The chatbot revolution will (not) be secure

Two blockchain projects hope to prevent bot authentication issues before they start.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Verizon Vice President of Digital Ashok Kumar believes chatbots will soon replace websites as the user interface (UI) of choice. He’s likely right: According to a 2017 Grand View Research report, roughly 45 percent of consumers already prefer to address customer service concerns by bot and Oracle claims that by 2020, 80 percent of sales and marketing departments will be using bots.

While bad UI can make sites difficult to maneuver, chat is naturally intuitive. "Everybody knows language and everybody knows how to speak," Kumar says.

But when the chatbot revolution comes, will its ecosystem be secure enough to take over?

Just like web sites, chatbots must be secure in multiple ways: Bot developers have to store data safely, guard their systems against hack, and make sure connections to the core messaging platform (such as Slack or Facebook Messenger) are secure.

"When you go to a website, there's [an SSL] certificate," says chatbot investor Andrew Rollins. SSL is short for Secure Sockets Layer, a protocol that ensures encryption between any given website and the user’s browser. “There's some certificate authority that granted that certificate,” he continues. “There's a private key installed in the web server.”

These measures aren’t just there for the developer’s benefit, Rollins explains, but also for the user: “When you see that URL in the top search bar is green instead of red, you have some semblance of an expectation that that is in fact Amazon [for example] that you just went to.” For chatbots, he continues, there’s nothing.

There needs to be. “If you want to text something — whether it's on Twitter or through Facebook or just an SMS or whatever, how do you know that the thing you're talking to on the other side is what you think you're talking to?” Rollins asks. Without a bot version of SSL, hackers could pose as authorized chatbots, leaving you none the wiser.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.