Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
mirksen
Employee
Employee

Problem: Generative AI will exponentially raise the amount of digital business assets a company will have to handle through automation


Solution: To find the signal in the noise, on which digital assets really matter, Blockchain Technology can bring weight on what is important information and what is not by physical backed real world scarcity.


In the emerging digital age, technologies like Generative AI are unlocking unprecedented possibilities. But while this power can also amplify challenges such as misinformation, fraud, and counterfeiting for businesses, blockchain technology can already provide the critical countermeasure against abuse when used together with Generative AI.
This promising counterbalance ensures authenticity, protects against digital misconduct, and solidifies the future of a transparent and trustworthy online ecosystem. So, while harnessing the transformative potential of generative AI, we can be sure that the advancements of AI along with Blockchain technology will ensure us a productive return from the enterprise perspective. The key is efficient spam handling with “Blockchain Weighting” of digital assets.


Let’s go through the current Generative AI (GenAI) hype and try to understand what impact a mainstream use of AI Large Language Models (LLM) has on enterprises when it comes to the question “What if GenAI is used AGAINST enterprises?”.
What harm can GenAI content do to enterprises?
And how can enterprises be protected from a flood of generated potentially harmful content?
Being confronted with an increasing amount of AI-generated material, from deepfakes and phishy communication to mass-produced fake invoices, individual “Fraud Crafting” is now an automated task from an attacker’s perspective.


First, we’ll look at what’s currently happening in the tech industry, and then we’ll look at how blockchain technology can come to the rescue when AI is used as a weapon against businesses in the wrong hands.


 


The AI Hype


“AI” and in particular “GenAI” are certainly the buzzwords in the business world in 2023. There is no tech conference, business strategy or solution that does not consider GenAI today. There are ChatGPT, Bard, Midjourney, Copilot and many more.



All companies, clearly including SAP, are putting considerable resources into establishing this new technology in their companies and accelerating growth. The momentum is enormous right now. Everywhere, experiments are beginning about where GenAI will help and where it wontBesides, generative AI images have already secretly won major photography and art competitions. ChatGPT, for example, brought a new dimension to texting.
Inspired by all these impressive generative advances, companies are looking for the best ways to transform business models through generative AI.


GenAI Digital Asset Generation


GenAI has changed the way and speed at which digital assets can be produced – a paradigm shift.



GenAI digital asset generation


From a corporate perspective, the digital assets produced by AI must be filtered by those digital assets effectively affecting how businesses are being built and deployed. Concretely, that means that art-related assets for example are not of direct interest when putting the businesses glasses on.
But what are of direct interest, are workflows, invoices, contracts, code, or business communication of every possible way.


An AI Digital Asset Anarchy


Since GenAI Large Language Models (LLM) are a tool to achieve goals, it is only a matter of time before criminal energies will use LLMs for their own purposes.  And these are certainly against the natural interests of companies. Specifically, for their own enrichment.


Illustratively, for example, fake invoices can cause millions of dollars in damage. This is not an “IF” but a common criminal practice. One criminal stole over $122 million from Facebook and Google by sending fake invoices. But this was manual work for the counterfeiter. Imagine an AI assistant is given a personal record of invoices from a company and is tasked with creating fake invoices that are supposed to be real vendor invoices for that company. While in the past it was easy to filter such generated approaches based on their poor quality, that’s exactly what will change with GenAI.



Consequently, in the near future, organizations will be confronted as well as mass bombarded with targeted and individualized fraud such as phishing, forgery, and social engineering over personal data sets. The quality and scale of these attacks will reach unimagined proportions due to generative AI automation.
A thousand perfectly LLM-customized fake invoices built on an existing leaked company data set a day? What sounds like a nightmare for any accountant will soon become  reality.
A filtering problem will arise –  how can companies distinguish between real digital assets such as legitimate invoices and perfectly crafted invoices with information about your habits, customers and suppliers embedded in the attacker’s LLM database?
How can employees watch for suspicious signs of communication when the quality of fraud attempts is increasing every day, while at the same time being fully automated and thus no longer limited by human input?


Social engineering attacks will be automated in chats and email conversations, and their quality will be so high that debunking them will be very time-consuming for enterprise-side recipients. A battle against windmills. Even with AI support to defend against these attacks, a high level of manual detection and verification will always be required. This is because artificial manipulations become more and more sophisticated, a constant race for concealing and detection.


Once the targeted company’s business data and communication channels are accessible to an attacker, the manual work restriction is removed from the attacker’s perspective.
Therefore, the number of attacks will multiply soon as criminals deploy GenAI technologies, and this technology evolves as well.


This AI evolution has just begun.
Businesses will face an inflationary volume problem of digital assets –  what is real and in need of our attention, what is just robbing us of resources in terms of time and review?
Without an answer to these questions, even a temporary return to traditional mail is one of the few currently available ways out.


