CaraComp
CaraComp
Forensic-Grade AI Face Recognition for:
Get Started7-day refund guarantee**
biometrics

Your AI Just Bought $340 of Vitamins. Your Fingerprint Said Yes.

Your AI Just Bought $340 of Vitamins. Your Fingerprint Said Yes.

Picture this: you set up an AI shopping assistant to reorder household basics when you run low. One Tuesday morning, it buys you $340 worth of supplements you didn't ask for — because you once clicked "interested" on a wellness article. Your phone's fingerprint reader approved the payment. Technically, the system worked perfectly. So whose fault is that?

TL;DR

Visa is rolling out passkeys — phone-based identity checks that replace passwords at checkout — but the real gap isn't security anymore. It's whether anyone can prove you actually authorized what an AI assistant just bought on your behalf.

Visa just made a significant move. The company is expanding what are called payment passkeys — a system that lets your phone's fingerprint reader, face scan, or PIN replace the old "enter your password / check your email for a code" checkout dance — across Asia Pacific, into online shopping in India, and now into live AI-assisted payment pilots in Europe. A real test transaction was completed in Germany: an AI agent made a purchase, and a passkey on the user's device approved it.

That last sentence deserves a second read. An AI made the purchase. The human's phone said yes.

First, the Part That's Actually Good News

Let's be fair: passwords at checkout are terrible. Not "inconvenient" terrible — actually dangerous terrible. The one-time codes texted to your phone (you know, "your verification code is 847291, never share this") can be intercepted. Fake checkout pages trick people into typing their passwords every single day. This is how billions of dollars get stolen annually from ordinary people, not just corporations.

Passkeys fix this specific problem well. Here's how they work in plain English: instead of storing a password on a website's server — where it can be hacked — your phone holds a private digital key that never leaves your device. When you check out, your phone and the payment system do a quick handshake to confirm it's really your device. Your fingerprint or face scan just unlocks that handshake. Nobody can steal a password that doesn't exist.

According to Biometric Update, Visa's system lets cardholders approve online payments using whatever security feature their phone already has — fingerprint, face recognition, a PIN, even a swipe pattern. You're not learning new technology. You're using the thing you already do to unlock your phone every morning.

That's genuinely good. The old system had real holes. This plugs them. This article is part of a series — start with Face Match Not Proof Biometric Assurance Deepfakes.


Here's Where It Gets Complicated

The problem isn't the technology. The technology works. The problem is the question the technology doesn't answer.

A passkey confirms who you are. It does not confirm what you meant to do.

Those two things used to be the same. When you typed in your password and clicked "confirm purchase," the act of doing it was the proof you intended it. You were present. You were in the loop. Now, increasingly, you might not be — because an AI assistant is acting on your behalf, and your phone's passkey is just... approving whatever it decided.

47%
of U.S. shoppers already use AI tools for at least one shopping task
Source: Industry research cited by PYMNTS.com and AI2Work

Nearly half of American shoppers are already using AI for at least some part of their purchasing decisions. By next holiday season, millions more will be using AI agents that can complete purchases entirely on their own. McKinsey projects this kind of AI-assisted commerce could touch up to $1 trillion in U.S. retail revenue by 2030. That is not a distant future scenario. That is the system being built right now, this year, in live pilots.

And the infrastructure for who's responsible when something goes wrong isn't ready.

"The focus is no longer on whether a user is authenticated; instead it shifts to understanding who authorized the agent, what permissions it holds, whether it is acting within intent, and whether that intent can be independently verified." — Analysis via FIME, on the trust gap in AI-driven commerce

Read that again slowly. It's not asking "did we confirm the shopper's identity?" That part is solved. It's asking: did the person actually tell the AI it could do this specific thing? And can anyone prove it after the fact?

Right now, mostly: no. Previously in this series: Your Face Is Being Scanned At The Grocery Store And A Tiny S.


Trusted by Investigators Worldwide
Run Forensic-Grade Comparisons in Seconds
Court-ready facial comparison reports. Results in seconds.
Get Started
7-day refund guarantee**
🎆 July 4th Sale: 50% OFF your first month — use code JULY426 at checkout · ends July 11

The Chargeback Nobody Planned For

Here's the scenario that should be keeping payment lawyers very busy. An AI agent, working within the parameters you set weeks ago, makes a purchase you'd consider way outside what you intended. You call your bank and dispute the charge. The bank looks at the transaction log: your passkey approved it. The AI platform says: our agent acted within the permissions granted. The merchant says: we got a valid payment, we shipped the goods. You're left going, "but I didn't actually mean to buy that."

