The Rook

The Rook a safety bot that sits and watches your whatsapp customer chats. It ensures that all links and files coming into your support team are scanned and safe.

Comment

Inspiration

I work in the banking sector as a developer and I have noticed a lot of things happening around the cybersecurity space. One of the spaces is in customer service employee's who are great at their job but may not be too technically inclined, they are susceptible to phishing and other cyber attacks. In addition to that Whatsapp is massive here in Zambia and most other African countries, it's used for all sorts of things, including customer service. So I was inspired to build something that could watch the Whatsapp conversations warn customer service of phishing and malicious links and perhaps even educate customers on masking personal information.

What it does

The Rook is a safety bot that sits and watches your Whatsapp customer chats. It ensures that all links provided by customers are safe, it scans them and sends a warning if a malicious link is found. Secondly it checks for unmasked credit/debit card numbers. Customers are usually unaware that they should not share an a full card number, the Rook will try to educate customers by automatically sending a message showing the customer how to mask the number and asking them to delete their original message on whatsapp. Finally the Rook will also scan any files that the customer sends to the customer service staff, any malicious files will be flagged so that customer service staff will not download malicious files.

How we built it

This bot was built with python and Fast api, the Whatsapp cloud API and Pangea sdk. Fast API was used for the webhook api and hooking into the whatsapp cloud api. Pangea SDK was used for the URL scan, file scan and for the card masking.

Challenges we ran into

I had a pretty easy time integrating the Pangea sdk into the application but I did have quite a few issues getting the file scan to work. I do not quite understand how the polling works because it seems to call the endpoint even before the sleep function completes. It may have something to do with how the whatsapp api sends requests to the endpoint. This is something I hope to figure out before the hackathon ends.

Accomplishments that we're proud of

I am proud of the following accomplishments:

  • I built a working whatsapp bot
  • I built my first complete* Fastapi API
  • Integrated Pangea into my application and I have 2 services working well.

What we learned

I learned the following things:

  • I learned how to use the Whatsapp cloud API, set up a test number and was able to process received messages
  • I learned about Pangea services and how to integrate them into my python application
  • I relearned Fastapi and pydantic models

What's next for The Rook

I have a few things I would like to fix up for the rook first and foremost is the file scan which is partially working at the moment.

More things on the roadmap are:

  • [ ] A deployment guideline for how to set up the bot
  • [ ] Setting up a database in order to keep message sessions
  • [ ] Handle the whatsapp message statuses

Built With

  • fastapi
  • pangea
  • python
  • whatsappcloudapi
Share this project:

Updates