CXTech Week 12 2021 News and Analysis

The purpose of this CXTech Week 12 2021 newsletter is to highlight, with commentary, some of the news stories in CXTech this week. What is CXTech?  The C stands for Connectivity, Communications, Collaboration, Conversation, Customer; X for Experience because that’s what matters; and Tech because the focus is enablers.

You can sign up here to receive the CXTech News and Analysis by email. Please forward this on if you think someone should join the list. And please let me know any CXTech news I should include.

Covered this week:

Identity Authentication is HOT!

I covered last year the raises in identity authentication by Prove of $100M and BigID. We now have Socure raising $100M at a $1.3B valuation, and Seon raising $10M. I position Prove and Socure as direct competitors. Socure has focused on banks, and done a good job winning accounts from Experian. The cash will likely be spent opening up other verticals and possibly international expansion.

It’s interesting to note TeleSign’s Score dominates with the web companies, which gives it global reach, and a global identity verification product. Given Socure’s valuation, the price paid by Proximus for both TeleSign and BICS ($1.3B combined) looks like a steal.

A trend I’m seeing across an increasing number of identity authentication technologies is using the knowledge to get customers to what they want faster. We covered this at TADSummit EMEA / Americas 2020 from Smartnumbers and TeleSign.

I’m now seeing speaker recognition also being used to complement the data points used to determine confidence of an identity, and hence automate services that would otherwise require an agent. This is not confirming the identity via voice or video recognition, that’s an arms race with deep fake technology no one will win.

Rather, it sounds like Alan (based on previous confirmed interactions), he’s using a device he’s used before through the carrier he’s used before, at a time he usually contacts us, from his home. So let’s make that the first thing he hears/sees on the menu the thing he usually requests. See below with Pindrop acquiring Next Caller for more confirmation of this trend.

The fashion is to slap a trendy AI label over this, but the math behind the confidence number is the neat part, and the resulting automations making customers’ journeys faster and more secure. Security doesn’t have to be a PITA, it can actually make experiences better. I have to admit I never thought that was possible.

Pindrop Acquires Next Caller

Pindrop, identity, security, and trust for voice interactions, has acquired Next Caller Inc., enterprise-grade call verification and fraud detection technology for contact centers.

I became aware of Next Caller when Amy Meyers moved their from Flowroute. Amy was part of TADHack Orlando 2019, helping developers use Flowroute.

Twilio acquires India-based CPaaS, ValueFirst

Twilio acquired ValueFirst, an Indian communications platform as a Service (CPaaS). Financial terms have not been disclosed.

ValueFirst connects businesses with consumers over telecom (SMS and voice) and Internet (chatbots, email and over-the-top) channels.

In the prior fiscal year, the company processed 42B+ text messages. Founded in 2003, ValueFirst has offices across India, the Middle East and Indonesia and product line up from Messaging, to MarTech, to Conversational AI; with 2.5K enterprise customers in the region.

In April 2020, Twilio opened its R&D office in South India (Bengaluru). ValueFirst dramatically accelerates Twilo’s position across India and Indonesia.

Okey Monitor Launched & SMS Hijack Blamed on NetNumber

Christopher Brown, a TADSummit Americas 2019 presenter, has just launched Okey Monitor. They monitor out-of-band communications such as your routes and carrier settings. If a malicious event takes place, they’ll alert you through alternative forms of trusted communication. They also offer this service wholesale through an API.

You do not need to be SIM swapped, where hackers trick or bribe telecom employees to port a target’s phone number to their own SIM card. In this Vice article, the hacker used a service by a company called Sakari, which helps businesses do SMS marketing and mass messaging, to reroute messages to him.

How this works is resellers fill out a Letter of Authorization (LOA) which tells their wholesale carrier they have the rights to a number, whilst the wholesale carrier trusts the LOA is reliable. SMS messages meant for you could then be rerouted to a different number, and you would have no way of knowing it had happened. With a SIM swap you can see that service to your phone has been interrupted, whereas this new SMS rerouting hijack would be invisible to the victim. This article discusses it in more depth.

The US regulator is biased towards the incumbents, look at how STIR/SHAKEN is implemented, the failure of local loop unbundling, the over charging of American mobile phone consumers by 2-3 times their western peers, the duopoly of A2P SMS interconnect tyntec tried to break, and even successes like number portability are because it was desired by the incumbents. SMS was always the poor cousin of voice, relying on the CTIA. There should be a regulated database, not this loose association of FOCCCers (Friends of the CTIA/FCC). See the next article for the regulatory failures on robocalling.

FCC fines telemarketers a record $225 million. But how much will be collected?

