Andrew Shikiar, CEO and Executive Director, FIDO Alliance
AI agents are starting to change how people and businesses get things done online. The shift is fundamental: agents can research, make decisions, manage tasks and complete transactions on our behalf. The productivity gains for individuals and enterprises alike are enormous, and the pace of adoption is faster than many anticipated.
But there is a fundamental problem standing between the promise and the reality: trust.
The entire trust infrastructure of the internet was built around the reasonable assumption that a human is at the keyboard. Every login, authentication prompt and verified transaction was designed to answer a single question at a specific moment: are you who you say you are?
AI agents break that assumption. People still direct these interactions but they are no longer carrying them out themselves. And without agreed standards for how trust, authorization, and user intent work in that model, the agentic opportunity stalls.
This missing trust layer is the gap the FIDO Alliance is moving to close.
We’ve seen this before
As the internet scaled globally, it brought passwords with it almost by default, despite being fundamentally unfit for purpose.
Without an appropriate trust layer, we experienced a credential theft epidemic as the internet became ubiquitous in our lives. Billions of stolen passwords trading on dark web marketplaces, and practically every person with an online account has likely fallen victim to a breach – whether they are aware of it or not.
The FIDO Alliance was formed to answer this challenge – not with a proprietary fix, but with open, interoperable standards built through industry collaboration. The result was passkeys: phishing-resistant authentication that takes knowledge-based credentials out of the equation, while making sign-in simpler and easier to use. Passkeys are now available on virtually every modern computing device, and are increasingly the default way people prove who they are online.
And now we’re seeing it again
Analysts project agentic commerce alone could reach $5 trillion globally by 2030, according to McKinsey & Company. That economy is being built right now, without agreed standards for how trust, authorization, and user intent should actually work. People are already adopting agentic workflows, demonstrating the huge potential for good and ill in equal measure.
We cannot make the same mistake again. We know there is a trust gap in agentic AI but, unlike the early explosion of the web, we already have the means to close it.
Open agentic infrastructure
Today, the FIDO Alliance is announcing the formation of an Agentic Authentication Technical Working Group, chaired by FIDO members from CVS Health, Google, and OpenAI, and co-chaired by members from Amazon, Google and Okta. Alongside this, our Payments Technical Working Group chaired by FIDO members from Visa & Mastercard will develop agentic payment specifications building on foundational contributions from Google and Mastercard.
Google’s Agent Payments Protocol (AP2) introduces a model for secure delegation, verifiable authorization, and trusted transaction execution. Mastercard’s Verifiable Intent framework, co-developed with Google and compatible with AP2, enables users to authorise and control agent-initiated actions on their behalf. Both have been contributed to FIDO’s specification development process to help ensure that these initiatives are open, interoperable and positioned for global utilization.
FIDO’s work will focus on three things: 1) giving users phishing-resistant mechanisms to authorise agent actions; 2) allowing services to cryptographically verify that agents are acting legitimately on behalf of authenticated users; and, 3) defining how agent-initiated transactions execute within clear, user-controlled boundaries.
That is the model the agentic internet requires.
Trust must be provable
Standards alone are not enough – their value depends on consistent, verifiable implementation.
FIDO’s certification programs ensure that implementations meet the specifications, and that trust is demonstrable – not assumed.
As with passkeys, the objective is not security at the cost of simplicity. It is both, together. The agentic era requires delegation models that people can understand and control, alongside security that works intuitively without constant user intervention.
If we get this right, the path to broad agentic adoption becomes clear. Individuals can offload complex tasks with confidence. Businesses can automate workflows without introducing new risks. Services can accept agent-initiated interactions without added friction. The projected $5 trillion opportunity becomes tangible because the trust foundation beneath it is real.
This moment matters immensely. The decisions made in the coming months will shape the trust architecture of the internet for the next decade. FIDO has been in this position before – bringing industry together to solve a foundational challenge. We are ready and excited to do so again, working with our members and partners to help deliver an agentic ecosystem the world can trust.
