The Agentic Revolution: Navigating Identity, Authorization, and Trust in a World of Software Agents

“Agentic” is the buzzword of 2025.  And for good reason.  Soon, software agents will automate so many of the things we do every day and make our lives easier.  There are so many examples – from a software agent that can plan and book your next vacation, to driving your car, to paying your bills, and so on. Personally, I can’t wait to use them.

But there are a few big things still to figure out about the future of software agents.  And a really big one that has received almost no attention so far is identity.

An agent is a non-human actor.  The industry is predicting that, due to the success of agents, soon there will be more non-human actors on the Internet than human ones.  Let’s step through some of the identity issues we’re going to face.

First: Telling good agents from bad.

Most of the talk about agents assumes they will all be working for good.  But anyone who’s been around a while can predict that there will probably be a lot more bad agents than good ones.  As soon as fraudsters figure out they can release software agents to do their dark work remotely and at a huge scale, we’ll see a ton of bad agents.

So far, there is no proposed way to tell good agents from bad agents.

In some ways we’ve seen this movie before.  Email has been around since the 1970s, and the idea that there would be bad email senders was never contemplated in the design of email.  As a result, we’re still dealing with the very real problem of email spam, 50 years later.

We can’t make the same mistake with software agents.  We’ve got to realize that agents will come in varying degrees of good to bad intent, and we need a way to sort the good from the bad.

Second: Understanding human authorization of agents

Next, let’s take that travel booking example.  Say I tell a software agent I need a vacation this weekend in Hawaii.  It goes off and finds me a flight, a hotel, and a beach. This is awesome.

But now when the agent goes to book my flight, how does the airline know that that agent is authorized to work for me?  For example the agent may want to use my miles to book the flight – how will the airline know to let the agent in my account?

Things get even worse in regulated industries.  Let’s say a software agent wants to renew my prescription so I can pick up a refill tomorrow.  Well if my doctor even acknowledges the existence of that prescription to an agent, and the agent isn’t really working for me, then my doctor just violated HIPAA.  Similar peril holds for the banking industry and many others.

Current thinking seems to anticipate that my agent will have my username and password at the airline.  This is highly insecure and will never work at scale.  And it falls apart even more if my airline wants to use a second factor, such as sending a one-time-password to my cell phone.  If I have to get an OTP on my phone every time any agent wants to do anything for me, we’ll smash the things.  We need a better way.

Third: Legal Agreements

Our third issue is that of legal agreements.

We may give it little thought, but so much of what we do on the Internet includes a “click wrap” agreement – those little checkboxes that say I agree to terms and conditions.  We often have to click them to proceed.

Take that airline example, for instance,  When you purchase a plane ticket, you must agree to the airline’s contract of carriage by checking that box.  If you do not, the airline won’t sell you the ticket.  Just try getting the “purchase” button to work if you haven’t checked the box to agree to the terms.  You can’t.

The reason is simple: that agreement contains essential protections the airline must have in place.  It limits their liability in terms of a crash, if they lose your luggage, and so on.  They simply will not sell a ticket without it.

But, if we have an agent buying my ticket, how can the agent agree to the terms for me?  It can’t.  So once the airline knows that this is a software agent buying this ticket (and it will), it cannot rely on the agent to make that agreement.  And it can’t sell a ticket without the agreement in place, so what do we do now?

And if as predicted there are soon more non-human actors than human actors, this is a problem that must be solved.

Organizations are going to need to think through how to deal with this reality.  We may need a way to establish a protocol – similar to power of attorney – where a human can authorize a software agent to make agreements on its behalf.

Can you ignore all this?

Many may read these issues and think this is a problem for someone else or for the far-off-future.  But if you have a presence on the Internet, you will soon see many software agents showing up at your doorstep.  This industry is moving astonishingly quickly.  Security and identity problems seem to feel unimportant until, due to a crisis or a breach, they become tremendously important.

Every business can benefit from thinking about these issues in advance and getting systems in place now before the agent hordes arrive at your doorstep.

Originally published on The AI Journal. For more details, visit the source.