Artificial intelligence is ubiquitous, and consumers are increasingly concerned about its security and potential for distorted use.
This fear-mongering is at an all-time high. Knowing the public's concerns about AI has made it easier for malicious actors to tailor their attacks to the specific habits of online shoppers.
According to Kumar Dasani, CISO at Digital River, uncertainty tends to cause fear. In this case, the seemingly limitless potential of AI is fueling concerns. The pace of its evolution suggests some features that may be difficult for some to understand, but it's also important to stay grounded in reality.
Dasani advocates best practices for companies to stay ahead of online shopping threats as they implement new technology advancements. He believes this approach is necessary, given that many people are uneasy about the fact that they cannot fully trust AI.
Despite the benefits that AI offers shoppers, such as convenience, personalization, and instant purchasing, research shows that data security and privacy remain top concerns. He warned that hesitancy will only increase as AI becomes more pervasive, and that digital fraudsters are taking advantage of these fears.
“It's never been easier to evade detection as we know the public is struggling to keep up with the rapid transformation and use of AI,” Dasani told E-Commerce Times. told.
A key tool against attack scenarios that increases shopper awareness
Dasani said online shoppers can no longer ignore the dangerous threats posed by AI abuse, such as fraud and account theft.
Digital River CISO
Automated scams, such as sending mass emails or text messages, can easily trick people into divulging sensitive information. AI can also generate misleading information.
“If shoppers are unwilling to understand the ins and outs of AI, they are more likely to fall into the wrong hands of online thieves. Everyone should engage with AI tools at some level to gain a basic understanding. “You need to experience it,” he urged.
One of the big misconceptions today is that AI can enhance security improvements. In essence, AI has the potential to become a powerful countermeasure against other AI-powered threats such as deepfakes.
The reality of AI in cybersecurity
That may or may not be the case. But probably not right away. Building effective digital defenses generated by AI is in the early stages of the larger development of generative AI.
“It’s hard to say how effective it will be at spotting deepfakes and other advanced threats. Can we really trust AI to detect manipulated images, videos, or other It is reasonable to think that a model could be trained to identify the threats that AI generates,” Dasani said.
But he countered that the likely reality is that there is always a human element to mitigating a threat. He has seen AI prove fallible in many cases, but that mixing in human intuition for AI fact-checking and vice versa is most effective. You can see.
“But I do think there is an opportunity. To solve known problems, we need to leverage AI when it makes sense, is reliable and understandable from a capabilities perspective,” Dasani said.
Take layered action now while waiting continues
E-commerce merchants and shoppers alike need to take a multi-layered approach to online security. Dasani argues that security is “everyone's responsibility” and that it is the merchant's responsibility to protect the consumer and vice versa. Not being intimidated by AI’s great reputation or being fooled by seemingly sophisticated threats like deepfakes is a great first step to strengthening your cyber defenses.
“There is a good chance that the worst-case scenario will never materialize. On a practical level, security teams need to be aware of these possibilities and continue to strengthen their defenses while understanding and limiting their attack surface. Yes,” Dasani advised.
We also need to be very careful not to rely on AI at all times. The information displayed may not be accurate and may be based on biased data.
Simple measures like two-factor authentication for customer accounts can go a long way in providing shoppers with an extra layer of protection. This multi-layered approach also needs to be holistic, Dasani added.
Actions are different for sellers and shoppers
Merchants are responsible for providing secure shopping carts and reliable safeguards, but consumers must use them appropriately. Much of the responsibility lies with the vendor.
For vendors, this is the first line of defense. You must constantly adapt your actions to provide your customers with the tools and education to stay safe.
In other words, merchants need to proactively combat emerging threats using the right technology. Customers need to be reactive. For them, Dasani said, that means listening to instructions from distributors based on proper protocols.
“The key on the vendor side is defensiveness and depth. This includes strong authentication and authorization practices, data privacy, secure encrypted connections, secure shopping carts, limited data retention, and data loss prevention features.”
For shoppers, layered security means paying close attention. There are a few simple steps you can take to thwart bad actors and protect your personal information.
- Use a unique password and unique user ID
- Use a trusted password manager
- Change your passwords regularly and utilize multi-factor authentication features
“Shoppers need to set up different accounts for different purposes, such as a Gmail account for financial transactions or a Hotmail account for shopping sites,” he added.
Best practices may be better than new regulations
Dasani pointed out that regulations are often difficult to predict. As governments move closer to defining AI guardrails, security will become an area of focus.
“A globalized world brings great complexity. In the context of e-commerce, each new market in which a brand is sold introduces new considerations. This allows brands to grow while protecting themselves and their customers. “As we seek to protect and exploit opportunities, regulation from a security perspective is not only beneficial but necessary,” he said.
However, regulation and compliance do not always equate to security. Therefore, merchants and sellers need to design the concept as a fundamental step and incorporate it into their products and applications to ensure robust security measures and security/privacy, he said. insisted.
A strong foundation is your best defense against new risks. Instilling the right approach to threat intelligence facilitates proactive monitoring and alerting on the part of the seller, facilitating the deployment of a solid incident response strategy. For consumers, new awareness and education is essential as bad actors become more sophisticated in disguising their threats.
“AI lowers the barrier to more elaborate phishing and brand imitation schemes, and customers need to be aware of subtle warning signs and red flags as they navigate the world of e-commerce, text messages, No matter how important the email or phone call, always check directly with the source to get assurance about the legitimacy of the issue,” Dasani concluded.
