Switch Edition
Home

>>

Technology

>>

Cyber security

>>

Know Your Agent: The Next Iden...

CYBER SECURITY

Know Your Agent: The Next Identity Check Enterprises Aren't Ready For

Know Your Agent: The Next Identity Check Enterprises Aren't Ready For
The Silicon Review
07 July, 2026
Author: Karina Portugal

Every security team, enterprise or startup, already knows KYC. Know Your Customer. Verify who the human is before you trust them with money, data, or access.

Now there's a harder question sitting on the same desk: Know Your Agent.

AI agents are booking travel, moving money, updating records, and executing tasks that used to require a person at the keyboard. Gartner projects 40% of enterprise applications will have embedded AI agents by the end of 2026, up from less than 5% in 2025 [1]. Startups building on top of agent frameworks are moving even faster than that curve, often shipping agentic features before the identity layer underneath is mature enough to support them. This isn't a future scenario. It's this year.

Here's the part most companies haven't priced in: an agent that's been hijacked doesn't look hijacked. It still holds the same session, the same token, the same “trusted” label the system gave it on day one. It just starts doing something it wasn't supposed to do. To every system downstream, that still looks like a legitimate, authorized action, because nothing in the architecture was built to ask whether the agent acting right now is still the agent you meant to authorize.

That's a different problem than the one identity teams spent the last decade solving. Human authentication asks: is this the right person? Agent authentication has to ask a second question on top of that: is this still the right agent, doing the right thing, on this specific action, right now? A login at 9am doesn't guarantee the same session is safe to trust at 9:05.

Take something as simple as buying a concert ticket. Say you tell your agent: “Get me two tickets to Hot Chip, best price you can find.” The agent goes to StubHub, compares listings, picks a seller, and completes the purchase. From your side, that's convenience. From the seller's side, a harder question just showed up: who is actually on the other end of this transaction? Is it really your agent, acting within the budget and intent you gave it? Or is it an agent that's been redirected, using your payment method to buy from a seller it was never supposed to trust, at a price you never approved?

That's friction in its purest form: the seller has no reliable way to verify the agent's authorization the way it would verify a human buyer's identity. Human-in-the-Loop is the industry's current answer, requiring a person to approve the transaction before it completes. It works, but it doesn't scale: if every purchase, every booking, every contract needs a human tap of approval, the agent stops saving anyone time. The alternative isn't removing the human. It's building verification that travels with the agent, continuously, so the system can tell the difference between “your agent, doing what you asked” and “something wearing your agent's credentials.”

The scale of the shift makes this urgent. According to Vectra AI, fraud enabled by generative AI grew 1,210% in 2025 [2]. The World Economic Forum's most recent analysis on identity fraud notes that AI-driven fraud agents, systems that generate synthetic identities and adjust their behavior in real time based on what works, could become mainstream within the next 18 months, particularly inside organized fraud networks [3].

NIST's AI Risk Management Framework already recognizes that AI systems operate across a spectrum of autonomy, from fully manual to fully autonomous, and that governance has to account for where on that spectrum a given system sits at any moment, not just at deployment [4].

That's the shift enterprises, and the startups selling into them, need to make now. Not “did we authorize this agent,” but “can we verify, continuously, that this agent is still acting the way we authorized it to.” Static trust, granted once at setup, doesn't hold up against a system that can be quietly redirected mid-task. For venture capital and enterprise buyers alike, this is becoming a diligence question, not just a security one: does this agentic product actually verify itself, or does it inherit trust it hasn't earned?

Know Your Customer answered who's on the other side of the transaction. Know Your Agent has to answer something harder: is the thing acting on your behalf still the thing you trusted this morning.

References

[1] Gartner, “Gartner Predicts 40% of Enterprise Apps Will Feature Task-Specific AI Agents by 2026, Up From Less Than 5% in 2025” (2025). https://www.gartner.com/en/newsroom/press-releases/2025-08-26-gartner-predicts-40-percent-of-enterprise-apps-will-feature-task-specific-ai-agents-by-2026-up-from-less-than-5-percent-in-2025

[2] Vectra AI, generative AI fraud analysis. https://www.vectra.ai/topics/ai-scams

[3] World Economic Forum, “How identity fraud is changing in the age of AI” (2025). https://www.weforum.org/stories/2025/12/how-identity-fraud-is-increasing-in-the-age-of-ai/

[4] NIST, AI Risk Management Framework (AI RMF). https://www.nist.gov/itl/ai-risk-management-framework

About the Author

Karina Portugal is Director, Banking, Marketplaces, Strategic Partnerships & Agentic Trust at Prove, with a focus on identity, fraud prevention, and trust infrastructure for agentic AI. With more than 10 years of experience in fraud prevention, AML, KYC, and digital identity across global fintechs and technology companies, she writes on AI, agentic commerce, digital identity, and the trust infrastructure behind the next generation of autonomous systems. She has completed executive programs at the Wharton School and Stanford, and is an Ambassador for SafetyWing.

Comments

Loading comments…
Loading comments…

MOST VIEWED ARTICLES

RECOMMENDED NEWS

Client-Speak Magazine Subscribe Newsletter Video
Magazine Store
May Edition Cover
πŸš€ NOMINATE YOUR COMPANY NOW πŸŽ‰ GET 10% OFF πŸ† LIMITED TIME OFFER Nominate Now β†’