As AI agents increasingly handle tasks like booking travel and purchasing groceries, there's a growing risk that these digital assistants could make unauthorized or erroneous transactions. A new initiative by the FIDO Alliance, in partnership with Google and Mastercard, aims to set security standards that keep AI agents on a short leash.
The proposed framework would require AI agents to request user approval for each transaction, using biometric authentication or PINs. This extra step ensures that even if an agent acts outside its bounds, it can't drain bank accounts or max out credit cards without explicit consent.
"We're entering an era where people will delegate more decision-making to AI," says Andrew Shikiar, executive director of the FIDO Alliance. "The challenge is to enable convenience without sacrificing security."
The plan is part of a broader effort to adapt passkeys and other strong authentication methods to the unique challenges posed by autonomous AI agents. By building guardrails now, the alliance hopes to prevent the kind of financial chaos that could undermine trust in AI-powered commerce.