VoIP Applications Create A New Cybersecurity Challenge
By: Matt Goggin
Despite the text messaging we do, and the rise of online chat and chatbots, the number one channel for customer engagement is still voice, and there is no indication voice will ever lose its leading position in the contact center space.
Why is voice so attractive, and in some instances gaining ground?
The answer is simple: getting to the bottom of a non-trivial problem takes less time when two humans speak, especially when the human answering the call is an expert in whatever the issue may be.
The popularity of voice, especially for high-value interactions is driving tremendous innovation across what is now more commonly being called “Customer Experience,” or CX. For example, in the luxury travel industry, concierge services can be provided to rewards program members, or in the wealth management industry, financial advisors are able to respond successfully to high-net-worth clients.
CX providers are now leveraging instantaneous voice transcription, for example, to capture, store, analyze and create instruction for the agent in real-time, thus enabling them to solve problems more precisely and answer questions in a personalized way. It can also be used to provide ongoing insights and trends which can enhance the entire business, using AI applications that run across all channels (voice, text, social media, embedded, and more).
“This call may be recorded for quality and training purposes” has become standard, but today those recorded conversations are now stored in vast big data lakes and are tapped for many valuable applications. Often APIs are used that share the raw data (from inbound at the contact center for example) and feed that data into third-party applications. Data is being shared at a dramatically increasing rate, as the telecom API market is poised to reach over $300 billion (from zero in 2000, before the creation and adoption of APIs began).
An API is a set of standard software functions an application can use, and large tech companies including IBM and Oracle are building CX businesses around them. Telecom APIs enable a third-party company to access data/information from telecom network operators for purposes of application support and the delivery of Value-added Service applications. Twilio has been an innovation leader, building and monetizing with tens of thousands of developers, including those in the CX industry.
The conversational economy is here, and AI has helped fuel value creation in that economy, analyzing billions of conversations a day in the CX space. Have we paid enough attention to ensuring these innovations are secure?
Some immediately think of voice biometrics – voice authentication – as the answer. That technology is still nascent, and ultimately it only protects one consumer at a time, when they wish to access personal information, for example, including through modern IVR systems. Whether authenticating voices from a voice call, or even a connected IoT device that is voice-activated, IT teams are charged with ensuring comprehensive security, identity, and compliance for every voice interaction.
Companies like Pindrop help contact centers authenticate customers and detect fraud throughout the lifecycle of a call. They assist by analyzing the audio, voice, behavior, and metadata to create call risk scores and customer credentials. Other companies are advancing voice biometrics and security analytics applied to voice sessions. These are all important and valuable services, but if the network itself is not secure, attacks on the infrastructure and theft of highly sensitive and personalized data can cause significant damage.
Securing voice traffic is not new; Session Border Controllers (SBCs), for example, work with the Session Initiation Protocol (SIP) used to connect phone calls over Internet Protocol (IP). SBCs have been in place for contact centers using firewalls that prevent criminals from infiltrating networks. Encryption of voice traffic and protection against denial of service attacks and toll fraud to keep conversations private while preventing others from using them illegitimately are steps in the right direction. However, the stakes are now higher. Now that every conversation can be transcribed into data which can be exfiltrated from large data storage (often held in AWS and other cloud environments).
This new architecture supporting new services, including big data analytics, is coming under new scrutiny by regulators. This is especially true in the healthcare industry where HIPAA and other requirements are present, and in the financial services and credit card industries where SOX, PCI, and other requirements are increasing. On the one hand, regulators are concerned about adversaries being able to benefit from transcribed voice information. While on the other hand, they are looking at advances there to be able to screen more efficiently as part of their audits to ensure providers are compliant.
While it would have been impossible a few years ago to be able to search key words against billions of calls, companies like CustomerView have developed extraordinary capabilities in the transcription and analytics world. These advances enable communication service providers to comply more easily with FCC regulations, including offer compliance.
Dispersive’s contribution to a fully secure networking and application “stack” is providing a better way to transmit data over IP networks, including data that is shared via APIs into a cloud-hosted database or an application. We make data sharing through integrations with third-party applications more secure and performant with faster processing times based on our proprietary methods.
Dispersive™ Virtual Network deployments are composed of three fundamental components: endpoint clients/gateways, strategically placed deflects, and controllers. These components make our solution ideal for distributed systems including cloud-based contact centers which connect thousands of agents, managers, applications, databases, and other innovations. Our solution enables the personalization of every conversation, reduces handle time, which improves customer satisfaction and lowers cost, and generally provides better outcomes for businesses and their customers.
Please reach out if you’d like to learn more about Dispersive™ Virtual Network’s benefits for CX systems, platforms and applications. — Matt Goggin
Last weekend a number of people and businesses experienced widescale service disruption, network slowdowns, and other issues as a leading carrier grappled with significant challenges with their network.
The increasing impact of the growth of renewable energy on transmission and distribution power networks is driving disruption and the need for main grid and microgrid operators to transform their systems to enable more adaptive power flow control for the important balancing of generation and load.
Dispersive announced last week it has developed a combined offering with ClearBlade, a pioneer and fast-growing Industrial IoT software and platform company delivering sophisticated connected systems for large enterprises. We’ve been working together in our labs and behind the scenes to bundle ClearBlade’s award-winning and widely deployed IIoT solutions (which support edge, cloud and enterprise systems, big data collection, analytics and real time control systems), to make it easier for customers to benefit from zero-touch commissioning, management, and zero-trust networking.