Skip to main content
Published 9 December 2020
We are hearing a lot about the concept of digital trust. Oliver, what does this mean to you and why has it become so important?
Figure 1. Components of digital trust
Digital trust is the confidence that enables digital market participants to collaborate knowing that accepted rules and standards relating to safety, security, privacy and ethicality will be mutually, collectively and transparently respected. It enables market participants to generate new value through data by collaborating and trading in a trusted environment. Digital trust also helps teams within an organisation work together confidently. Many organisations have adopted a definition of digital trust that is too narrow. If you only focus on ensuring trust through cybersecurity or certifications, you are missing the full picture.
I agree. Any business looking to move forward in the digital realm needs to be on top of issues such as identity, protecting the privacy of client data, and maintaining standards. On almost a weekly basis, there is news about hacks or incidents where customer privacy is breached. Digital trust helps organisations identify customers and make sure that rules are being observed, and it builds customer trust.
Trust is the glue that holds relationships together. In business relationships, we need confidence in processes, technology and data for a secure digital world.
Oliver, you said that many organisations have too narrow a definition of digital trust. What do you consider to be the most important components of digital trust?
From our perspective, digital trust consists of the following six components: cybersecurity and information security; secure identification and authentication; governance, risk management and compliance, including data privacy and protection; provenance and traceability for sustainability, carbon footprint, ethical trading, quality and reliability; secure data sharing, and smart contract execution, typically based on blockchain.
These components work together. Cybersecurity, secure identification and information security are foundations that enable the other components. And you need to ensure data compliance before you can think about sharing or monetising data. A digital trust strategy that orchestrates these building blocks should be the first step for every organisation.
Firstly, Alan. Biometrics are playing an increasingly important role in identification and authentication. What is driving this?
Progress in biometrics has been driven by the need to be more efficient and to generate less friction for both business users & consumers. The ultimate aim is to make the user experience better. We've all wrestled with the multiple-password issue and not having a seamless single sign-on to all our applications. There is a real opportunity to leverage biometric authentication as part of the validation and verification of an activity.
We can link this back to digital trust, which promotes safe and secure interactions between people and machines with varied technologies, including biometrics. Many of us now have biometrics on our phones with fingerprint identification and even facial recognition. From the customer perspective, using this technology is easier than entering 15-character passwords. The realities of COVID-19 transmission risks have favored a move to hand and vein ID over facial recognition, given the widespread wearing of masks. Similarly, iris scanning technology has lost favor because of health concerns around multiple people having their eyes scanned on the same reader.
It is interesting how events, like the current pandemic, change our perspective on biometric identification. There is also a cultural aspect; in the Middle East, faces are often covered, so facial recognition may not be an option.
Next, the second area. Alan, is digital trust changing how organisations look at cybersecurity and information security?
When business runs smoothly, security stays in the background. But when things break, security quickly becomes a boardroom issue. Digital trust plays a key role in digital transformation, and cybersecurity teams are likely to play a key role in designing, building and running digital trust platforms. When a business has digital trust, it has the confidence and freedom to innovate new solutions, services new business models, and security is one element of that.
Businesses now recognise that security is an enabling function. What's changed over recent years is how digital transformation has accelerated. One U.K. government department recently had to switch 6,000 workers from being office- to home-based, and they were able to do it almost at the flip of a switch because they were early adopters of an Edge network with digital trust as a business enabler.
Sascha, governance, risk management and compliance, including the protection of personal data, are such important elements of digital trust and we've seen a significant block of European Union regulation on this.
Yes. At Akarion, we believe that digital trust is not possible without effective governance, risk management, compliance and data protection. There are many new regulations, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and others. Organisations need to handle regulations efficiently, and that's why we combine blockchain technology with our tool set to enable companies to fulfill regulations and meet cybersecurity standards.
Personally, identifiable data is the nucleus of all data-driven business models. Although privacy regulations are a big challenge, putting privacy first should be a boardroom priority. Smart tools support companies in an efficient way so that they can implement data governance programs to determine not only where sensitive data lives, but also the business value of that data. What’s needed is an integrated, holistic approach to compliance, instead of isolated solutions. Intelligent software can help.
Sean, if a customer seeks software to manage governance, risk management and compliance requirements including data privacy and protection, what should they look for?
The multi-jurisdictional aspect is one key factor. As Sascha mentioned, GDPR is an obvious issue in Europe, but the U.S. and other countries also have regulations. Your software should know which regulations apply. It should also help you understand what data you have and who's accessing it, and it should handle data mapping, discovery and subject access requests. Good reporting and dashboards can provide value and help get senior management on board.
Sean, can you talk a bit about the fourth component, secure data sharing?
