With the US all-in on AI, buzz on AI agents gets louder and need for trust increases

According to an article from Fortune, foreign investments in AI stocks now account for about 30 percent of the U.S. market – meaning “America has become one big bet on AI,” as tariffs slow investment in other sectors (or abandon them). While the by-now practically useless term “AI” tends to conjure LLM chatbots like ChatGPT or generative deepfakes with six hands, there is much ado about AI in the identity space, as businesses deploy AI agents to manage tasks.

With great power, of course, comes the risk of fraud. With agentic AI, the stakes are raised: it’s not just making sure lackadaisical employees do what’s asked of them, but also ensuring your unit of bots doesn’t decide to take over the HR department, or make other questionable decisions of its own accord. While AI agents are designed to be non-deterministic and flexible, they are only useful in the workforce if they’re helping to achieve the agreed-upon outcome.

“The rapid rise of AI agents presents urgent challenges in authentication, authorization, and identity management,” begins a new paper from OpenID, examining identity management for agentic AI. “Current agent-centric protocols (like MCP) highlight the demand for clarified best practices in authentication and authorization. Looking ahead, ambitions for highly autonomous agents raise complex long-term questions regarding scalable access control, agent-centric identities, AI workload differentiation, and delegated authority.”

The paper outlines what resources are available for securing agents and presents a “strategic agenda to address the foundational authentication, authorization, and identity problems pivotal for tomorrow’s widespread autonomous systems.”

Tomorrow’s autonomous systems are not a foregone conclusion, and there are pitfalls to avoid. The fragmentation of the market into proprietary agentic identity systems could create a log jam. Accountability gaps lead to security risks. And “scalability problems exist in human oversight and user consent: users will face thousands of authorization requests as agents proliferate, creating security risks from reflexive approval.”

The paper says trustworthy autonomy needs automated verification, given the complexity of ecosystems. “Technological advancements allow an agent to act on its own, requiring agents to have their own credentials, permissions, and audit trails. Furthermore, an agent’s nature can be hybrid, enabling it to alternate between independent execution and acting on behalf of a user.”

“The rapid evolution of AI agents from simple tools into autonomous actors marks a critical inflection point for the digital identity landscape,” says the paper’s conclusion. It’s not just a technical upgrade; it’s an evolutionary step in which developers, standards bodies and enterprises all play a role.

OpenID believes the future of a truly interconnected and autonomous agent ecosystem “invites a pioneering new era of identity and authority defined by true delegation over impersonation, scalable governance over consent fatigue, and interoperable trust over proprietary silos. Solving for recursive delegation, scope attenuation, and verifiable, enterprise-grade security profiles is the central work of this time.”

Language framing AI agents as equivalent to humans is foolish

If the AI boom is a reaction to the shift in U.S. economic policy, the jargon of BroTech is what has turned it into such a successful sideshow. Evangelizing is the conscious effort to push the narrative, and it inevitably leaks into media coverage.

Still, it is a shock to see a headline as dumb as this, from a recent Forbes article about agentic AI: “Should AI Agents Carry Identity Cards?”

The framing is absurdist and unhelpful in trying to communicate what AI agents are and can do. Besides which, it minimizes the real problem: in letting AI agents perform more tasks with more so-called autonomy, stronger digital certificates are becoming essential.

“The thing that has most greatly impacted the wider adoption of certificates has been the rush to deploy AI agents without the thought towards the management of them,” says Chris Hickman, chief security officer at Keyfactor, in a report from Tech Monitor. “But the reality is that the nature of agentic AI is going to provide a scale that most organizations have probably not seen before.”

Hickman says trying to use human-based onboarding and credentialing for AI agents “would be like trying to onboard 10,000 customer service agents dynamically.”

“Agents asking other agents for data and information – that’s really where we kind of come back to a cryptographic anchor or something like a root of trust.”

Okta, Ping Identity get nods from Forbes as IAM leaders

There are organizations that can help. Headline aside, Forbes names some key players in the IAM market, including Okta, Microsoft EntraID, SailPoint and CyberArk. “Ping Identity is known for its multi-factor authentication and adaptive access technologies; aspirant hyperscaler hopeful Oracle Cloud has plenty in this space; ForgeRock is in the usual suspects mix with a pledge to put the C in customer CIAM; and (along with the always present IBM) there’s also Saviynt for identity controls with risk scoring and One Identity with its workforce identity offerings.”

No shortage of offerings, then, to manage the permissions and access controls needed to ensure the agentic AI workforce stays in line.

Meanwhile, the entire landscape is in flux. Tech Monitor cites three “seismic shifts in cryptography” that are converging just as agentic AI reaches enterprise scale.

“Public certificate lifespans are shrinking to 47 days – a dramatic reduction from current standards. Post-quantum cryptography is approaching maturity, requiring organisations to replace algorithms that have barely changed in decades. And now AI agents are demanding certificate management at an unprecedented scale.”

Most businesses aren’t equipped to handle the threat. But it can be met with the right kind of early action, and a security-by-design approach.

‘Existential moment for the internet’: McMullen

On a recent podcast appearance, Billions Network Co-founder and CEO Evin McMullen suggests we are at an “existential moment for the internet,” forecasting that AI agents will have infiltrated the workforce within the next few months.

That statement is in keeping with the dialectical tech world narrative that presents certain innovations as inevitable, then preaches about the risk. Billions Network is pushing its “Deep Trust Framework,” which it says can assign unique, verifiable identities to AI agents through the use of zero-knowledge proofs. A technical report on the framework argues that “trust in AI systems must be derived from the relationships these agents establish with other entities in a reputation system, including humans, organizations, and other AI agents.”

The authors highlight “the necessity of establishing unique, verifiable identifiers for AI agents, which can anchor reputation systems and facilitate trustworthy interactions in both human-to-agent (H2A) and agent-to-agent (A2A) scenarios.”

As with deepfakes, everyone warning of the severity of the problem has a solution in their pocket. Whether it’s an IAM orchestration platform or some variant on KYA, there is a growing market for products to support the secure deployment of agentic AI. But, in the view of Chris Hockman, there’s no need to reinvent the wheel: the tools are already available. They just have to be used in the right way.

“This is not a great time to try to reinvent security specific to agentic AI,” he says. “We know PKI scales. We know certificates work.”

Article Topics

AI agents  |  digital identity  |  identity access management (IAM)  |  OpenID Foundation