ZeroBiometrics details how biometric AI agent authorization suite works

ZeroBiometrics has laid out the details of its suite of AI agent binding, authorization and verification software, ZeroSentinel, in a technical white paper, titled “A Standards-Aligned Cryptographic Human-Authorization Layer for Agentic AI.”

The white paper sets out how ZeroSentinel uses industry standards like X.509 certificates, OAuth 2.0 and sender-constrained RFC 8705 tokens to bind human intent to AI actions with a cryptographic authorization control “plane.”

A concept paper published by the NIST NCCoE in February explained the challenge, requested industry feedback and proposed a project to adapt IAM frameworks to secure agentic AI.

“NIST could have approached agentic identity from any number of angles — behavioral monitoring, model alignment, runtime sandboxing, reputation scoring,” ZeroBiometrics says in the white paper. “Instead, they framed the problem in terms of cryptographic identity, delegated authorization, and verifiable scope. These are precisely the questions ZeroSentinel was designed to answer.”

The company has created a delegation chain in which ZeroCert, the X.509 certificate that contains the public portion of the biometrically-derived IdentyKey, anchors human identity. What the AI agent is authorized to do is specified by a ZeroGrant following a biometric signing ceremony ZeroBiometrics says is inspired by FIDO principles. The ZeroIntent proxy and enforcement gateway sits between the AI agent and downstream services.

What differentiates ZeroBiometrics’ approach, the company says, is the use of unstored ZeroFace face biometrics in the ephemeral ECC keypair used as the human’s signing key, the policy for the non-human identity (NHI) directly bound into the signed ZeroGrant and pairwise pseudonymity.

Article Topics

AI agents  |  authorization  |  biometric authentication  |  biometrics  |  face biometrics  |  ZeroBiometrics