Secure data sharing is being able to share data with the knowledge that it has not been tampered with and that the data’s lineage can be verified. Having an easy way to verify this in a non-technical fashion will be a key success factor. In the old days, we had WORM (Write Once Read Many) storage, but that just doesn't cut it in the new privacy world. WORM provides assurance to financial regulators that data cannot be tampered with. Today, the balance needs to be met to update or remove data ensuring compliance with privacy regulations.
In essence, this comes back to what I outlined during the initial definition of digital trust. Companies need to find a way to exchange data based on a set of trusted rules - both within organisations and across company boundaries. For data buyers, you need a solution that delivers valuable data, efficient search-to-purchase, and secure collaboration and analysis with partners. For data sellers, you need a solution that enables compliant data monetisation opportunities through the automation of data ingestion, discovery, anonymisation, encryption, pricing, transacting and invoicing.
Some of the components of digital trust are well established, such as cybersecurity, identification and authentication. However, new issues such as traceability and provenance are becoming hot topics. Oliver, what is driving the need for traceability across extended business models and supply chains?
While COVID-19 has caused much grief and economic damage - and continues to do so - it also caused organisations to identify what they do well and where they have challenges. Enabling provenance regarding assets, components or raw materials had been a challenge for European manufacturing companies for decades, but the pandemic highlighted the need to significantly improve these capabilities.
With track and trace, accelerated by COVID-19, new dimensions emerged including sustainability, ethicality and resilience. Using blockchain technology, we create a tamperproof digital record of each component or item of raw material. In pharmaceuticals, we track what went into a pill. In the food industry, we know where the milk came from.
We are working with a large German automotive original equipment manufacturer (OEM). They are building a trust chain to track every part in their cars to increase supply chain transparency. The OEM can drastically reduce warranty costs and know exactly where a part failed, and in which car.
Oliver made a good point about the blockchain-enabled supply chain where you're able to easily identify component parts. The startup market has seen a number of collaborations that use blockchain to provide notarized provenance and traceability across value chains. For example, the diamond industry is now able to identify and eliminate unethically sourced diamonds by using blockchain-enabled apps developed by these startups.
The final component, smart contract execution, brings up a subject we’ve touched on throughout this discussion. Sascha, what is the role of blockchain in assuring trust, especially for the execution of smart contracts?
Blockchain technology is key to the trusted execution of smart contracts as it provides an immutable record of trading activity that can later be called on to resolve disputes. Blockchain’s features of immutability, decentralisation and transparency form the base layer of trust. With blockchains, you can put data fingerprints on whatever business data you want to verify, without exposing the data. There are private blockchains, but we prefer public, transparent blockchains to trace and track data and build trust.
We spoke about the six components of digital trust, but should ethical and explainable AI be the seventh?
Yes. From my perspective, ethical and explainable AI go hand in hand. If you cannot explain why an algorithm yields a specific result, the question about ethicality comes up. Given recent advancements, this will be one of the top concerns because new opportunities will also allow for new unethical activities. In contrast to many solutions, we advocate a social right for explanation. The more companies use AI, the more their shareholders and stakeholders will demand transparency on why specific decisions were made and whether environmental and social objectives were included.
Digital trust is becoming a core requirement for conventional business models in industries such as financial services. But I think there's also potentially a massive opportunity for digital trust to catalyze the emergence of new business models and use cases, such as the circular economy. Oliver, what are some of the new use cases for digital trust?
Use cases extend across all sectors. For example, in the food industry, consumers are concerned about where their food comes from, how it was processed, how it was traded. To track that entire value chain from the farmer all the way to your refrigerator is a huge business case. In the industrial sector, you can verify that parts came from their original supplier. Companies should select processes to monitor with digital trust technologies, then choose partners to provide the platform and applications that deliver value.
Toby, what is the role of digital trust in the circular economy?
There's a mandate for businesses to move to a circular economy to make their supply chains efficient and to ethically source raw materials. Best-in-class organisations will implement digital trust and will demonstrate leadership in both the circular economy and, environmental and social governance (ESG) compliance. Organisations want to avoid having the wrong information. Digital trust plays a major part because we can say, "Look, this is what we know about our organisation, and we have established procedures."
Is digital trust something that corporations can tackle on their own, or do they need to take an ecosystem approach?
The goal should be to make data objectively trustworthy. Provenance and traceability are possible for data and business processes within one organisation but are difficult to achieve in multi-enterprise environments without blockchain standards. The scenario can be compared to the early internet where we eventually developed the common internet protocol, which hasn't changed in decades. Eventually we will see a similar multilayer architecture in digital trust, and one layer will cover multi-enterprise trust.