The Blockchain Concept


“Blockchain” is for sure the most prominent buzzword when talking Bitcoin. The blockchain data structure is important but remains just a single puzzle piece. Ironically, blockchain alone, which is a simple hashed linked list data structure, is not enough to reach effects like the often-quoted immutability.


At the core of Bitcoin’s resilience are four key pillars: decentralization, blockchain, cryptography, and proof-of-work. Together they construct the emergent property of “data immutability”.
Decentralization removes one vulnerable single point of failure from a technical architectural perspective by spreading duplicated components around the world.
Blockchain chains data together and establishes a data relationship over time.
Cryptography entangles secret and public information to provide a form of “possession” in cyberspace.
Proof of work binds information to physical effort and thereby to the physical world, forging a past with unfalsifiable costliness.
As a result, this scarce information acquires several desirable physical properties without inheriting their drawbacks. Be aware that the Bitcoin blockchain can only enforce what’s inside its own network and therefore is powerless on what is happening outside the network.


Bringing order back into the generative AI fake chaos by Blockchain



To restore a positive signal-to-noise ratio in cyberspace awash with digital assets, blockchain technology is coming into play to clear the field of vision for businesses. A strong blockchain, with its non-monetary use cases, can help combat the masses of inflationary, harmful, AI-generated digital assets. Time. Facts. Energy.


Let’s get through each of them:


The three non-monetary use-cases of a strong blockchain


There is time against generative AI flood



Anchoring digital assets in a “timechain” solves the problem of “WHEN”. The result is a “minimum time stamp” with legal provability.
When did something happen? There is a mathematical way to prove that, for example, this fake invoice is not from January last year as stated but is fake and from yesterday.


A kidnapper shows an actual newspaper with its hostage to proof that a hostage is still alive


We’ll use a simple analogy to illustrate: imagine a hostage situation and the task of the blackmailer is to prove that the scourge is still alive today. Showing a calendar with the scourge or a digital timestamp on a smartphone would not be credible and would not convince anyone that the evidence is from today, since these stamps can be created at will. In contrast, the front page of a newspaper is unpredictable and therefore must be current. Such evidence is credible. Everyone knows this intuitively.


The same concept applies to a blockchain block. It is not possible to predict the upcoming blocks and their content. A hijacker could also show a picture of the hostage holding a Bitcoin block picture to prove a minimum date, since it was impossible to predict just like the front page of today’s newspaper last week.


For data integrity, the question is WHEN was the digital asset issued?
WHEN has the digital asset been revoked?
Anchoring a data fingerprint, also called a hash value, in a blockchain provides a “minimum timestamp” for a digital asset and thus increases data integrity. Similar to the front page of a newspaper.


A perfectly AI-generated video message from a CEO to his investors that is presented as leaked footage from last year, but is in fact fake and doctored, can do great damage to a company’s reputation and integrity, depending on what messages are conveyed there.
For AI-generated assets such as a video statement from a CEO or even a simple invoice, blockchain technology provides a way to distinguish between new digital assets from last week and an asset that definitely existed two years ago. This could be an important contract or even a simple document scan.
A digital asset can be mathematically proven to be "at least" as old as a block.
Legal disputes can be settled with court-proof evidence of AI-generated digital assets claiming to be older than they are. Fake video messages from key corporate stakeholders can be debunked easily with the help of a strong blockchain.


There are facts against generative AI flood



There is immutable neutral data, thanks to blockchain technology. The “what” anchored on a strong blockchain with hash trees helps companies maintain control over their cross-enterprise data when other players besides themselves are involved. The data itself must be stored on a strong blockchain. AI generated data which pretends to be genuine can be filtered. The “fingerprint” in the form of a hash is already quite sufficient; the file itself does not need to be disclosed.



When companies use a “neutral database” provided by a strong blockchain, they gain non-repudiation of their digital assets and the assets of their participating business partners. Original digital assets cannot be subsequently declared to be counterfeit AI-generated content.
Version conflicts or revocation states are clear and no longer a subject of debate and dispute;especially from a legal point of view.
Maliciously generated AI assets that target cross-company shared digital assets no longer have a chance of being manipulated. The document, contract, or video message can be unambiguously verified to be in its original state with the swipe of a finger.


Even if the private keys corresponding to the identity in cyberspace are compromised, misuse would be quickly detected because all transactions involve a minimum level of visibility to the owners of the organization’s cryptographic keys. Hidden offline signatures are not possible when built on a strong public blockchain.
Third-party proofs as governments for sustainability taxonomies are implanted in a strong form with minimal effort.


There is energy against generative AI flood


In cyberspace, one law seems to have been suspended: the law of physical costs. Emails and PDF certificates can seemingly be created at will and at almost zero cost. While there are indeed hardware and electricity costs associated with the creation and distribution of digital data, when we look at our email inbox, we intuitively know that the physical overhead in the real world is enormous when we operate in cyberspace. Any owner of a simple Internet device can send thousands of e-mails a day, disguising them as important corporate messages.



