Motivation

In the digital world, ensuring the security and integrity of user data is paramount. One of the key ways to achieve this is through user authentication in text and voice chats and the use of One-Time Passwords (OTPs). Let's delve into the benefits of these security measures.

User Authentication in Text Chats

User authentication in text chats is more than just a login process. It's a crucial security measure with several benefits:

1. Identity Verification: Authentication verifies the identity of the user, ensuring that the person behind the screen is indeed who they claim to be. This is a critical step in maintaining the integrity of user data and preventing unauthorized access.

2. Data Protection: User authentication protects sensitive data from falling into the wrong hands. This is particularly important in text chats where personal or confidential information may be shared.

3. Accountability: Authenticated users have their actions tracked and logged. This level of accountability can deter misuse and is invaluable when auditing is required.

The Power of One-Time Passwords

One-Time Passwords (OTPs), typically sent via email or text message, are another powerful tool in the cybersecurity arsenal. Here's why:

1. Prevent Replay Attacks: OTPs are valid for only one login session or transaction, preventing replay attacks where an attacker might try to reuse a password intercepted in transit.

2. Ease of Use: OTPs do not require users to remember complex passwords, making them user-friendly while still maintaining a high level of security.

While these methods significantly enhance security, it's important to remember that no system is entirely foolproof. Continual updates and reviews of security protocols are necessary to address emerging threats. In the ever-evolving landscape of cybersecurity, staying one step ahead is the key to safeguarding your digital assets.

Implementation

To start with the basics to identify the user, we implement a pre-conversation survey in our text chat workstream. How to set this up, was described in an earlier article.
In this example, we ask three questions.
The user´s name, the email address (for returning/registered customers), and the consent for our T&Cs.

Prerequisites

• Create a flow to check if the entered name is a contact in your D365 contact database and if yes, if the entered email address is identical to the email address in the account record.

• Add this flow to the "Conversation Start" topic with a question, asking the user. to authenticate.

Authentication as a topic

• Create a new topic without trigger phrases and integrate it into the true condition of the "start conversation" topic.

• first, use the checked email and inject it into a flow
  "generate the verification code"

• The generated code is the output of the flow and is stored in a variable. The flow itself sends the code to the user's registered email address.

• Ask the user to input the code using a question node.

  

  • Verify the code using another flow, "Validate the code."

Flow 1: generate verification code

• Create the flow as shown above with CodeLength.

• Use a formula like:

plaintext substring(replace(guid(), '-', ''), 0, min(variables('CodeLength'), 32))to create the verification code.

• Use an email template like the following to send the code to the user:

Flow 2: Validate the code.

Use a simple check to verify the code and return a Boolean value the topic.

Conclusion

In the digital age, ensuring the security of user data is paramount. User authentication in text chats using One-Time Passwords (OTPs) is one method to achieve this. This helps verify identity, protect sensitivity, and deter misuse by maintaining accountability. To implement user authentication in your Dynamics 365 Customer Service text chat workstream, create a pre-conversation survey to collect usernames and email addresses and integrate two flows: one to send an OTP to the user and another to validate the code.