Notifications
Clear all
Topic starter
10/06/2026 10:33 pm
TL;DR: Consumer confidence in AI agents is conditional, with 74% of Hong Kong respondents saying verification would increase trust and 44% reporting at least one negative outcome such as unintended actions, data leaks, fraud, or account compromise, according to Sumsub's Greater China survey. Human approval remains the control boundary, not a nice-to-have, because agent actions are already crossing into payments and sensitive data handling.
NHIMG editorial — based on content published by Sumsub: 74% of Hong Kong consumers call for verified AI agents, as regulators warn of escalating fraud, data leaks and misuse
By the numbers:
- 74% of Hong Kong consumers agree that verifying AI agents would boost confidence by confirming the agent’s identity, permissions, and actions.
- 44% of consumers have experienced at least one negative outcome linked to AI agent use, ranging from unintended actions to account compromise.
- 77% of consumers across Greater China say they would feel more secure if human approval were required before AI agents proceed.
Questions worth separating out
Q: What breaks when consumer AI agents can act without human approval?
A: The main failure is delegated authority without a reliable review boundary.
Q: Why do AI agents create trust problems for consumer IAM programmes?
A: They blur the line between assistance and execution.
Q: How do organisations know if AI agent verification is actually working?
A: They should be able to show that each agent action is tied to a verified principal, a scoped permission set, and a complete audit trail.
Practitioner guidance
- Define delegated action scopes for consumer AI agents Document which actions an agent may suggest, stage, or execute, and separate low-risk assistance from state-changing actions such as purchases, payments, and account changes.
- Bind agent activity to a verifiable principal Require traceable identity binding for the agent, the human principal, and the session context so every action can be attributed after the fact.
- Require human approval for high-impact steps Insert approval gates before irreversible or financially material actions, especially payments, data disclosure, and account recovery flows.
What's in the full report
Sumsub's full survey coverage covers the operational detail this post intentionally leaves for the source:
- Country-by-country trust and adoption breakdowns across Mainland China, Hong Kong, and Taiwan.
- Detailed consumer responses on where humans still want approval before AI agents act.
- The survey methodology from Blackbox, including the sample design and question framing.
- Sumsub's description of its AI Agent Verification and KYA approach.
👉 Read Sumsub's survey on verified AI agents and consumer trust →
Verified AI agents in consumer apps: what does IAM need to change?
Explore further
11/06/2026 2:38 am
Verified agent identity is becoming the baseline for consumer trust, not an optional enhancement. When 74% of Hong Kong consumers say confidence would rise if they could verify an AI agent’s identity, permissions, and actions, the market is describing an identity assurance problem, not a UX preference. The governance question is whether platforms can bind delegated behaviour to a provable principal and keep the audit trail intact. Practitioner conclusion: identity proofing for agents is now part of customer trust architecture.
A few things that frame the scale:
- 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to The 2026 Infrastructure Identity Survey.
- That same survey found that systems with least-privileged AI access had a 17% incident rate versus 76% for over-privileged systems.
A question worth separating out:
Q: Who is accountable when an AI agent causes a harmful consumer transaction?
A: Accountability usually spans the platform, the provider of the agent, and the user, but the programme must still assign a primary control owner. Without that, blame becomes fragmented and incident response slows down. Governance should make approval, disclosure, and logging responsibilities explicit before the agent is enabled.
👉 Read our full editorial: Verified AI agents are becoming a consumer trust requirement
