AI support agents are changing customer service governance

At a glance

What this is: This is an interview about Intercom's AI support agent, Fin, and the key finding is that it can resolve most customer conversations end to end in some deployments.

Why it matters: It matters because support automation is becoming an identity and governance problem, not just a productivity story, and that affects how IAM, NHI, and lifecycle controls are designed across human and machine workflows.

By the numbers:

• Today, Intercom's AI agent, Fin, handles 86% of customer conversations in some deployments.
• The typical deployment sees lower numbers, but 50-70% AI resolution is common.

👉 Read WorkOS's interview on Intercom's AI support agent and 86% resolution

Context

AI support agents are software identities that act inside customer-facing workflows, not just front ends for human agents. Once an AI system can resolve a conversation end to end, the governance question shifts from user experience to delegated authority, answer provenance, and the limits of machine-led action.

For IAM and NHI teams, the important issue is not whether AI can draft responses. It is whether the organisation can define who is accountable when the system decides, retrieves, and closes an interaction without human intervention. That creates a governance boundary that traditional support tooling and human access models do not fully cover.

Key questions

Q: How should security teams govern AI support agents that resolve customer conversations end to end?

A: Security teams should govern AI support agents as non-human identities with explicit ownership, scoped access, and defined closure authority. If the agent can end a case without human review, the organisation needs documented escalation rules, auditable decision logs, and a lifecycle owner who can approve changes, review access, and retire the system cleanly.

Q: What breaks when an AI support agent is treated like a normal chatbot?

A: What breaks is accountability. A normal chatbot suggests text, but an AI support agent may decide whether a customer issue is resolved, which knowledge sources to use, and when to stop escalating. If it is treated as a harmless interface, the organisation can lose control over access scope, case closure, and evidence for review.

Q: Why do AI support agents change identity governance in customer service?

A: They change identity governance because the system is no longer just processing data in the background. It is acting inside a business process, using access to knowledge and customer context to make runtime decisions. That means IAM and NHI controls must cover ownership, scope, auditability, and the circumstances under which human intervention is mandatory.

Q: How can organisations tell whether support automation is still under human control?

A: Look for clear escalation rules, human approval points for sensitive cases, and logs that show when the agent made a decision versus when a person intervened. If the workflow closes cases without a visible human checkpoint, the system has already crossed from assistance into delegated operational authority.

Technical breakdown

End-to-end resolution in AI support workflows

End-to-end resolution means the AI agent completes the entire customer interaction without handing off to a human. In practice, that requires retrieval over a knowledge base, response synthesis, and conversation management that can terminate the case. The critical technical point is that the system is no longer just suggesting text. It is operating as the acting identity inside the workflow, with practical authority over closure, escalation, and continuity of state. That changes the control surface from prompt quality to workflow governance, data scope, and decision traceability.

Practical implication: define exactly which conversation states an AI agent may close without human review.

AI support agents as governed non-human identities

An AI support agent behaves like a non-human identity when it operates inside business systems with persistent access to customer data, help content, and action paths. Even when the interaction feels conversational, the underlying control problem is the same as any other machine identity: scope, access boundaries, logging, and lifecycle. The difference is that the access is no longer only read-only or background processing. The agent is now making runtime decisions that shape the customer outcome, which means governance must treat it as an identity with delegated operational power.

Practical implication: inventory the agent as a governed NHI and tie its permissions to a documented business owner.

When support automation becomes autonomy

The article describes a system that handles customer conversations without human involvement, which pushes the model beyond simple automation into runtime decision-making. That does not mean every AI support bot is autonomous. But once the system selects responses, follows conversational branches, and decides whether a case is resolved or escalated without approval gates, the control problem becomes autonomous from an identity perspective. The relevant question is no longer whether the model is intelligent, but whether its decisions are bounded by pre-authorised workflow rules or by independent runtime judgment.

Practical implication: separate scripted automation from systems that can make independent workflow decisions at runtime.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• AI LLM hijack breach — attackers used stolen AWS access keys to hijack Anthropic LLM models on Bedrock.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

AI support resolution creates an identity governance problem, not just a service efficiency gain. When a system can close 86% of conversations without a human, it is acting as a delegated operator inside a customer process, not as a passive assistant. That shifts attention from response quality alone to authority, auditability, and accountability for outcomes. The practitioner conclusion is simple: if the AI can end the conversation, it must also be governed as part of the identity plane.

