A matter of trust

Organisations around the world are hugely reliant on digital technology, which is helping them to improve services to customers, drive internal efficiencies and identify new opportunities using big data.

But while digital technologies offer significant advantages, they have also injected more risk into organisations’ operations. A successful cyber-attack can cause serious damage financially, legally and reputationally, and the more businesses rely on data, the more at risk they become. With many organisations having large amounts of sensitive customer data, they must protect this if they are to continue to retain customer trust.

The advent of artificial intelligence (AI) – and generative AI (genAI) in particular – has only served to increase both organisations’ reliance on technology and the risk they face from attacks. Data from CompTIA finds over half of businesses (55 per cent) now engage in at least some form of AI implementation.

AI itself can be used to create cyber-attacks, not least through the creation of highly convincing deepfake videos and voice messages. Research suggests there has been a more than 1,200 per cent increase in phishing attempts since the launch of ChatGPT alone.

The growing impact of AI is a major focus for the 2024 Telesign Trust Index, which explores how AI is affecting the world of business and society more generally. The research finds that many people remain complacent about the risks they are exposed to from generative AI, but also see brands as responsible for protecting them from fraud. “This could leave people vulnerable if the services they engage with online don’t provide digital fraud protection,” warns Telesign CEO Christophe Van de Weyer.

The message for businesses, though, is that the onus is on them rather than consumers to keep people’s data and digital identities, and their own reputations, secure. The Trust Index revealed several digital fraud trends resulting from AI, which businesses will need to address if they are to retain customer trust:

Account takeovers: Generative AI is helping bad actors create much more convincing fraudulent emails – as well as videos and voice messages – which can dupe people into providing login information or access to customer data. This then means they can access customer card details and other information and use it to make transactions or sell on to other bad actors.

Exploiting multi-factor authentication: Data suggests multi-factor authentication was not active in around 99 per cent of successful attacks on digital systems, even if it was present. Many digital platforms still don’t use multi-factor authentication consistently as a default. Businesses must ensure this is active at all times, and engage in training both IT and other staff so they understand why this is so important.

Fake accounts: Creating fake accounts is an increasingly common way for bad actors to conduct fraud, by embedding themselves in social media platforms and communities and causing embarrassment to brands. Fake accounts can also be used to spread deepfakes. While many technology firms are making strides in how to quickly identify, label and remove AI-generated images and videos, distribution of this content remains a key challenge. For online businesses, it’s vital to carry out Know Your Customer checks to make it easier to spot fake accounts.

Against this backdrop, all businesses must have access to comprehensive and data-driven digital identity systems using multi-factor authentication, to help ensure people are who they say they are.

“In our increasingly digital world, multi-factor authentication is an essential safeguard,” says Van de Weyer. “Any business with a digital presence, regardless of size or sector, must prioritise security. Whether you’re interacting with customers online, processing transactions or simply managing user accounts, multi-factor authentication serves as a critical barrier against the ever-growing threats of cyber-attacks and data breaches.”

Telesign’s Verify API, for instance, enables businesses to verify identities across seven different messaging, push, voice and “over-the-top” (OTT) channels. This means security and fraud teams can choose which primary channel works best for them and to specify an alternate channel for automatic fallback should one fail. The omnichannel approach also makes multi-factor authentication a more frictionless and customer-friendly experience. Channels can be selected by country or region to optimise experience and cost. Additionally, verified business accounts are available with WhatsApp, Viber and RCS messaging to help prevent social engineering and phishing attacks. 

With customer trust vital to the success of every organisation, this is not an issue that can be ignored by businesses. “In the era of AI, businesses stand at a crossroads, tasked with not only adopting innovative technologies but also fostering trust,” says Van de Weyer. “Those who navigate this challenge successfully will emerge as beacons of trust in the digital world.”

To find out more about how Telesign could help provide you with a simple and powerful tool for secure authentication, visit telesign.com/contact-sales