Artificial Intelligence (AI)-powered solutions such as Amelia are completely upending customer expectations for their interactions with digital systems. These technologies provide automated 24/7 omni-channel access to information and services, which enables enterprises to expand offerings without expanding overhead expenses. However, all these innovations are worthless if users don’t trust that their data will be properly secured. Case in point: See the demise of SaaS provider Code Spaces, which went out of business following a hack.
Enterprises work around the clock to keep their networks as close to 100% secure as possible. Here are four things enterprises should keep in mind when it comes to securing customer data with AI.
Data at rest is considered to be inherently more secure than data in transit. Keeping this mind, an AI solution deployed entirely on-premises may require fewer data transits than one deployed in the public cloud, however this sacrifices secure backups and other redundancies enabled by the cloud. Still, If proper security measures are undertaken by both cloud provider and customer, then implementing on the cloud is generally considered a safe endeavor.
Regardless of where the solution lives, all systems should encrypt data to ensure that even if there is a breach, the information isn’t readily accessible by unauthorized parties. One important trend in cryptography for AI systems is differential privacy, which adds a bit of noise to large data sets to mask individual users, but still makes them easily accessible to machine learning algorithms.
One of the most interesting applications of AI is in the conversational realm. Solutions such as Amelia allow customers to simply speak to a digital system just as they would to a human. There is a lot of potential there for transforming the user experience (UX), but with this ease of digital access comes new considerations for things like authentication.
Of course, the technology exists that allows a user to access their banking information directly through their Amazon Echo, but most users wouldn’t want this information accessible to any visitor in their home via a simple question like, “Alexa, how much money is in my checking account?” Conversational AI needs to be accompanied by the same strong access barriers one would encounter through a Web or mobile interface. This virtual barrier could include passwords, biometrics or multi-factor authentication – the more sensitive the information, the more secure the barrier should be.
Keep Up on the Latest
AI-powered systems, and conversational systems in particular, are relatively new technologies. As with any new technology, there are bound to be security concerns down the line which we have yet to even consider. That’s why decision makers must keep up on the latest InfoSec (Information Security) trends.
For example, voice authentication had previously been considered a reliable biometric that would only permit access based on a voice pattern unique to each person (an ideal solution for the conversational AI age). However, last year a BBC reporter was able to fool a major bank’s voice authentication software using his non-identical twin brother as a stand-in. Even more alarming, a pair of researchers recently showed the ability to fool voice authenticators using mimicking software. One of those researches said voice authentication should be treated as “a weak signal on top of multi-factor authentication.”
The key takeaway is that as enterprises rush to stay ahead of customer expectations by implementing AI systems, they should always be mindful of staying ahead of the hackers, phishers and bad guys too when it comes to securing user and customer data.