Fixing the Digital Trust Issue in ChatGPT for Travel
As travel companies increasingly adopt ChatGPT and other generative artificial intelligence technologies, concerns about privacy and trust are escalating. The Italian data protection agency recently blocked ChatGPT due to unease about privacy controls, and some experts are sounding the alarm about the convergence of data privacy, trust, and powerful technologies that are becoming ubiquitous.
At the same time, the travel industry is seeing a flurry of activity as new tools and services are launched using ChatGPT. Expedia, Kayak, and Trip.com are among the first brands to release plug-ins for ChatGPT, and dozens of other companies are rolling out integrations.
But with the launch of plug-ins, ChatGPT can now access external data sources, creating more opportunities but also more risks for privacy and security. This has led some experts to propose solutions like verifiable credentials and decentralized identifier communications protocols (DIDComm) to enable secure, trustworthy person-to-AI interaction, mitigate risks, and maximize a seamless experience for both companies and consumers.
Verifiable Credentials for Secure Person-to-AI Interaction
According to Trevor Butterworth, co-founder and vice president for communications and governance for Indicio, and Karl Schweppe, head of innovation at digital product studio Bay Tree Ventures, the use of verifiable credentials in tandem with a decentralized identifier communications protocol (DIDComm) would enable secure, trustworthy person-to-AI interaction in travel.
Verifiable credentials are tamper-evident credentials with authorship that can be cryptographically verified, while DIDComm is a communications protocol that enables secure, private, and authenticated communication between parties. Used in combination, these technologies could enable consumers to use ChatGPT agents to handle tasks such as booking flights and hotels according to preferences and then automatically paying for those bookings through secure, digital communication with the traveler’s bank.
“It’s the only solution that can really manage the need for continuous verification between each party in the interaction,” said Butterworth. “I recognize my ChatGPT agent as being mine, and it recognizes me as the owner. Whoever we are dealing with – the hotel for example - recognizes that the ChatGPT agent is my agent and that it’s not interacting with someone else. And when we exchange information, this process of verification is continuous. It applies zero trust relentlessly in order to ensure our data is secure.”
Digital Trust is Critical for the Future of AI and Travel
As AI continues to evolve and create more opportunities for personalization and frictionless experiences for shopping and booking, digital trust is critical for the future of AI and travel. According to Jamie Smith, an expert on self-sovereign identity, digital trust is necessary because AI is creating “an explosion of fake everything.”
“In a world where I can’t tell what is real and fake, we’ll need digital wallets to help us prove who we are and for us to make sense of what we are seeing,” Smith said. “Yesterday it was fake reviews on Tripadvisor, tomorrow it will be you’ve taken my money for a package trip, but I get off the plane and there is no tour guide, there is no bus to collect you, there is no hotel. All the reviews are there but along with the website, the photos, the phone call you had with the agent – none of it is real. AI is surfacing incredible opportunity, but we have a fake everything problem.”
For AI to provide consumers with customized, frictionless shopping and booking experiences, they will need to give it their personal preferences and data – and trust that it is secure. Conversely, brands will need to know the consumers they are interacting with in chat are “real” and recognize that verifiable credentials create an opportunity to finally build a fully-connected travel experience.
