunities, but there are also security risks.

The lines between human and AI are becoming increasingly blurred. If the recent demonstrations of Google Duplex are to be believed, we may have difficulties knowing if we are talking to a human or a bot in the very near future. In this information age, what downstream impact will this have on business today?

 In the business to consumer marketplace, every enterprise is trying to drive efficiencies along the customer experience journey. Companies set out to have the best end user experience, reduce costs, lower wait times and anticipate customer needs with automated menus and self-service solutions. Technology has now provided industry with the means to complete this task driven process with complete, inperceivable differentiation in automation. Or does it?

 Trust and time are critical, foundational elements to the customer experience. While Google Duplex and similar AI bots might seem like a way to create a more familiar customer experience in the customer’s own language, regional dialect, etc., it also opens the door to more risks.

 When customers interact with an AI Bot, part of the process is to provide identity verification. These processes often entail providing personal information to an automated process, such as address, account number, then something unique like a mother’s maiden name or pin code. Like email, any security holes could redirect customers to an identical phishing bot. These bots could ask all the same questions, acquire security codes and go much deeper than a traditional phishing attack through email.

 This kind of risk will be difficult for any customer to embrace and develop enough trust to provide sensitive information as these kinds of breaches occur over time in the future. Rather than cause doubt, or try and circumvent the AI bot approach and communicate with a real person, these future AI solutions should also embrace a more defined security solution to manage customer identity. Any company that operates in a B2C marketplace should look to the industry to understand who their users are and provide the necessary means to authenticate them easily with their automated user experiences.

 More defined security solutions not only seamlessly authenticate users, but they can develop a deeper trust with the customer that in many instances is easier and faster to use. A user responding with unique passcodes via SMS, voice, facial ID or mobile applications can feel secure knowing the business transaction is trusted and the company cares about protecting their information. While a new generation of AI bots rise in the business landscape, so do the risks to the customer relationship. Fortunately, there are tools today to help mitigate those risks as we look to new efficiencies to create deeper relationships with customers at scale.

Published: 30 May 2018

Category: Industry News

Customer Experience / MFA

Multi-Factor Authentication



Any user. Any device.

For companies that take authentication seriously.

Learn more about SecurEnvoy MFA
Cyber Security Blog

Hear more from
our security

Sign-up today

What to read next...