The Crisis of Identity, Part 1: Why Agentic Commerce Needs a KYA Roadmap

Over the last two years, the rise of agentic systems has introduced an entirely new layer to the digital economy. AI agents, delegated shoppers, automated negotiators, and new types of machine-to-machine commerce, now perform real economic activity. They purchase goods, book travel, fill shopping carts, pay, and support offers and loyalty on behalf of humans. Agentic activity is quickly becoming the new operating layer of the digital economy, and it is redefining not only how commerce is executed but also what it means to authenticate, authorize, and trust economic actors at global scale.

Analysts estimate that this shift could unlock $1.7 trillion in new economic value over the next decade. But there’s a catch, and it’s one that the industry hasn’t solved and can no longer ignore:

We cannot yet trust the identity of the agents acting on our behalf. And the technology is moving faster than the trust infrastructure.

We’re knee-deep in the Protocol Wars, a period in which competing and complementary approaches to agent identity, authentication, authorization, delegation, and control, are advancing in silos with limited coordination. The result is a fractured ecosystem in which agents are free to act, but verification and human attribution change from environment to environment, leaving consumers, merchants, issuers, and acquirers exposed to wildly different levels of risk depending on where and how those agents operate.

The Crisis: Authentication Did Not Evolve With Agents

For 25 years, digital identity has mostly been about authenticating a person during a session. It’s based around a basic, but hard to quantify, measure: Is this really the right human? It then has anchored that identity to a device, an account, and a set of credentials. 

Authentication presumed that the identity was: a human, using a device, interacting with a business, and happening during a bounded moment in time. But agentic commerce breaks these assumptions.

Agents operate synchronously or asynchronously, sometimes autonomously, sometimes in swarms. They can spin up and disappear instantly. They may share models, memory, or keys. They can run on the edge, in the cloud, or inside an app. And they can be delegated vast spending or decisioning authority.

The identity systems we use today were never designed to authenticate a participant that may not even be human. While the spotlight is on payments, this is the underlying identity crisis that determines whether agentic payments can be executed safely and at scale.

The Protocol Wars: Chaotic, Incomplete, and Moving Too Fast

Right now, multiple groups are trying to define how agents represent identity, authorize access, sign actions, delegate control, and interoperate. A handful of major initiatives have emerged as early anchors in this space, including ACP, AP2, UCP, and KYAPay, alongside a long tail of more specialized or niche projects exploring adjacent approaches to agent credentials, attestations, signatures, secure sessions, capability tokens, and delegation frameworks.

Yet none of these protocols agree on the fundamentals, let alone how they should connect to the human who ultimately owns the transaction.

What we’re seeing right now is the predictable turbulence that precedes the emergence of a dominant trust standard. It’s being driven by impressive innovation, but it breeds fragmentation, where every actor is effectively speaking a different dialect of identity. That fragmentation carries real consequences. Merchants, for example, often cannot determine whether the agent initiating a transaction is legitimate or the product of a sophisticated spoof. Consumers, meanwhile, lack any meaningful visibility into where their agents are acting on their behalf or whether those agents are being impersonated across channels.

Fraud flourishes in this uncertainty. Attackers are already exploiting protocol gaps to generate synthetic agents at scale, taking advantage of the fact that most identity systems have no reliable way to trace an agent back to the verified human who supposedly controls it. Developers feel this tension acutely. They are being asked to deliver seamless agentic experiences while assuming responsibility for a fragmented, undefined chain of custody, one that forces merchants to implement different standards, identity services, and fraud postures for each agentic environment, with no uniform way to identify users or reliably associate them with payment methods.

The tide is beginning to turn, but in a way that mirrors the problem itself: fragmentation. The industry is now racing to retrofit trust onto agents it has already deployed, advancing a patchwork of solutions rather than a shared foundation. Without a unifying balance protocol that anchors agentic activity to verified identity, the $1.7 trillion opportunity ahead risks being undermined by structural weaknesses, systemic fraud, and a gradual erosion of confidence.

Why Legacy Solutions Fall Short

Legacy approaches to agent identity and authentication fall short because they were never designed for the flexibility of agentic commerce. Most rely on weak customer authentication and treat the connective tissue between identity, permissions, agents, and merchants as little more than reusable auth tokens, an approach that breaks down as authority is delegated, recombined, and exercised across dynamic, multi-agent flows. At the same time, much of the momentum from large platforms has taken the form of nominally open frameworks that still reinforce ecosystem lock-in, creating identity systems optimized for a single provider rather than interoperable agent behavior across environments. The result is a brittle foundation that cannot reliably support cross-platform delegation, nuanced permissions, or the fluid handoff between human intent and agent execution that defines this new era.

