0. RPA? Is it a buzzword??
Recently, I’ve seen more articles about RPA, however, most of them make me worried about possible misunderstandings.
In other words, some articles give an abstract introduction to the mechanism of Robots in the first line, such as the automation of daily work by robots. However, from the next line, they describe at length a dramatic future dominated by robots. Even in the articles regarding the application, they introduce improper usage.
To begin with, RPA is not omnipotent. Its weaknesses and risks should be explained in detail. I think it’s better to take the articles written by such social affairs reporters of general newspapers with a pinch of salt (my personal opinion, though).
1. What is RPA
It is a category name of software.
*First of all, if some people don’t define that, conflict can happen. (Definition is necessary.)
According to Wikipedia, it defines the efforts to improve the efficiency and automation of white-collar work. That’s almost right, however, what I’d like you to recognize more deeply is the definition of ”a software application that replicates the actions of a human being interacting with the user interface of a computer system”.
The core of RPA is the ability to remember your typing operation on your computer. To be clear, the basic function is to learn how to use the keyboard and mouse „operational macro“.
*If you’re interested, you can search for a video of ‚Blue Prism‘ (a long-established product) or ‚Selenium‘ (free software). Recently, they have released not only on-premises (desktop type) but also cloud-type products.
Incidentally, in the field of software, the word “robot” is often used with the nuance of “duplicate” or “replica”. That is, humans are the “original” upon which robots are based (a dualistic concept). On the other hand, AI does not have such an “original”, so AI and robots are defined separately.
*In other words, robots in the software industry don’t resemble Osamu Tezuka’s Astro Boy, but rather the “Copy Robot” in Perman by Fujiko F. Fujio. (Hope some of you can understand the point.)
2. Evolution of robots
Today, RPA can understand a variety of User Interfaces (UI).
This means you can continue to use a system built for human manipulation (The User interface is the Human interface). This means it is possible to promote the automation of business without modifying existing business systems.
Reducing IT capital expenditure is a great advantage.
Testing the operation of software is a classic application of RPA. Now, products that can switch between various screens and that are split according to the condition of an event have been realized. RPA these days has been applied to online banking operations, which can also automatically scrape (or extract) displayed data. In other words, RPA can handle tasks – like obtaining a history of cash flows and viewing balances – more accurately and much faster than humans.
However, I’m wondering if robots are able to handle everything.
If you think about it, mechanisms to eliminate robotic logins, such as two-factor authentication and a visual verification are also evolving. There are also many other systems that require human authentication by using security tokens, puzzles, and fingerprints.
In fact, the information provider (similar to a resource server operator) requires that the log in subject be human.
Why is that?
In the first place, from the point of view of the information provider robots are inconvenient in various ways.
For example, if there are announcements to users, they probably won’t be passed. On the other hand, if the User Interface is improved, the robots will give errors.
This is not very helpful, and if robots access the User Interface many times it can sometimes be defined as an attack. Furthermore, there’s a concern about overlooking malicious operations.
4.Suitable areas for RPA
You should determine areas in which to use RPA after a thorough risk analysis. (It really depends on the case, though.)
However, the question of whether or not to give a robot a password is hugely controversial.
In this case, if a password is leaked from the robot, that is the worst scenario. In many cases, that password gives access not only to the work you want the robot to do but also the authority to delete data and users. At least, I suggest you shouldn’t set a password on any robots for automation.
Incidentally, the biggest feature of RPA is that it is possible to control a User Interface (UI), but today’s business systems also have Application Programming Interface (API) as well.
And with the API mechanism, there is no need to tell the computer the password. The Japanese government has been promoting Bank API since 2017 in the Banking Act because they want to protect depositors through strict password management.
5. How BPMS makes external requests
Finally, I’d like to describe how Questetra, the BPMS (business process management system) requests data updates and data references from external systems.
At least for Questetra, we suggest that data communication via BPMS is not implemented with a communication function through a User Interface. In other words, requests should be made as an OAuth client for the data update Task and the data reference Task.
A system without API connections certainly makes automated tasks difficult, but API connections are necessary to reduce the security risk. (I.e. the age of API connections as a precondition seems to be coming to an end.)
PS. Some specific linkage images