The current moment would have us believe that AI agents are about to become our co-workers, personal assistants, pocket buddies and therapists. The tech and business worlds are preparing for an influx of agentic AI that is promising to transform industries. There is certainly a lot of air in the AI bubble – but can AI agents deliver on everything their developers claim?
In identity verification circles, the acronym party is about to get a bit more crowded. Seattle’s Vouched assumes you know your customer, and probably your businesses – and that you follow corresponding KYC/KYB compliance regulations. But what about those who are neither customer nor business?
How can you know which AI agents to trust?
Some might invoke the 1990s sci-fi TV series, The X-Files, and its advice to “trust no one.” Vouched, however, says it can sort the good from the bad. It calls its new free, open KnowThat.ai Agent Reputation Directory – i.e., a Know Your Agent (KYA) reference – part of its “groundbreaking solution designed to address the critical gap in identity and trust for autonomous software agents.”
A release says Know That AI allows users to verify agent identities and review reputation data, with a core focus on fraud prevention and digital trust. It is a “community-driven system,” wherein Model Context Protocol (MCP) servers can “report on the behavior of software agents (good or bad) to lead to a community-driven assessment of that agent’s trustworthiness.”
Vouched is also pushing an identity extension to the MCP: the so-called MCP-I specification. A primer on the MCP-I specification puts forth the argument that “MCP is terrific, but one big thing is missing: strong identity.”
“Without a robust identity model, agents can’t truly act autonomously or securely,” says the post. “The MCP-I (I for Identity) specification addresses this gap – introducing a practical, interoperable approach to agentic identity.”
Vouched also offers its turnkey SaaS Vouched MCP Identity Server, which provides easy-to-integrate APIs and SDKs for enterprises and developers to embed strong identity verification into agent systems.
While the Agent Reputation Directory and MCP-I specification are open and free to the public, the MCP Identity Server is available as a commercial offering.
“Thinking through strong identity in advance is critical to building an agentic future that works,” says Peter Horadan, CEO of Vouched. “In some ways we’ve seen this movie before. For example, when our industry designed email, they never anticipated that there would be bad email senders. As a result, we’re still dealing with spam problems 50 years later. We can’t make the same mistake as we build software agents. The work we have released today solves these problems.”
Microsoft believes the workforce of the future is the so-called “Frontier Firm” – “a new type of organization characterized by on-demand intelligence and a workforce where humans and agents work in tandem.” A blog post quotes Microsoft’s 2025 Work Trend Index, which says “we expect every organization will be on their journey to becoming a Frontier Firm within the next two to five years.”
This scenario is only feasible, says Microsoft, if it is “grounded in security” – not, indeed, job security for human workers, but rather a “Zero Trust foundation to protect the workforce and a new generation of Frontier Firms.”
Securing the agentic workforce will take work, since pesky media feeds can be easily hijacked by deepfake injection attacks and other malicious forms of AI-assisted fraud. “The number of password cyberattacks has increased to approximately 7,000 password attacks per second, and identity-based cyberattacks now account for nearly 80 percent of breaches,” Microsoft says.
“Identity is the new perimeter and Microsoft Entra, with more than 900 million monthly active users today, plays a pivotal role in securing all identities in the agentic era.”
The megafirm’s new Microsoft Entra Agent ID is here to help. The product “extends identity management and access capabilities to AI agents,” automatically assigning AI agents created within Microsoft Copilot Studio and Azure AI Foundry identities in a Microsoft Entra directory – “analogous to etching a unique VIN into every new car and registering it before it leaves the factory.”
Microsoft Entra Agent ID will be integrated with the ServiceNow AI Platform and the Workday Agent System of Record, to allow for “automated provisioning of identities for future digital employees.”
To handle the half-human, half-bot workforce, Microsoft has also extended its Microsoft Purview data security and compliance controls to any custom-built AI app with the native software development kit (SDK).
“This means that AI agents can now inherently benefit from Microsoft Purview’s robust data security and compliance capabilities. Developers can leverage these controls to help reduce the risk of their AI applications oversharing or leaking data, and to support compliance efforts, while security teams gain visibility into AI risks and mitigations.”
Lastly, Microsoft Defender now integrates “AI security posture management recommendations and runtime threat protection alerts directly into Azure AI Foundry” for more efficient response.
“There are a lot of talks about AI,” says Meir Wahnon of authentication firm Descope, in a talk about AI for KuppingerCole’s European Identity and Cloud (EIC) Conference, exploring identity challenges in the agentic era.
An early slide outlining definitions tells us that AI agents are ushering in a new definition of the word “tools,” which he calls “one of the big changes that’s happening this year around agentic AI, giving the ability to LLMs to actually do and act with permission on behalf of the user, interact with permission on behalf of the user, interact with third-party APIs,” and so on.
Tools aside, what are the challenges for agentic AI? “The biggest one is security,” he says. But interoperability and scale are also hurdles, and making the leap from concept to production is no easy feat: “less than two fifths of AI projects have successfully transitioned to production.”
Wahnon says we must agree on an interoperable identity infrastructure for the agentic era now, not later. The age of plain old bots is over, and it has already become much harder to distinguish between AI agents and real humans online.
The potential for awkward situations to arise at the hands of AI agents is high. Wahnon imagines a scenario in which an AI agent asked to book a vacation decides to splurge on an unaffordable hotel. Mitigation strategies are necessary, including comprehensive identity validation frameworks.
He argues for a “new agentic auth paradigm” that is standards-based, offers granular control and is interoperable. Wahnon offers his own take on MCP architecture, which he says is “changing all the time,” as well as the Agent2Agent (A2A) protocol.
Agentic AI also gets a boost in an opinion piece for Canada’s Globe and Mail. Don Tapscott, co-founder of Blockchain Research Institute, chancellor emeritus of Trent University and author of the forthcoming book, You to the Power of Two: Human Potential in the Age of Identic AI, argues that political and business leaders in Canada “must build a more resilient, independent economy” that is “fit for the digital age.”
Tapscott says the meaning of infrastructure has fundamentally shifted toward digitization and data: “Canada needs digital public infrastructure,” he writes. The pillars are digital identity and, of course, AI.
“The first foundational layer is a self-sovereign digital identity for every Canadian. This isn’t about centralized, government-issued IDs that spark fears of surveillance. It’s about giving individuals control over their own data. Powered by blockchain and AI, such a system would let Canadians manage their digital information securely and in a decentralized way.”
And, says Tapscott, “by decade’s end, millions of Canadians – especially professionals – will use AI agents to manage tasks, make decisions and augment their capabilities. These ‘identic’ agents will be digital extensions of ourselves, trained on our data and able to act as roles such as work assistants, private doctors, life mentors and financial planners.”
But, Tapscott also envisions a world in which AI increases social gaps. “Those with intelligent agents will be superpowered; those without will fall behind,” he says. “A small class of enhanced individuals could dominate productivity, creativity and influence. If only a minority of Canadians are equipped to thrive in the digital economy, we will never close our productivity gap.”
Another element, he says, is public infrastructure for digital commerce – “public rails for digital transactions.”
In the end, Tapscott is among those convinced that agentic AI is an inevitable, inextricable part of our future as humans, and that those who ignore it will be left behind. He frames his argument in terms of productivity, competitiveness and indeed survival: “every citizen, regardless of income, must have a trusted, safe and capable AI agent, and the know-how to manage it.
And yet his vision for a “universal basic AI” is not, in the end, all that different from OpenAI CEO Sam Altman’s latest promise to deliver an LLM that can fit in your pocket and be with you always – like an omniscient god, or perhaps a pesky leech.
Originally published on Biometric Update. For more details, visit the source.