Skip to content

How the Turing Test Impacts Cybercrime & Cybersecurity

November 1, 2016

Telesign Team
A laptop with an encrypted screen.

2014’s The Imitation Game, portrays mathematician Alan Turing’s mastery over the “unbreakable” German code, Enigma, during World War II. Instead of breaking code by hand, Turing invented a cryptanalytic machine that translated common German phrases and patterns that, once recognized, helped the machine decode hundreds of German military transmissions. This breakthrough gave the British government access to highly classified information, eventually leading to an Allied victory in WWII.

While Turing may be best known for his contributions during WWII, his work has greatly affected computing as we know it today. Some of Turing’s most prolific theories were outlined in his 1950 paper entitled, “Computing Machinery and Intelligence,” where he discussed the importance of artificial intelligence (AI) and his “Turing Test.”

What Is the Turing Test?

Turing designed the Turing Test as a way to determine whether a computer was capable of thinking like or imitating a human, demonstrating intelligence. At its most basic, the Turing Test consists of two participants: a computer and a human using a computer. The human was instructed to communicate with the other contestant through a computer. If the human believed he was talking to another human when he was actually talking to the computer, the computer was considered intelligent (demonstrating “artificial intelligence”) and “passed” the test.

AI Is Evolving

An AI robot typing on a keyboard.

We now see many applications of AI in our daily lives. Computer systems routinely perform tasks that require human intelligence, like playing a game of chess or language translation. AI can even be integrated into customer service software platforms, meaning an online chat with a company could be with a computer (now commonly referred to as a “bot”), not a human. Interaction with these forms of AI are most recently being seen in messaging platforms, where the mere discussion of something can trigger a helpful bot to join the conversation and offer up its services.

The Impact of AI on Fraud

Unfortunately, cybercriminals are continuously finding new ways to automate their hacking into business and personal systems using bots and other computer programs. To help prevent bad actors from using AI to create fake accounts in bulk, the Turing Test inspired the creation of CAPTCHA, which verifies humanity with distorted text that must be accurately re-typed into a box, something computers were incapable of doing when it was first created. As AI evolves however, it can now solve a CAPTCHA with 99.8% accuracy.

Hackers can use artificial intelligence in a variety of ways to commit fraud, one path being through social media. In fact, John Seymour and Philip Tully of Zero Fox have been able to use it to coax Twitter users into opening malicious links with a success rate as high as 66%.

Tully and Seymour formed SNAP_R, a “recurrent neural network that learns to tweet phishing posts targeting specific users.” In other words, SNAP_R can select a high-risk/high-value target by analyzing Twitter profiles and post topics. Once a target is selected, SNAP_R generates a tailored post that the target will be likely to click. These posts include a “malicious” link disguised by a shortened URL, and once clicked, SNAP_R would be free to roam. It should be noted that Tully and Seymour created SNAP_R to create awareness of the offensive capabilities AI possesses; it is not intended for malicious purposes. One thing the team has proven, AI has made it more difficult for the security teams behind online accounts to stay ahead of fraudsters.

The Upside of Artificial Intelligence

A diagram of a machine learning API.

“Computing Machinery and Intelligence” helped set in motion the modern, “machine learning,” approach to data analysis that we now see coming from the world’s leading technology companies. Machine learning, in short, is a discipline between applied mathematics and computer science that allows us to analyze huge amounts of data with mathematical algorithms in order to predict future events. While it’s being utilized by bad actors in scenarios like the one described above, it’s also helping data scientists and developers improve user experience, increase revenue, grow users and—in the security space—improve fraud detection and prevention products and solutions.Where fraudsters have found ways to “use the machines against us,” security experts are investing in exploring, testing and implementing ways that AI can support a new frontier of cybersecurity. Security solutions like phone verification at new account registration and two-factor authentication to prevent account takeovers and fraudulent transactions have already helped online and mobile application companies reduce fraud and protect their valuable users. Machine learning, however, has enabled security experts to build fraud detection systems capable of analyzing massive amounts of end-user-related collected data in order to identify potential fraud risks in real-time and with significantly improved accuracy.

Score One for the Good Guys

Score risk level illustrated.

Telesign has lead the way in using end-user-provided phone numbers to help online and mobile application businesses increase their account security. With our Intelligence API we can look at data, intelligence, traffic patterns and reported fraud on virtually any number in the world in order deliver a fraud risk score that helps determine whether a user should be allowed to register an account or make a high-value transaction. But our product and engineering teams are dedicated to ensuring that as hackers grow in their ability to commit fraud, so too does a customer’s ability to defend against it. Because our team places a highly focused effort on consistently improving the intelligence behind this industry-leading API, Intelligence now uses machine learning to uncover hidden insights in the data collected to populate a range of fraud predictors. Customized machine learning models further increase the effectiveness and accuracy of Intelligence’s fraud detection capabilities. We are able to help businesses mitigate more fraudulent activity by identifying bad users before they create accounts and unleash their various fraud techniques on the good ones.

So, the continuing advancements of AI since Turing’s work over 65 years ago have benefited the good guys, too. The Intelligence API is machine learning and AI at its best—helping provide the strongest and smartest approach to protecting businesses and their consumers so that technological innovation can continue to flourish, without fraud getting in the way. It certainly seems to be more in line with what Turing would have wanted.

See how Intelligence works through our free trial – get started now.