Developers are often forced to stitch these components together manually, contending with tools that are either too slow, too rigid, or too complex to integrate cleanly into high-velocity agent architectures. Compounding the problem, many current protocols default to a human-centric view of identity, assuming that either a fully autonomous agent or a fully present human is driving the interaction. Agentic commerce is neither. It exists in the liminal zone where human intention is extended, mediated, or partially automated through agents—requiring trust to pass seamlessly between human and agent, agent and device, and device and merchant.

Today’s systems simply cannot support that fluidity. The evidence is visible across the ecosystem: incompatible standards, closed implementations, and escalating fraud that feeds on the gaps between identity layers. Until we acknowledge that legacy identity frameworks are structurally misaligned with the realities of agentic commerce, the ecosystem will continue to absorb unnecessary risk and architectural friction.

Why We Need KYA: The Balance Protocol for Agentic Commerce

To address the needs of today’s merchants and online services, Prove has developed a Know Your Agent (KYA) solution called Prove Verified Agent. It is an AI-native trust framework that extends Prove's decade-plus identity infrastructure to autonomous agents. Built on the foundation of Prove's Identity Graph, which maintains verified linkage data on more than 10 billion devices and 2.5 billion identities, the Prove Verified Agent solution creates a portable, persistent, and proven identity layer for agentic interactions.

The principle behind KYA begins with a simple assertion: agentic commerce cannot scale without a foundational trust layer, and that layer must be capable of binding every agentic action back to a verified human and a verified authorization event. Prove Verified Agent is a manifestation of this KYA approach, and is designed to supply exactly that layer of assurance.

At its core, KYA ensures that every agent can be traced to a legitimate owner. It establishes a verified human-to-agent binding that makes it possible to answer fundamental questions: Who owns this agent? Who delegated authority to it? And was that delegation authenticated in a way that is cryptographically indisputable? Without clarity on these points, no downstream agentic behavior can be trusted.

But ownership alone is not enough. A serious KYA framework has to be able to guarantee agent-to-session integrity. An agent must operate within a secure, verifiable session, with every request signed using real, immutable keys. The system must preserve continuity across actions so that developers, merchants, and platforms can confirm that an agent is not being spoofed, hijacked, or forked mid-interaction. Prove Verified Agent is engineered to enforce these guarantees seamlessly and at scale.

Ultimately, agentic commerce requires a reliable connective tissue between the agent and the business. Merchants need cryptographic certainty that a specific agent, operating from a specific device, on behalf of a specific person, is authorized to perform the action in front of them. This assurance goes far beyond traditional identity. It demands orchestration through a secure, coordinated framework that links the person, their device, their agent, the merchant, the payment method, and the resulting outcome into a single, verifiable chain of custody.

The Chain of Custody for Agentic Identity

A KYA framework begins with the familiar building blocks of digital trust: cryptographic keys, signatures, secure sessions, and verifiable state transitions. But the actual value of these primitives emerges only when they are orchestrated into a coherent chain of custody that ties every agentic action back to a verified human. It is this identity orchestration that determines whether delegation is safe, whether authorization is meaningful, and whether an agent can act on behalf of a person without introducing systemic risk. Without this linkage, no higher-order capability in an agent stack can be trusted.

The foundational layer that enables this must be designed with architectural pragmatism. It has to meet developers where they are, offering an experience that is flexible, lightweight, and adaptable across diverse agent platforms. It must be deployable in real time, capable of integrating into legacy systems without introducing latency or friction. At the same time, it must be engineered to operate at massive scale, quietly facilitating billions of interactions without drawing attention to itself or imposing cognitive overhead on users. The best trust infrastructure is the kind that disappears into the background—strong enough to anchor the ecosystem, yet subtle enough to be overlooked.

In this sense, the trust layer for agentic identity should resemble the world’s most reliable networks: global payment rails, carrier-grade telecom infrastructure, or the federated identity protocols that power single sign-on. These systems succeed not because they are visible, but because they are silently dependable. The foundational layer for KYA must aspire to the same standard.