Back to articles

Stop adding blanket friction to your AI

Stop adding blanket friction to your AI product. Here is the selective-trust model that raises confidence without making every interaction feel sluggish.

Applied AI
Agents

Trustworthy AI is not slower AI. It is AI that knows which claims need proof and which actions need visibility.

You think trust is a tax. You believe that every confirmation step, every citation, every "are you sure?" is a tradeoff against speed, so you keep shipping the loose version and hope nothing breaks. In February 2024, Air Canada was held legally responsible after its chatbot gave a grieving passenger incorrect bereavement fare guidance — The Washington Post covered the ruling here. The cost of that one ungrounded sentence was not latency. It was the airline owning a refund and a court ruling. The fix is not to slow everything down. It is selective friction, applied at the four boundaries where trust actually breaks.

By the end of this post, you will know how to:

  • Tell which of your AI outputs need grounding and which can stay loose
  • Apply five trust rules that speed your product up over the next quarter, not slow it down
  • Spot trust theater in your own UI before users learn to ignore it
  • Predict the two trust patterns your users will start asking for once you ship the first one

Trust breaks in four specific ways, not vaguely

You do not lose user trust because an answer was clumsy. You lose it when the system does one of four things: states an unverified fact as if it were certain, claims it checked something it did not check, summarises confidently from stale or partial data, or makes a change and cannot explain what changed. Those are grounding failures, not style failures. Fix the grounding and trust rises fast, even while the assistant is still imperfect at everything else. The Air Canada case is the canonical version of failure one — a confident statement of policy that was never grounded in the actual policy document.

Not every output needs the same level of proof

Your first move is to stop treating all outputs the same. Brainstorming, drafting, rewriting, and categorising rough ideas are low-stakes — the user is reviewing every word before it leaves their hands. Live state summaries, operational recommendations, financial guidance, customer-facing guidance, and any mutation to a record or workflow are high-stakes — the user is acting on the output without re-reading it. Apply the same verification mechanism to both and one of two things happens: the product feels sluggish, or the product feels risky. Good systems differentiate.

The rest of this post is the five rules that separate them.

Rule 1: ground factual claims to a fresh read

If your assistant makes a claim about current state, that claim has to come from a current read of that state. "There are no new replies." "This customer has not responded." "The status is still pending." "The invoice is overdue." These statements look like reasoning but they are stateful assertions, and stateful assertions get grounded in live evidence or they get wrong.

The boundary is where the assistant crosses from general reasoning into stating a fact about your system. That boundary is where trust lives. It does not slow the product down to put a read there. It slows the product down to skip the read and then debug user complaints six weeks later.

Rule 2: structure tool results before the model sees them

Huge, inconsistent, unstructured tool outputs mixed with UI noise give the model room to misread, overstate, or quietly drop the most important parts. The cleaner the shape, the less the model guesses. The less it guesses, the more users trust it.

Normalise every tool result into five named fields the model can rely on:

  • What happened
  • What was found
  • Whether the operation succeeded
  • What to do next
  • What evidence supports the answer

This is the highest-leverage change you can make to an existing agent before touching the prompt. The model stops fabricating because the input no longer leaves room to fabricate.

Rule 3: confirm after the action, not just before

Most teams put verification in front of an action. Put it after one too. A trustworthy assistant does not stop at "Done." It says:

Updated the record.

  • Status changed from Draft to Active
  • Owner changed from Unassigned to Priya Mehta
  • Next review date set to March 29

That confirmation does two jobs. It reassures the user, and it surfaces mistakes inside the three-second window where the user still remembers what they asked for. After-action confirmation is the cheapest mistake-detection mechanism you will ever build. It costs one extra paragraph in the reply.

Rule 4: cite when the source is external

When an assistant pulls from the web, internal reports, or documents, citations are not decoration. They do three jobs: they show where the claim came from, they let the user validate it in one click, and they keep the model tethered to evidence rather than memory. You do not need academic references. You need a visible anchor on every key claim so the user can tell which sentences are sourced and which are inferred. An unsourced sentence next to a sourced one teaches the user to trust neither.

Rule 5: escalate when the target is ambiguous

The worst trust failure is a confident action on the wrong target. "Updated the contract" — which contract? "Sent the email" — to whom? When the assistant is one entity-resolution step away from acting on the wrong record, escalate instead of guessing. A one-question clarification beats a silent mutation on the wrong row every time.

Avoid trust theater

It is possible to overdo all of this. Asking for confirmation on trivial actions, showing a generic disclaimer instead of actual evidence, using vague language like "based on available information" without naming the information, claiming confidence scores that do not map to anything — that is trust theater. It creates friction without confidence and trains users to click through every safety surface you build. Real trust comes from useful transparency, not ceremony. If a friction step does not give the user information they would act on, delete it.

The trust model on one page

Apply these five rules by output type:

  • Low-risk outputs (drafts, brainstorms, rewrites): move fast, no extra friction.
  • Factual state claims: ground in a current read.
  • External research: attach sources.
  • Changes to live systems: preview before, confirm after with the field-level diff.
  • Ambiguous targets: escalate, do not guess.

That is enough to make the system feel meaningfully more trustworthy without slowing every interaction down.

What you will hit next

Three predictions for the team that ships this trust model.

  1. After-action confirmations will become your most-loved feature within two months, and users will start asking for them on actions you didn't plan to confirm. Once they see the field-level diff once, they want it everywhere a record changes. Build the confirmation generator as a primitive, not a per-action template, or you will be writing the same template forty times.
  2. Your structured tool-result schema will leak into your product analytics. The five fields — happened, found, succeeded, next, evidence — are the same fields your support team wants when a session goes wrong. Within a quarter, someone will ask you to log them. Ship the schema with logging in mind on day one.
  3. Citations will expose a content problem you did not know you had. The first week you turn on citations on external research, users will click through and find that half your internal documents are out of date. The grounding system is now also your stale-content alarm. Expect a content audit you did not budget for.

If you are already feeling the pull of any of these, it means the model is doing its job.

Trust compounds into speed

This is the part most teams miss. Trust is not a governance goal. It is a speed multiplier. When users trust the assistant, they review less defensively, they delegate more confidently, they adopt more workflows, and they recover from edge cases faster. The right question is not "how do we add trust checks without losing speed?" It is "which trust checks will let speed compound over the next two quarters?"

The real lesson

You do not build trustworthy AI by slowing everything down. You build it by being precise about where certainty comes from, where risk lives, and what the user needs to see before they act on the system. That kind of trust is not bureaucratic. It is faster, in the long run, than fixing the damage caused by ungrounded confidence.

The cheapest trust mechanism always beats the most expensive apology.

If you are about to ship an AI product and you are not sure which outputs need grounding, send me your top three AI outputs from last week and I will tell you which ones need grounding before users rely on them. [email protected].