13 minutes after the start of the Pentagon’s Whitehat hacking event in the form of the Bug Bounty program, the first report of a security breach arrived.
If the test had required physically penetrating the Pentagon’s sensitive areas, these tests would undoubtedly have gone off without a hitch.
In cyberspace, physical blockchains can revive real-world efforts to penetrate sensitive areas such as corporate networks.
The internet error code ERROR 402 - PAYMENT REQUIRED is all but forgotten and no longer used –  until now. The coming flood of AI-generated content will change that.


In the physical world, we can be sure that we will not receive 1,000 perfectly faked letters per day. The reason is the implied physical cost, so the attacker will run out of money very soon.
So, if our physical mailbox gets spammed less than our email inbox, and the reason is simply that the actual cost of printing documents, buying a stamp, and mailing them deters the attackers, then we can copy those principles in cyberspace to meet the digital needs of our customers in an AI-saturated environment. This is already possible because we have energy-related assets that we can connect to enterprise digital assets. And malicious AI-generated content would have to do the same.



If we assume that the noise of AI-generated malicious content, like thousands of real responsive invoices per day, is disrupting and massively damaging the business operations of enterprises and causing them enormous potential harm, there is a reason to bring back the signal in the noise with a strong blockchain.


An interesting new concept in this area is the “Proof of Energy”. The basic idea is to give digital assets, such as sending an email or creating a contract, a certain “weight” in the form of energy.
Bitcoin provides exactly that through Proof-of-Work:
Attaching something of value to digital assets for inter-company communication, such as a few satoshis, which are the smallest unit of bitcoin (1 bitcoin = 100,000,000 sats), would signal, like a timestamp, that inter-company communication has actual costs and is worth listening to. These satoshis themselves represent a certain amount of energy as they are obtained through Proof-of-Work. But in Cyberspace.


“I have something to say to you, and here’s my proof of why this is worth doing for me.” As simple as a physical letter. To me, it’s worth X amount of effort to talk to you. But it gets even better than in the physical counterpart, because the enclosed satoshis, which by their nature are created with real physical activities like a proof of work, can be used as a deposit or pledge. So, companies can also return the attached currency when they confirm value-based communication. Harmful communications are denied this.
In this way, companies can recover signal in a generative, AI-infested business environment where it is nearly impossible to distinguish between real and fake.




  1. Reduction of spam: It would become more expensive for spammers to send bulk emails which are weighted as important, as they would have to pay for each energized email. This could help to reduce the amount of spam noise.

  2. Prioritizing digital assets: Emails with a higher amount of satoshis attached could be considered more important and would be more likely to be read. Comparable to a rea-world letter.

  3. Appreciation of the recipient's time: A small amount of satoshis could serve as a thank you for the recipient's time & attention.


The same concept could be applied to every other type of corporate cross-company communications, such as contracts, invoices or documents. Attaching energy could help ensure the authenticity of these digital assets and protect them from tampering by AI LLMs.


Of course, there are also challenges and potential drawbacks with this energy approach. For one, it would require some technical complexity, both on the part of the sender and the recipient. Not all companies or employees are familiar with these concepts like energy on digital assets.


Conclusion


SAP Business Technology Platform (BTP) is the best foundation to offer a standardized service as a solution for customers to “energize” their digital assets to be shared with other stakeholders, companies or third parties.


Proof-of-Energy offers an interesting approach to address the challenges posed by AI-generated material and the general inundation of digital information.


So, giving digital assets a physical weighting to stand out against AI-generated noise. A digital asset sharing service could automatically attach cryptocurrencies like Bitcoin to the company’s digital assets to be shared with the weight it deserves – “it’s worth listening to what I have to say. And I prove it with the use of real-world resources”.
There is a huge cost to an attacker required from using generative AI and LLMs in a harmful way against businesses if those are protected with real-world resources.
As we’ll see, it is possible to protect corporate communications, even if the misuse of generative AI is used by criminals to harm company businesses. A dystopian prospect for sure, but one to think about and have solutions for.


ICN Blockchain Walldorf


Contact at blockchain@sap.com


Learn more:


SAP Blockchain Business Connector: Innovation in Business Models and Cross-Company Collaborations
NFT – Digital Asset Representation on a blockchain
NFTs: Join SAP in Reinventing Business Models and Deepening Customer Relationships
Demystifying NFTs – a technical view
NFT Smart Contract Development – Road to OpenSea (Part 1)


Blockchain: The New Technology for Trust | SAP


NFT (Non-Fungible-Tokens) | Digital Technology and Innovation Management | SAP Community

1 Comment
AndySilvey
Explorer
0 Kudos

great Blog,

I totally agree that Enterprise Blockchain is _the_ Cyber Security for Artificial Intelligence

https://community.sap.com/t5/technology-blogs-by-members/trustable-ai-thanks-to-sap-ai-core-amp-sap-...

Andy.