Rethinking Digital Trust in an AI-Driven, Connected World

As AI, 5G, and IoT systems scale, traditional models of digital trust are proving insufficient. A shift toward continuous, adaptive trust is emerging as a foundational requirement for securing modern infrastructure.

For years, trust in digital systems was treated as something that could be established once and maintained over time through periodic updates. That model is increasingly misaligned with how modern systems operate. As artificial intelligence, 5G connectivity, and billions of connected devices expand across industries, trust can no longer remain static.

Instead, trust is becoming something that must be continuously demonstrated—across identities, data, and transactions—at scale, and in environments that are constantly evolving. Systems are no longer fixed; they adapt, interact, and expand in real time, often across distributed and unpredictable networks.vThe shift toward what can be described as continuous trust is therefore not conceptual. It reflects the operational reality of modern digital infrastructure, where security must evolve alongside the systems it is designed to protect.

Nowhere is this shift more visible than in Asia. The region’s IoT ecosystem is expanding rapidly, with the market projected to reach nearly $393 billion by 2030, driven by large-scale deployments across manufacturing, infrastructure, and urban systems. This growth is not just about volume. It fundamentally changes the nature of how trust must operate.

Traditional models were designed for relatively stable environments—fixed endpoints, defined perimeters, and predictable update cycles. In contrast, today’s systems involve long-life IoT devices, distributed architectures, and AI-driven processes that continuously adapt based on new data.

In such an environment, trust cannot be established once and assumed to hold. It must be verified, updated, and reinforced continuously across devices, networks, and services.

Crypto Agility: Necessary, but Not Yet Operational

The industry has responded to this challenge with the concept of crypto agility—the ability to transition cryptographic standards without replacing entire systems. In theory, this provides a path to adapt to evolving threats, including quantum computing.

In practice, however, the transition is far from straightforward.

“Today, only a small minority of operators are genuinely prepared to transition cryptographic standards without major impact. Crypto agility is a real objective, but not yet an operational reality for most of the industry. The transition will be gradual and hybrid, happening asset by asset,” Rahul Tandon, VP of IDEMIA  told AsiaTechDaily in an exclusive interview.

The constraints are structural. Telecom and IoT ecosystems rely on large installed bases of SIMs, secure elements, and provisioning systems designed for long lifecycles. Many of these systems were not built with adaptability in mind, making large-scale cryptographic transitions inherently complex.

As a result, crypto agility is not a switch that can be turned on. It is an ongoing process of migration, coexistence, and gradual replacement.

Identity as the Core of Trust

As digital systems become more distributed and autonomous, the foundation of trust is shifting away from networks and toward identity. In earlier architectures, trust was largely enforced at the perimeter—through network controls, firewalls, and encryption protocols designed to secure data in transit. But in AI-driven and IoT-enabled environments, those boundaries are no longer clearly defined. Devices communicate directly with each other, systems operate across multiple layers, and decision-making is increasingly decentralized.

In this context, the question is no longer just whether data is encrypted or networks are secure. It is whether the entities participating in the system—devices, users, and services—can be reliably identified, authenticated, and managed over time.

This makes identity provisioning and lifecycle management central to trust. Credentials are no longer static artifacts issued once and left unchanged. They must be continuously updated, revoked, and revalidated across long-lived systems, many of which operate in environments where direct intervention is not possible.

As Rahul Tandon noted:

“The most structurally vulnerable layer is identity provisioning and credential lifecycle management, because that is where long-term trust is established. If that layer is compromised, the impact cascades across authentication and services.”

This reframes how digital trust is understood. Rather than focusing solely on network encryption or endpoint security, the emphasis moves toward how identities are created, managed, and sustained across complex systems.

In a world of distributed architectures and autonomous processes, identity becomes the anchor of trust. If it cannot be securely maintained, every other layer becomes increasingly fragile.

This is particularly relevant in the context of long-term threats such as “harvest now, decrypt later,” where encrypted data captured today may be exposed in the future. While encryption protocols can evolve, deeply embedded identity infrastructures are far more difficult to update, making them a critical point of focus in any long-term trust strategy.

Building Continuous Trust: The Infrastructure Layer

To address these challenges, trust is increasingly being built into infrastructure itself, rather than layered on top.

“At a practical level, digital trust will rely on a combination of crypto-agility, secure hardware foundations such as HSMs, and the ability to maintain devices remotely, for example through eSIM updates, without compromising security,” Tandon explained.

Hardware Security Modules provide a secure foundation for managing cryptographic keys and sensitive operations, reducing exposure to software-based vulnerabilities. Their role is evolving from static key storage toward enabling continuous verification and secure identity management.

At the same time, eSIM technology introduces a critical capability: the ability to update credentials and configurations remotely. This is particularly important for IoT devices with long lifecycles, where physical access is impractical. By enabling over-the-air updates, eSIMs support the adaptability required for crypto-agile systems.

Alongside these layers, the development of quantum-resistant cryptographic approaches is gaining momentum. While still evolving, these technologies aim to ensure that trust frameworks remain viable in the face of future computational advances.

Trust as an Ongoing Process

As trust becomes continuous, its role begins to shift. What was once primarily a security concern is increasingly becoming an operational capability. The ability to maintain secure, adaptable systems over time enables new forms of connectivity, supports large-scale IoT deployments, and underpins emerging digital services.

For organizations, this means that trust is no longer just about risk mitigation. It is about building systems that can evolve without compromising integrity. The transition from static security to continuous trust reflects a broader change in how digital systems are designed and maintained. In an environment defined by constant change—driven by AI, connectivity, and scale—trust can no longer be treated as a fixed state. It must be continuously established, validated, and adapted.

The technologies enabling this shift are already emerging. The challenge lies in integrating them into existing systems while managing complexity and long-term risk. In that sense, continuous trust is not a future concept. It is a present requirement—one that will increasingly define how resilient and scalable digital systems can be.

Quick Takeaways

• Digital trust is shifting from a static, one-time setup to a continuous, adaptive process
• The scale of AI, 5G, and IoT systems—especially in Asia—is breaking traditional security models
• Crypto agility is critical, but most telecom and IoT ecosystems are not yet operationally prepared
• Identity provisioning and lifecycle management are emerging as the most critical and vulnerable layers of trust
• Infrastructure components like HSMs and eSIMs are enabling trust to be maintained dynamically over time
• Quantum-era risks, including “harvest now, decrypt later,” are accelerating the need for long-term trust strategies
• Digital trust is evolving from a security function into an operational capability that underpins scalable systems