TL;DR: Agentic commerce cannot safely start with the agent because trust depends on a verified human, an authenticated device, and a cryptographic binding that defines scope, according to Prove Identity. The governance shift is that identity controls must extend from the person at login to the agent acting on their behalf, or delegation becomes unauditable and overbroad.
NHIMG editorial — based on content published by Prove Identity: The Crisis of Identity, Part 2: From Human Identity to Agent Authority with the Prove Identity Graph
By the numbers:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.
- 17 minutes and as quickly as 9 minutes, cly, attackers attempt access within an average of 17 minutes and as quickly as 9 minutes in some cases.
Questions worth separating out
Q: How should security teams govern agent actions that inherit human authority?
A: They should govern agent actions as delegated identity events, not as independent accounts.
Q: Why is login authentication not enough for agentic commerce?
A: Login proves the person once, but agentic systems need proof that the downstream action still matches the original trust context.
Q: What do IAM teams get wrong about reusable identity passports?
A: They often treat them like durable credentials instead of dynamic trust bindings.
Practitioner guidance
- Map delegated agent authority to the originating human identity Require every agent permission to resolve back to the verified person and authenticated device that created it, so reviewers can trace provenance and revoke trust at the source.
- Treat the device as part of the identity boundary Include device posture, binding state, and session integrity in authorisation decisions for agent actions, rather than relying on the human login alone.
- Make delegation artefacts revocable on trust change Design reusable identity passports or equivalent tokens so that a change in identity risk, device state, or context can invalidate downstream agent authority immediately.
What's in the full article
Prove Identity's full blog post covers the operational detail this post intentionally leaves for the source:
- The reusable identity passport design and how it binds a verified human to a device in practice
- The continuous validation mechanics that keep delegation current across sessions and merchants
- The developer integration model for adding agent authority without changing the user experience
- The trust propagation flow from human identity to merchant endpoint to downstream agent action
👉 Read Prove Identity's analysis of agent authority and verified human trust →
Agent authority and verified identity: what IAM teams need to know?
Explore further
Agent authority is a delegation problem, not a new identity category. The article correctly frames AI agents as inheriting authority from a verified human and an authenticated device, which means the trust model lives upstream of the agent itself. That is a familiar IAM pattern, but the scale and speed of agentic execution make weak delegation decisions far more consequential. Practitioners should treat this as an extension of identity governance into non-human action, not as a separate security silo.
Identity programmes will need to move from session-centric authentication to delegation-centric governance. Once agents act on behalf of verified people, the control question becomes whether authority is still valid at the moment of execution, not just at login. Teams should align agent policy, logging, and revocation with that shift, and use the NIST AI Risk Management Framework where autonomous decisioning is present.
A question worth separating out:
Q: How can organisations audit agent authority without slowing user experience?
A: By logging delegation as a cryptographic event and separating trust validation from repeated user prompts. The organisation can preserve a low-friction experience while still recording who authorised the agent, what device anchored the trust, and what scope was granted. That gives auditability without forcing every action through manual approval.
👉 Read our full editorial: Agent authority depends on verified human identity and device trust