Who eats the loss? Nobody has a clear answer yet.

The chargeback rules that currently exist were written assuming a human being pressed the buy button. They were not written for a situation where a software agent pressed it, operating on a general approval you gave six weeks ago during setup. AI2Work's analysis of agentic commerce flags this directly: when an autonomous agent makes a purchase a customer later disputes, the liability chain — meaning who is legally responsible — is entirely unclear. And smaller merchants are expected to absorb a disproportionate share of the early-stage risk while the industry figures it out.

Some smart people are working on this. Mastercard has developed what they call Verifiable Intent — a framework where AI agents are issued credentials (think: a digital permission slip) that cryptographically link every transaction back to a specific human-approved mandate. The mandate can include: allowed types of stores, spending limits, and expiration windows. The agent can only buy within those rails, and every transaction carries proof of what the human actually authorized.

That's a genuinely good idea. Mastercard's Verifiable Intent framework essentially creates a receipt for your intent, not just your identity. The problem, as PYMNTS.com notes, is that most companies haven't upgraded to meet it yet. A pilot working beautifully in a controlled test and an ecosystem of thousands of merchants all correctly implementing intent verification are two very different things.

Why This Matters to You Specifically

  • Your phone approval means more than you think — When you unlock a passkey at checkout, that may soon count as approving AI purchases you weren't directly watching happen
  • 📊 Dispute rules haven't caught up — The chargeback system (your "I didn't authorize that" protection) was built for humans clicking buttons, not AI agents acting on old permissions
  • 🔍 Setup screens matter now — The permissions you grant an AI assistant during initial setup are effectively a blank check until the industry standardizes intent verification
  • 🔮 The standards are being written right now — Groups including Visa are actively working on authentication and liability frameworks for AI-driven commerce — which means the rules could look very different in 18 months

What You Can Actually Do About This Today

You don't need to panic. You don't need to avoid AI shopping tools entirely. But you do need to treat the setup screen of any AI assistant like a contract — because functionally, it is one.

When an AI shopping tool asks you to set your preferences, spending limits, and approved categories, take that seriously. That's not a convenience feature. That's the only instruction your AI agent will have when it's making decisions without you in the room. Set hard spending caps. Be specific about what types of purchases it's allowed to complete versus what it should only suggest and wait for your confirmation. Most AI tools, even today, let you require a separate approval step for purchases above a certain amount — use it. Up next: That 99 Face Match Unlocking Your Bank Fraudsters Just Found.

If you ever wonder whether a charge on your statement was something you actually authorized versus something an AI agent decided on its own, that's a legitimate dispute — and one worth making. The industry needs the paper trail of those disputes to accelerate building clearer rules.

Here's a useful thing to watch for: when a payment app or AI assistant asks you to set up passkeys, check whether it also shows you a clear summary of what your AI is permitted to buy. If that screen doesn't exist — if it's just "approve everything" with no limits — that's a yellow flag about how seriously that company has thought through the liability question.

Key Takeaway

Passkeys solve the password theft problem — and that's a real win. But your bigger job now is making sure you understand what you're pre-approving when you hand an AI assistant the ability to shop on your behalf. The phone check proves it's you. Nothing yet proves it's what you meant.

If you've ever wondered whether an online transaction was really authorized by you or just technically attributed to you — that's the exact gap this whole industry is scrambling to close before AI-assisted shopping becomes the default. CaraComp exists for exactly this kind of "wait, is that really me?" question, whether it's a face, a profile, or a payment. The useful thing to do right now, before any of this is fully sorted, is stay skeptical of "set it and forget it" — and read the permissions screen like someone who knows it matters.


The payment industry is spending enormous energy solving the question of "is this really you?" Passkeys, biometrics (your fingerprint, your face — the body stuff uniquely yours), cryptographic keys — all pointed at proving identity. That problem is basically solved.

The problem nobody has fully solved yet is quieter and more personal: did you actually mean to do that?

And in a world where an AI agent can make a purchase while you're asleep, your phone unlocked, your old permissions still active — the gap between "proven identity" and "genuine intent" is exactly the space where a trillion dollars of commerce is about to be decided. The question worth asking before your AI assistant gets its own passkey approval is simple: whose intention, exactly, is being verified?

Ready for forensic-grade facial comparison?

Full forensic reports with detailed similarity scoring. Results in seconds.

Run My First Search