The Evolution of Digital Trust


If you look at the internet just 15 years ago, the concept of trust only went one way. It was all about organizations on the internet needing to trust the end user. They needed to make sure the end user was who they were claiming to be; after all there was the famous New Yorker cartoon that stated, "On the internet, nobody knows you are a dog." This spoke to the anonymity that the internet provided in those days. That led to the mentality that strong security was of the utmost importance — to mitigate risks and assure data integrity to protect themselves from bad actors — with little concern for the customer's experience or data.

In an effort to be sure of whom companies were doing business with, they could put in a lot of steps and collect a lot of data from end users to assure they had the right person. And it didn't really matter. It didn't matter because the use of the internet wasn't as pervasive as it is today — it was almost more of a privilege for the tech savvy. Customers didn't have choices, there weren't a lot of businesses on the internet, and people had no idea just how valuable their data was.

Everything has changed. The rise of Google and Facebook showed people just how valuable their data was, while exposing the common practice of many companies to share or sell data to other organizations. With this information out in the news, coupled with regulations like GDPR to protect PII, people have become much more protective of their data. Now, the pendulum has swung and the internet trust model has become much more circular, with customers very concerned about privacy and about ensuring that their data is only used for the actions they consent to. In today's internet, if organizations want to collect data from their end users, they have to make their customers feel that they can be trusted with the data, showing themselves to be good stewards of their customers' data.

To build that trust with end users, organizations need to give them the tools and the proper choices to feel that the organization can be trusted. Tools that allow users to give consent for their data to be collected and used appropriately, for example, or to opt into a marketing campaign. Most importantly, users must have the ability to easily review and change those settings. Furthermore, as organizations leverage social media for user registration, it is important to give users choices. Some might feel more comfortable using one form of social media vs. another. Some companies are even exploring what social media providers actually reduce the initial perception of trust simply by offering them as a choice.

At ForgeRock, we help our customers grow and retain their user base by providing the tools that allow their users to easily manage their data. Through the use of our Intelligent Access Orchestration engine, users can easily opt in and out of marketing choices and give consent during the initial registration. Once an account has been created, we offer a dashboard where users can go and see how their data is being used and easily make changes to their settings. These changes are immediately acted on by setting off events to remove a user's data from platforms they no longer wish to be a part of. Lastly, we provide choices on what social media providers can be utilized for initial registration. All of these capabilities make ForgeRock the Identity provider that companies can rely on to build the trust in their digital identity brand.

Learn more about ForgeRock Identity Orchestration.