FCC on Wednesday fined Texas-based telemarketers John Spiller and Jakob Mears $225 million after finding that their companies placed roughly 1 billion spam robocalls over a period of less than five months in early 2019. Back in 2019 the FCC “fined” robocallers $208 million since 2015 but collected only $6,790.

Spam robocalling generates an almost immediate 100% ROI, see the diagram below for the business model.

This article is a great summary of the mess of spam robocalling in the US, why STIR/SHAKEN is unlikely to be the complete answer by June 2021 if ever, and the situation could be about to get much worse.

The lack of a route through the courts comes down to the 2016 6-2 Supreme Court decision in Spokeo Inc. v. Robins for the rise of spam robocalling. Spokeo came to mean that being annoyed isn’t enough to sue an illegal telemarketer in federal court. A plaintiff needs to be injured, which makes it much harder to build a case against telemarketing operations doing flagrantly illegal things that rarely injure people.

As the COVID-19 pandemic abates, spam calls are poised to increase because call centers shut down due to social distancing will reopen. Also the Supreme Court is at it again with a case between Facebook and Noah Duguid. Which if FB wins could prompt even more spam texts and calls.

I’m not going to rant about Congress. However, the pro-robocall lobby vastly exceeds that of the anti-robocall crowd. An Insider analysis of Center for Responsive Politics data found that as a whole, the pro-Facebook forces spent a collective $184.7 million on federal lobbying across all issues in 2020, employing a collective 689 unique lobbyists.

By comparison, the various consumer groups that signed on to support Duguid’s case employed a collective six federal lobbyists in 2020, and spent a grand total of $250,000 across all issues (over 700 to 1). Congress has relented in pursuing aggressive anti-robocall policies <sigh>.

Personally, I have a simple working model, given the failure to tackle spam calling and messaging so far. If an incoming call is not in my contact list I do not answer it, if a VM is left I’ll check it later in the day, about 50% of VMs are robocalls at the moment. Android seems to do a good job on capturing SMS spam, see below. Lawyers and politicians are the reason the US has failed to tackle spam robocalling.

TADSummit Asia Agenda Update

The TADSummit Asia agenda is coming together nicely, about half way there on content. Some of the recent additions include:

  • Pitfalls and potholes of content moderation for chatbots by Elayne Ruane of LERO Centre
  • Tools for Offensive RTC security. Introducing SIPVicious PRO and the demo server. By Sandro Gauci of Enable Security.
  • Workshop: My Two Bits on Qubits by Craig Richards.

Pitfalls and potholes of content moderation for chatbots

Elayne Ruane, PhD researcher in QA of Conversational AI at LERO Centre

  • Chatbots can provide a fast and convenient experience to customers who need to solve a problem, complete a task, or get some information.
  • The promise of the speed and availability of a machine combined with the conversation and accessibility of a human is an attractive solution.
  • But what about when chatbots fail to live up to those expectations, the user gets frustrated, and the conversation gets heated?
  • Abusive messages from users towards chatbots are not uncommon and moderation efforts are fraught with unintended consequences.
  • This presentation will discuss approaches to content moderation for chatbots, common pitfalls, and some recommendations for handling abusive messages.

Tools for Offensive RTC security. Introducing SIPVicious PRO and the demo server.

Sandro Gauci, CEO / Senior Penetration Tester / Chief mischief officer at Enable Security GmbH

In Sandro’s previous talk for TADSummit EMEA Americas 2020, he spoke about why it is critical to take an offensive approach when dealing with SIP security.

In this presentation, he shows how tools can help in testing RTC security as well as in learning more about offensive security for RTC.

After a general overview of the landscape, he will focus on the work that his team has done on SIPVicious PRO and the target demo server that helps learn and show vulnerabilities in a lab environment.

Workshop: My Two Bits on Qubits

Craig Richards, TADSummit and TADHack supporter since the beginning of TADS.

  • What is Quantum Computing
  • The huge potential for Quantum Computing
  • How is Quantum Computing Different
  • What problems can Quantum Computing Solve
  • Quantum Computing is real and it is here now!
  • Quantum Computing Realities
  • Applications in Communications

People, Gossip, and Frivolous Stuff

Yuri Viviana Daza Gaviria is now Analista programadora at Consulting eSoluzion. She’s also a multi-year TADHack winner.

Christopher Brown (previous TADSummit Americas presenter), is now Chief Executive Officer at Okey Systems.

Faidz Raziff Izham is now Program Manager Office at Digital National Berhad.

Michael Tuminello is now Vice President Strategy at Flashtalking, ad management and analytics technology.

Guillaume K. Saouli is now Partner at Sémafor Conseil, security and governance.

Craig Vintcent is now Chief Revenue Officer at Brady, energy and commodity trading software. We met when he was with Oracle.

You can sign up here to receive the CXTech News and Analysis by email.