Fin is best understood as a non-human identity with workflow authority. The model is not just reading content, it is using enterprise knowledge to decide whether the customer is done. That means the important controls are identity scope, approved data access, and measurable ownership of the service. The practitioner conclusion is to treat support AI like any other operational identity that can affect customer state.

Customer support automation exposes a named governance concept we call conversation closure authority. This is the point at which an AI system can decide a case is resolved and remove the need for human intervention. That authority matters because it determines where escalation stops, who owns exceptions, and how errors are contained. The practitioner conclusion is to define closure authority explicitly before scaling agent-led support.

The human role does not disappear, but it moves to exception handling and judgment calls. Intercom's framing shows a common operating model for AI support adoption: machines handle repetitive volume, humans handle nuance and relationship management. That division improves efficiency, but it also creates a governance dependency on clean escalation criteria and clear ownership for unresolved cases. The practitioner conclusion is to align support operating models with the new division of labour, not the old queue-based model.

From our research:

• The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to The State of Secrets in AppSec.
• Only 44% of developers are reported to follow security best practices for secrets management, exposing a significant developer behaviour gap.
• For the broader identity control picture, review Ultimate Guide to NHIs , 2025 Outlook and Predictions for how agentic systems reshape governance assumptions.

What this signals

AI support systems are becoming part of the identity plane, which means support operations now depend on clear ownership, scoped access, and reviewable decision paths. The immediate programme signal is that security and service teams will need a shared control model for machine-led customer interactions, not just a shared ticketing workflow.

Conversation closure authority: once an AI system can end a customer case, the organisation must treat that act as a governed business decision with audit and escalation requirements. That is the point where support automation stops being a UX layer and starts becoming an identity governance issue.

The governance pressure will move toward evidence, not just accuracy. If an AI agent answers, closes, and archives conversations, teams will need to know which data it touched, what it was allowed to decide, and how quickly those permissions can be removed when behaviour changes.

For practitioners

• Classify the support agent as a governed NHI Assign an owner, define its business purpose, and record which customer data, knowledge sources, and workflow actions it may use. Do not leave the agent embedded in support tooling without an explicit identity record and approval path.
• Set closure boundaries for AI-led conversations Document which issue types the agent may resolve without human review, which cases must escalate, and what signals trigger handoff before the conversation is marked complete. Use those boundaries to align support policy with operational reality.
• Log every answer path and escalation decision Capture the knowledge articles retrieved, the response class chosen, and the reason a case closed or escalated. This creates evidence for audit, tuning, and dispute handling when customers challenge the outcome.
• Review lifecycle ownership for the agent regularly Tie access review, change approval, and decommissioning to the business team that benefits from the support automation. If the agent changes scope, its permissions and approval boundaries should change with it.

Key takeaways

• AI support agents are now operational identities when they can resolve customer cases without human involvement.
• The scale matters because 86% resolution in some deployments shows that conversational AI can already own the end of the workflow, not just assist it.
• Practitioners should govern closure authority, escalation logic, and lifecycle ownership before support automation expands further.

Key terms

• Conversation Closure Authority: The ability of an AI system to decide that a customer issue is resolved and end the interaction without a human checkpoint. In governance terms, this is a delegated business decision, so it must be assigned, logged, and reviewed like any other operational authority.
• Support NHI: A non-human identity used to operate within customer support workflows, including retrieving knowledge, generating responses, and interacting with case systems. The identity may be invisible to customers, but it still needs ownership, scoped permissions, and a lifecycle because it can affect real business outcomes.
• Escalation Boundary: The rule set that determines when an AI-led interaction must be handed to a human. A strong boundary is defined by issue type, risk level, or customer state, not by vague confidence scores alone. It is a core control for preventing machine-led overreach in support operations.

Deepen your knowledge

AI support agent governance is covered in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are defining ownership, scope, and lifecycle rules for customer-facing agents, it is a practical place to start.

This post draws on content published by WorkOS: Intercom went from skeptics to believers on AI. Read the original.