It's a complex area that no one solution or organisation can, or should, try to control. The whole essence of trust and transparency cannot realistically be achieved alone - it needs many parts with openness and transparency between each. We should consider clearer accountability, too.
The top-down, closed corporate approach has gradually eroded over the past 30 or 40 years. Open innovation, including corporate venturing, is now widely accepted as being necessary to innovate at speed.
How do we pull this digital trust ecosystem together?
Any company planning to do this on their own will fail - period. There is no chance to become a digital trust champion on your own. You have to play the entire ecosystem, be smart, and be open. And we are seeing movement in that direction. We are seeing “co-opetition,” or collaboration between competitors seeking mutually beneficial results.
That's good to hear. Thank you all for your input and your insights. I see the potential for many more fascinating conversations.
(As at the time of publication)
CTO & Co-Founder, Akarion
After studying computer science, Sascha has been working as a software engineer in several companies and industries since 2005. In 2012 he got in touch with blockchain technology for the first time and was instantly hooked. In 2017 he founded Akarion together with three colleagues with the goal of innovating digital trust through their own blockchain-based platform.
COO & Co-Founder, Akarion
With his 12 years of IT experience, he is responsible for the daily operations at Akarion, HR and strategic business development. In the past years, he has been a key contributor to the growth of numerous IT companies – from start-ups to hidden champions in the international software business. His range of experience includes large scale web projects, the development of sustainable B2B marketing channels, CRM projects or the development and implementation of international go-to-market strategies.
Since 2017 Viljem and his three co-founders are combining their experience to successfully bring their unique and revolutionary blockchain technology to the market. Their goal: Innovating trust within the digital world. Follow Viljem on LinkedIn: linkedin.com/in/pitako"
Partner, Strategy & Operations,
Monitor DeloitteGermany, Munich
Oliver has 20+ years experience in successful delivery of results in large scale after sales engagements, including the development and implementation of after sales strategies, service excellence programs and digital transformations.
Oliver’s main focus is in the machinery and industrial goods area – he has advised leading global industrial conglomerates, but also serves as trusted advisor for multiple "Mittelstand" companies. He and his team have been continuously awarded as the leading consultants for After Sales and Service Excellence.
Oliver is an advisory board member of ISLA e.V. – International Service & Logistics Association. As author of several industrial services studies he is a leading expert in service strategy topics.
CEO and Founder,
Toby Lewis has 12 years of analyst experience from the worlds of institutional finance, venture capital, blockchain and crypto. Lewis began his career at Dow Jones and the Wall Street Journal, before co-founding a well-known analyst firm of corporate venture capital Global Corporate Venturing. He went on to set up Union partner Novum Insights, an analyst firm of blockchain, crypto and other frontier technologies in 2016.
Senior Cyber Security Project Manager, Security Business Group – EMEA,
Hitachi Europe Ltd.
Alan Jenkins is a seasoned security practitioner with some 30 years of experience in all facets of security from physical to information, cyber & enterprise risk management. After a 1st career as an officer in the RAF Police, he has spent the past 14 years in a variety of management consulting and end user positions, including time as the Group CISO at a FTSE100 multinational and as an Associate Partner at IBM Security in the UK & Ireland. He is currently on contract to Hitachi Europe’s Security Business Group leading the expansion of their cyber security services portfolio. linkedin.com/in/alanjenkins @TheCybrSecNav
Pre-sales Solution Manager, Security Business Group – EMEA,
Hitachi Europe Ltd.
Sean's role in Hitachi's Security Business Group involves bringing to market Hitachi-owned solutions and from corporate ventures. He delivers industry-focused strategic guidance on all aspects of the solution from technical evaluation and market research/positioning to go-to-market plans and sales support.
Sean has over 15 years’ experience as a technical sales and services professional with a demonstrated history of helping customers protect their information via data-centric security and data discovery solutions. From large enterprise to small organisations, across multiple industry sectors, Sean provides expertise in data protection, governance, eDiscovery, compliance and risk management.
Chief Innovation Strategist and Head of European Big Data Labs
European R&D Centre,
Hitachi Europe Ltd.
Nick is responsible for driving sustainable and scalable innovation in IoT, Artificial Intelligence and Automation through collaboration with customers, corporate ventures and academic institutions working across a range of sectors including Transport, Automotive, Manufacturing, Healthcare, Energy and Public Safety. His current work covers autonomous driving, advanced video intelligence, smart spaces and data protection.
Previously, Nick built a market-leading big data and analytics business at Capgemini, focusing on delivering advanced analytics across the areas of consumer, asset, assurance and fraud.
His experience covers strategy and transformation across a wide range of sectors including central government, travel and transport, automotive and consumer goods.