Trust is essential for trade. We buy from businesses we trust in a split-second. No need to check the fine print – we trust the brand. 

Conversely, let’s be blunt: a lack of trust is corrosive. We will only deal with a low-trust brand under duress. And right now, there is a crisis of trust. Only 30% of customers say they trust the companies they repeatedly buy from. Their loyalty hangs by a thread. Half say they would cut ties completely following a data breach – rather troubling since data breaches tripled between 2013 and 2023.  

The message is clear: in 2025 you must rank trust as a priority. 

What action should you take? 

LexisNexis® Risk Solutions asked 30 senior UK industry leaders responsible for risk, technology, or the customer experience, for their insights. The result is a comprehensive report, The Future of Digital Trust. 

Here are five practical steps to take in 2025 to ensure you are a leader on trust, worthy of the continued support of even the most difficult customers. 

1. Upgrade your tech 

Security is an arms race. As the hackers develop new tools, so must you. There’s no standing still.  

Take something as common as an Application Programming Interface, or API. These connect systems, applications, and even parts of the same app to each other. Almost all tech companies will deploy an API somewhere. 

But API security is moving at pace. The modern gold standard is the Financial-Grade API or FAPI. In a study of insurance cybersecurity practitioners, one in five had experienced a security breach via an API. Upgrading is not a cost matter, but one of know-how. Fortunately, the OpenID foundation publishes open information on upgrading APIs. 

Just because something was secure two years ago does not mean it is fit for purpose now. Audit your tech, and schedule upgrades.  

2. Collaborate with the best 

High-trust organisations work with partners to deliver outstanding experiences. For example, Open Banking means fintech companies can see inside the bank accounts of consumers – with their permission – to offer bespoke financial services such as loans and insurance based on their true financial position. The collaboration benefits all parties. 

Data sharing is a great way to work together. Organisations need a rounded view of users. Third party sources can be introduced into the mix. LexisNexis® ThreatMetrix®, for example, offers data insights into the digital habits of consumers, drawn from across the internet. Last year ThreatMetrix®, powered by the global LexisNexis® Digital Identity Network®, logged 92 billion transactions for 4 billion email addresses. This means companies can generate a trust profile for a consumer even before they’ve placed an order. 

In 2025 there will be an upsurge in collaborations between organisations, sharing data to create holistic pictures of consumers, to ensure those worthy of trust are treated as they deserve, and malefactors are stopped at the earliest possible moment.  

3. Zero in on hidden vulnerabilities 

Hackers are ingenious. They’ll sniff out any weak points – even ones you barely knew existed. For example, banks may have rigorous customer log-in security, with 2 Factor Authentication. But outmoded back-end IT means documents may be held in unencrypted databases. Worse, the data may be passed to third-parties for processing, such as database reconciliation, where admin staff can be bribed to simply hand it over. 

So, it is mandatory to encrypt behind the encryption. Zero Trust security is a concept which includes micro-segmentation. Internal perimeters mean users and data are trapped in a secure zone and must authenticate again to move to another zone.  

The LexisNexis Risk Solutions Global State of Fraud and Identity report found ‘organisations that have built a more robust, multi-layered approach against fraud throughout the customer journey report 40% lower value fraud losses than organisations with more limited measures in place.’ 

4. Work with regulators 

The “slash red tape” ethos doesn’t work when there is a crisis of trust. Consumers want the reassurance that the businesses they deal with are inspected and up to scratch. So, work with regulators. Make stringent regulation a selling point.  

Official guides are a great source of information. The UK Economic Crime and Corporate Transparency Act 2023 includes provisions for data sharing between private sector entities. The Data (Use and Access) Bill will further improve data sharing practices.  

Quality marks offered by both government regulators and independent trade bodies tell customers you meet a high standard. ISO 27001 is an international standard to manage information security. It’s a basic minimum for any organisation wanting to be seen as secure.  

SOC 2 is a standard developed by the American Institute of Certified Public Accountants (AICPA). It evaluates an organisation’s controls over privacy, data integrity, and confidentiality. The German automotive industry has its own mark: Trusted Information Security Assessment Exchange or TISAX. It is a useful benchmark for other industries hoping to create a standard for high trust companies to refer to.  

The old view was regulation is a restriction on trade. In 2025 the trend will be to see it as a competitive advantage.  

5. Be inclusive 

The maximum grade of security may not be the optimum choice. Why? Because there is a trade-off between security and ease of use. Businesses in 2025 must balance their need to secure data, and the moral obligation to be inclusive of less tech-savvy consumers. 

Worse, poorly implemented security measures may exclude customers with particular needs.  

The collaborative industry body Women in Identity, led by Executive Lead Dr. Sarah Walton, is collaborating with the London School of Economics to examine the challenges of non-inclusivity in the tech world. The facts are startling: 22% of the UK population lack basic digital skills. Six million British adults cannot prove their ID as they lack documents (OIX report – Open Identity Exchange). The over 65s are ten times more likely to be digitally excluded. 

Companies must balance rival objectives. A user-experience which is too cumbersome, counter-intuitive and time consuming can erode trust. Something as simple as password practices can undermine security, as users find shortcuts for overbearing requirements – for example, asking users to change passwords every six months is now seen as an error, as less tech-savvy users will write down passwords in unsecure places or merely modify their original password by adding a digit each time. 

It is possible to be inclusive and secure. Brands which master both will have the gratitude and trust of their user base. 

Discover key insights on digital trust 

To learn more about the research conducted by LexisNexis® Risk Solutions on why digital trust is critical for 2025, download their report, The Future of Digital Trust: Establishing the Foundations for a Resilient, Efficient and Safer Online World. 

For deeper insights, watch the expert-led webinar hosted with Information Age. 

Download the report and watch the webinar today. 

Read more

3 cybersecurity compliance challenges and how to address them – Earning those trust seals can strengthen relationships with board members and prospective customers, but it sure isn’t easy