Your AI Is About to Start Buying Things. Nobody Knows How to Prove You Said Yes.

Imagine you set up an AI assistant to handle your grocery orders. Simple enough. But then it books a flight. Renews a subscription you forgot about. Upgrades your phone plan. At what point did you actually say yes to any of that — and how would the airline, the streaming service, or the phone company even know?

That's not a hypothetical anymore. That's the identity problem the tech world is quietly scrambling to solve right now.

The Checkout Button Nobody Clicked

For the last decade, online identity checks have been about one thing: proving you're a real human and not a bot. Show your face. Snap your ID. Type the code from your phone. The whole system was built around a human sitting at a screen, making a decision.

That assumption is quietly crumbling.

"Agentic commerce" — which just means AI systems that act on your behalf in the real world, buying things, booking things, signing things — is moving from Silicon Valley demo to actual product. Google, Mastercard, and a global standards body called the FIDO Alliance are already building the plumbing for it. The idea is that your AI assistant won't just suggest a hotel. It'll book the room, charge your card, and confirm the reservation while you're asleep.

Convenient? Yes. Slightly terrifying? Also yes. This article is part of a series — start with Your Bank Texted You Dont Click Even If Its Real.

Here's the problem they haven't solved yet: when an AI agent shows up at a digital checkout, how does the merchant know it's actually yours? And — this is the part that keeps security people up at night — how does anyone know the AI is only doing what you actually told it to do, and not something extra?

Three Questions, Zero Good Answers (Yet)

When a human buys something online, identity verification is basically one question: are you who you say you are? When an AI agent does the buying, there are suddenly three questions — and every single one has to check out.

First: is this AI agent actually what it claims to be? (Not a fake, not a hijacked system, not something a scammer set loose.) Second: is it genuinely authorized to act for you, specifically? Third — and this is the sneaky one — is this particular transaction something you actually approved, or has the AI gone slightly off-script?

According to analysis from Dock, all three layers have to work together. Get one wrong, and you've got either a fraud problem or a customer service nightmare. Probably both.

The industry term for what they're building is "delegated authority" — meaning a formal, verifiable record that says "yes, this AI is allowed to act for this specific person, within these specific limits." Think of it like a power of attorney (the legal document that lets someone act on your behalf), but digital, real-time, and built to handle millions of transactions a minute.

"When an AI agent initiates a payment, the verification question is complex: is this agent who it claims to be? Is it authorized to act for the user it represents? And is this specific transaction within the scope of what that user has sanctioned?" — Checkout.com, on the emerging agent authentication challenge

Nobody has a complete answer yet. But the race to build one is very real.

Who's Actually Building This

The FIDO Alliance — a nonprofit group that sets security standards for things like passwordless logins — announced it's developing standards specifically for AI agent authentication. Google contributed a framework called AP2. Mastercard brought something called Verifiable Intent. Previously in this series: Free Gun Safe From The County Ask These 2 Questions First.

Mastercard's piece is worth understanding because it's the most consumer-facing. Verifiable Intent is designed to link three things together in a single, tamper-proof record: who you are, what you meant to do, and what the AI actually did. The goal is that a merchant could check that record and know, with confidence, that the purchase was genuinely yours — not a mistake, not a fraud, not an AI that wandered outside its lane.

That's a genuinely hard engineering problem. But the business pressure to solve it is enormous. The agentic commerce market — all the buying and transacting that AI agents will eventually handle — is projected to reach $1.7 trillion. That's not a number anyone walks away from.

The catch? As Liminal points out, only 24% of consumers right now say they're comfortable letting an AI complete a purchase entirely on its own. Which means three quarters of the potential market is sitting on the sidelines, waiting to be convinced this is safe. Whoever builds the trust infrastructure first — whoever makes the average person feel confident that their AI is acting like a loyal deputy and not a rogue operator — wins a very large prize.

The Part Nobody's Talking About Yet

Here's the question that's genuinely not getting enough attention: if your AI agent makes a purchase you didn't intend, is that fraud — or is that just a bad setting you forgot to update?

The legal and practical answer to that question doesn't exist yet. And the identity industry's job, right now, is to build the record-keeping systems — the verifiable logs of exactly what your AI was authorized to do, and exactly what it did — that would let anyone answer that question later.

Think of it like a bank statement, but for your AI's decisions. Every action logged, every authorization recorded, every transaction tied back to a specific moment when you said "yes, go ahead." Without that, any dispute between you and a merchant over an AI-initiated purchase is basically your word against a log file. Up next: Ai Voice Cloning Microsoft Teams Workplace Attacks.

There's a real risk the industry fragments here, too. Different payment networks, different tech platforms, different countries — they could all end up with incompatible systems. Your AI might work perfectly when shopping at one retailer and hit a wall at another. That friction would slow everything down. Which, honestly, might not be the worst outcome for consumers who aren't sure they're ready for their AI to have a credit card yet.

If you've ever wondered whether a photo, a profile, or a digital identity is really what it claims to be — that's the exact type of question this whole infrastructure exists to answer. The interesting thing is that the same verification logic applies whether you're checking a person's face or checking whether an AI agent's claimed "permission slip" is real. One practical thing you can do right now: when any app or assistant asks you to authorize it to make purchases on your behalf, read the scope of that permission carefully. "Make purchases" and "make purchases up to $20 with your approval each time" are very different sentences. The difference between those two options is the entire problem this industry is trying to solve.

The Biometric Update reported this week that the identity sector is actively working to close this gap — standards bodies are meeting, frameworks are being drafted, and the big players are already staking out positions. That's actually encouraging. It means the people building these systems are at least asking the right questions before the AI credit cards go mainstream.

But here's the thing that sticks with me. The whole promise of an AI assistant is that it acts like a really reliable version of you — one that never forgets, never gets distracted, and handles the annoying stuff so you don't have to. The moment it starts buying things you didn't want, booking trips you didn't plan, or signing agreements you never read — it stops being your assistant and starts being your liability. And no standard, no framework, and no verification system fixes that if you never clearly told it what "yes" means.

So before the industry figures out how to verify your AI's intent — maybe decide what that intent actually is.