When one’s private data is so frequently exposed and when the most respected institutions find themselves exposed by cyberattacks, it is no surprise that consumers are losing trust in the organisations they transact with digitally.
Across 13 different sectors globally, only insurance, banking and government saw their trust level remain unchanged or increase very slightly, according to a study released in March by French defence and technology group Thales.
In a study of digital trust with more than 14,000 consumers across 14 countries, it found some sobering truths. In Singapore, when people were asked whom they would trust their personal data with, only the government service sector reached above 50 per cent in approval (at 67 per cent).
Other regulated sectors followed, with banking at 49 per cent and healthcare at 41 per cent. Automotive polled the lowest, with only 2 per cent of Singapore consumers ranking them as a top trusted sector.
Organisations should note that 85 per cent of Singapore consumers have abandoned a brand in the past 12 months due to concerns about how their personal data was being used.
Jason Keenaghan, director of product management for identity and access management for Thales, tells Techgoondu that consumers are more aware of risks today and expect organisations to step up to protect their data.
“They are worried about data misuse and lack of transparency, where companies collect large amounts of user data but fail to explain how it is used, stored or shared, leading to fears of surveillance, data monetisation, and exploitation,” he says, in this month’s Q&A.
Q: What are the biggest reasons for people losing trust across the world and more specifically in Asia-Pacific?
Consumers’ trust in online transactions has been declining in some areas due to a combination of factors that raise concerns about privacy, security, and reliability. Consumers are more aware than ever of online threats, and the dire consequences of having their personal data fall into the wrong hands.
In Asia-Pacific, more than four in five (82 per cent) of consumers now expect some level of data privacy rights from the companies they interact with online.
Almost every week, there is news of another major data breach or cyberattack. Whether it’s stolen credit card information, leaked personal records, or widespread phishing attempts, these incidents are affecting real people in very real ways.
As these threats grow, many consumers are becoming increasingly cautious about sharing their personal and financial information online. It is no longer just about protecting data, it is about feeling safe when navigating digital spaces.
Reasons for the loss of trust include increased cybersecurity threats (rising incidents of data breaches, phishing attacks and others. These incidents make consumers wary of sharing personal and financial data online.
They are worried about data misuse and lack of transparency, where companies collect large amounts of user data but fail to explain how it is used, stored or shared, leading to fears of surveillance, data monetisation, and exploitation.
In recent times, sophisticated content manipulation involving AI has also raised doubts about the authenticity of what consumers see and hear online.
Q: Banking, insurance and government are trusted more. Is it because they are more regulated and thus deploy better defences against cyber threats?
A: The BFSI (banking, financial services and insurance) and government sectors are generally more trusted as they are heavily regulated and subject to stringent compliance standards. Organisations in these sectors are associated with more robust security measures, frequent audits, and stricter data protection policies that help minimise vulnerabilities.
Cybersecurity is critical in banking as the sector is a prime target for cybercriminals. In Singapore, there are frameworks such as the Cybersecurity Act 2018 and the Technology Risk Management Guidelines implemented by the Monetary Authority of Singapore in 2021 to mitigate technology-related risks. Key provisions include risk assessment, risk treatment and incident response.
Q: Given that data is easily stolen or inadvertently exposed, like in Singapore by a government agency, what would make people more trusting of the organisations they deal with? Can trust be won back?
Although the public sector has higher trust, this can be eroded if large or frequent data breaches occur. Organisations must not only comply with regulations, but take proactive security measures to build and maintain consumer confidence.
To rebuild and retain trust, organisations should prioritise three key technologies demonstrating to customers that their data protection is taken seriously.
A great starting point is adopting FIDO (Fast Identity Online) passkeys. These offer a strong and user-friendly alternative to traditional passwords, helping to prevent phishing and credential theft. For customers, this signals that the company is keeping up with the latest security advancements.
For businesses, it means aligning with industry trends and regulations, including mandates from authorities such as the Monetary Authority of Singapore, which is encouraging FIDO adoption. As more companies move toward password-less authentication, it also opens the door to growth in related areas like secure authentication tokens and management tools.
Another essential measure is the implementation of strong multi-factor authentication, or MFA. This is especially important in high-risk industries such as banking and healthcare, where the stakes are high and the data is sensitive.
MFA works by requiring more than one form of verification such as biometrics or device-based confirmation, making it much harder for attackers to gain access even if they have a user’s password. It is a clear sign to customers that their accounts are protected with multiple layers of defence.
Lastly, adopting a zero-trust approach to security can significantly boost an organisation’s resilience. Instead of assuming everything inside the network is safe, zero-trust works on the principle of always verifying identity, context, and device integrity before granting access.
This approach limits exposure, reduces the potential damage of any breach, and creates a more secure environment overall. It is a powerful way to show stakeholders that security is not just a one-time checkpoint but a continuous process.
By making these technologies a priority, organisations can not only boost security but also demonstrate to customers that their data protection is taken seriously. This helps rebuild digital trust at every touchpoint.
