Chatbots act as friendly assistants that make life easier by helping us book flights, appointments, shop, get answers to our questions, etc. Chatbots are everywhere and coming to more places. Customers get 24/7 support and companies don’t have to spend a fortune on staff.
In fact, 80% of companies want to have some type of chatbot interface implemented by 2020.
But, what are the security best practices around chatbots and what can be done to mitigate any attack surfaces they expose?
Typically, chatbots that are used in industries such as retail, banking, financial services, and travel handle very important data such as credit/debit cards, SSN, bank accounts, and other Sensitive PII (Personally identifiable information). The collection of this type of data is vital for the chatbot to do its job; therefore, chatbots and others digital assistants become an attractive target to be exploited by an attacker to steal users’ information.