top of page
Search

When the Buyer Is a Bot: Authentication, Identity and Liability in the Agentic Commerce Era

  • Writer: TrustSphere Network
    TrustSphere Network
  • a few seconds ago
  • 3 min read

Agentic commerce, where autonomous AI agents browse, negotiate, and pay on behalf of consumers and businesses, has moved from research demonstrations into live deployments. Travel, procurement, and consumer subscription categories are seeing the first commercial waves, with major card networks and wallet providers already publishing agent-friendly payment specifications.


For payments, fraud, and financial crime teams, this is a structural change in who initiates a transaction. Existing authentication, identity, and liability frameworks were designed around a human in front of a device. When the buyer is a bot, every layer of that stack needs revisiting, and the institutions that engage with the design now will set the rules that everyone else has to follow.


What Changes When the Customer Is an Agent


An agent operates on behalf of a principal, usually a human or a business, but its session, device, and behavioural signature look nothing like the principal's. A live agent transaction may show no human-input signal at all, no biometric, no familiar device, no characteristic typing pattern, yet it represents a fully authorised purchase under the principal's instruction.


Without changes to controls, fraud systems will score these transactions as suspicious almost by default. Either the agent transaction will be declined at unacceptable rates, or fraud teams will quietly turn down the controls and create a new attack surface for adversaries hiding behind synthetic agents.


Identity, Delegation, and the Missing Trust Layer


The cleanest answer is a verifiable delegation chain in which the principal cryptographically authorises the agent for a defined scope, time, and value envelope, and merchants and payment service providers can verify that delegation independently of the agent's runtime claims.


Industry standards work in this area is still nascent. Card networks have published initial agent identifiers and intent attestations, and there is meaningful experimentation in passkey-based delegation, but no single framework has reached scheme-level coverage. Banks waiting for a final standard before engaging will find themselves consuming the standard rather than shaping it.


Liability and the Reverse-Authentication Question


If a fraudulent transaction is initiated by a compromised agent, the liability question fragments quickly. Was the principal's delegation valid? Did the agent operate within scope? Did the merchant verify the delegation properly? Did the bank apply appropriate risk controls to a delegated session?


Existing card scheme liability rules, three-domain secure assumptions, and consumer-protection frameworks all carry implicit assumptions that an agent transaction breaks. Expect the next two years of network rule revisions to be dominated by exactly this question, and expect early-mover banks and merchants to influence those rules far more than late entrants.


Fraud Typologies in an Agent-Mediated World


Three new attack patterns are already emerging. Agent impersonation, where a fraudulent agent presents stolen or fabricated delegation to a merchant. Scope abuse, where a legitimate agent is manipulated into operating beyond its authorised envelope. And prompt-driven exfiltration, where adversaries inject instructions into the agent's context to redirect funds, change shipping addresses, or alter account details.


Detection signals must shift accordingly. Agent runtime attestation, delegation-chain validation, and scope-deviation monitoring become first-class controls, alongside the more familiar device and behavioural signals adapted for non-human interaction patterns.


What Tier-1 Institutions Should Be Doing Now


Stand up an agentic-commerce working group that spans payments, fraud, identity, and legal. The decisions in this space cross every silo, and waiting for one team to lead unilaterally produces inconsistent customer policies and gaps in the control stack.


Engage actively with card scheme and wallet consultations, partner with at least one merchant operating live agentic flows, and run controlled experiments in agent-aware authentication, scope verification, and dispute handling. The institutions that learn fastest in 2026 will define the customer experience and risk envelope for the rest of the market in 2027 and beyond.


TrustSphere helps financial institutions design and deploy intelligent fraud and financial crime detection solutions. Visit www.trustsphere.ai

Comments

Recommended by TrustSphere

Atfinity


 

Izengard


 

Trefis


 

Noto360



 

Thetaray


 


Regulation Asia


 


FCC Analytics

 

Futurum



 



Darwinium


 

Arkose Labs


 

SumSub



 

FinanceX



 

FullArmor



 

Clari5



 

© 2024 TrustSphere.ai. All Rights Reserved.

hello@trustsphere.ai

  • LinkedIn

AML Watcher


 

Relevance.ai



 

LevelFive



 

Disclaimer for TRUSTSPHERE.AI

The content provided on the TRUSTSPHEREAI website is intended for informational purposes only. While we strive to provide accurate and up-to-date information, the data and insights presented are generated from a contributory network and consolidated largely through artificial intelligence. As such, the information may not be comprehensive, and we do not guarantee the accuracy, reliability, or completeness of any content.  Users are advised that important decisions should not be made based solely on the information provided on this website. We encourage users to seek professional advice and conduct their own research prior to making any significant decisions.  TruststSphere Partners is a consulting business. For a comprehensive review, analysis, or support on Technology Assessment, Strategy, or go-to-market strategies, please contact us to discuss a customized engagement project.   TRUSTSPHERE.AI, its affiliates, and contributors shall not be liable for any loss or damage arising from the use of or reliance on the information provided on this website. By using this site, you acknowledge and accept these terms.   If you have further questions,  require clarifications, or requests for removal or content or changes please feel free to reach out to us directly.  we can be reached at hello@trustsphere.ai

bottom of page