FIDO Alliance, Google, and Mastercard Launch Industry Initiative to Standardize Security and Payments for Agentic AI

The FIDO Alliance, a global industry association dedicated to reducing the world’s reliance on passwords, announced on Tuesday the formation of two new working groups aimed at establishing security and payment standards for the burgeoning field of agentic artificial intelligence. This initiative, bolstered by foundational contributions from tech giant Google and financial services leader Mastercard, seeks to address the unique security vulnerabilities presented when AI agents act autonomously on behalf of human users. As AI transitions from a conversational tool to an "agentic" entity capable of executing financial transactions and managing digital services, the industry is racing to ensure these interactions are secure, verifiable, and resistant to malicious exploitation.

The primary objective of these working groups is to create a standardized, protective baseline that can be implemented across diverse industries. This framework is designed to empower users to authorize agent-driven actions through mechanisms that are inherently resistant to phishing and unauthorized takeovers. By utilizing cryptographic tools and privacy-preserving frameworks, the FIDO Alliance aims to provide digital service providers with the means to confirm that an agent is legitimately carrying out an authenticated person’s specific instructions. This move marks a critical shift in digital security, moving beyond human-to-machine authentication to a more complex paradigm of machine-to-machine interactions authorized by a human principal.

The Evolution of Agentic AI and the Security Gap

Agentic AI represents the next frontier of artificial intelligence, where large language models (LLMs) and other AI systems are granted the agency to perform tasks, make decisions, and interact with third-party services. Unlike traditional AI, which might simply provide information or generate text, agentic AI can book flights, manage calendars, and, crucially, initiate financial payments. While this promise of automation offers significant productivity gains, it also introduces a new surface area for cyberattacks.

Existing security models, many of which were developed decades ago, were primarily designed for direct human interaction. Passwords, multi-factor authentication (MFA), and biometric scans are built on the assumption that a human is present at the moment of the transaction. Agentic AI disrupts this assumption. If an AI agent is tasked with monitoring a marketplace and purchasing an item when the price drops, the human user may not be present when the transaction occurs. This creates a "security gap" where traditional authentication methods fail to provide the necessary guardrails.

The risks are multifaceted. Malware could infect an agent, or "prompt injection" attacks could trick an AI into following rogue instructions from an unauthorized party. Furthermore, the lack of a standardized protocol for verifying agent intent means that merchants and payment processors currently have no unified way to distinguish between a legitimate agent-initiated transaction and a fraudulent one.

Chronology of the Initiative and Technical Contributions

The push for standardization has been accelerated by the rapid advancement of AI capabilities over the last 24 months. The timeline of this initiative reflects an industry-wide realization that security must be proactive rather than reactive.

In early 2024, internal discussions between Google and Mastercard began to focus on the "verifiable intent" of AI agents. Recognizing that a fragmented approach would hinder global adoption, the companies opted to bring their research to the FIDO Alliance. On Tuesday, this collaboration became public with the announcement of the two specialized working groups.

To kickstart the development process, both Google and Mastercard are contributing significant open-source intellectual property:

1. Google’s Agent Payments Protocol (AP2): This protocol provides a cryptographic mechanism for verifying that a specific transaction initiated by an agent was truly intended by the user. AP2 ensures that the agent cannot deviate from the user’s pre-defined parameters—such as spending limits or specific vendors—without re-authentication.
2. Mastercard’s Verifiable Intent Framework: Developed in coordination with Google to work alongside AP2, this framework allows users to maintain control over their agents. It focuses on the authorization layer, ensuring that the "intent" of the user is cryptographically bound to the transaction, providing a trail of accountability.

Stavan Parikh, Google’s Vice President and General Manager of Payments, emphasized that the goal is to provide "cryptographic proof" of authorization while maintaining user privacy through "selective disclosure." This means that while a payment network can verify that a transaction is authorized, it does not necessarily need access to the private data or the full history of the user’s interactions with the AI agent.

Supporting Data: The Rising Cost of Digital Fraud

The necessity for these new standards is underscored by the escalating landscape of digital fraud. According to recent cybersecurity reports, identity-related attacks remain the primary vector for data breaches. In 2023, phishing attacks saw a 40% increase globally, with attackers increasingly using AI to craft more convincing lures.

Financial implications are equally stark. The Nilson Report, which tracks the global payment industry, projected that losses from card-not-present (CNP) fraud could exceed $43 billion by 2026. As AI agents begin to handle more of these transactions, the potential for "agent hijacking" could exponentially increase these figures if standardized protections are not in place.

Furthermore, a 2024 survey by Gartner indicated that while 70% of organizations are exploring agentic AI to improve operational efficiency, nearly 60% cite security and privacy as the primary barriers to deployment. The FIDO Alliance initiative aims to lower these barriers by establishing a trust layer that is currently missing from the ecosystem.

Official Perspectives and Industry Reaction

Andrew Shikiar, CEO of the FIDO Alliance, noted the historical significance of this moment. He drew parallels between the current state of AI and the early days of the internet, when security was often an afterthought. "If we look back on our work in recent years on the massive problem space of passwords, that originated decades ago," Shikiar stated. "The security foundation for what became our connected economy wasn’t fit for purpose. Now we’re at a similar precipice with agentic agents."

The sentiment among financial institutions and technology providers is one of cautious optimism. By establishing these standards now, the industry hopes to avoid the "patchwork" security landscape that characterized the era of passwords. The involvement of Mastercard and Google is seen as a vital signal to the rest of the market. When major players commit to a unified protocol, it creates a "network effect" that encourages smaller developers and merchants to follow suit.

While not yet formally part of the working groups, other major tech firms and financial entities have expressed support for the concept of interoperable AI security. Industry analysts expect that as the working groups begin their deliberations, more participants from the retail, banking, and AI development sectors will join the FIDO Alliance’s efforts.

Technical Implications: Selective Disclosure and Cryptographic Accountability

One of the most innovative aspects of the proposed standards is the focus on "selective disclosure." In a traditional transaction, a user often shares more information than is strictly necessary to complete a purchase. In an agentic environment, the risk of data oversharing is even higher.

The frameworks being developed by the FIDO Alliance will likely utilize Zero-Knowledge Proofs (ZKPs) or similar cryptographic methods. These allow an agent to prove it has the authority to spend $100 at a specific store without revealing the user’s entire bank balance or their primary login credentials. This "need-to-know" basis for data sharing is essential for maintaining privacy in an era where AI agents may interact with hundreds of different services daily.

The concept of accountability is also paramount. If an AI agent makes an unauthorized purchase due to a technical glitch or a malicious instruction, there must be a clear mechanism for recourse. By having a standardized, cryptographically signed record of "verifiable intent," consumers and financial institutions can more easily resolve disputes. This transparency is expected to be a cornerstone of the new FIDO standards.

Broader Impact on the Connected Economy

The successful implementation of these standards could redefine the "connected economy." In a world where AI agents can securely manage commerce, the friction of everyday tasks is significantly reduced. Stavan Parikh’s example of the "sneaker drop" illustrates this: a consumer who cannot be online at the exact moment a limited-edition product is released can trust an agent to execute the purchase within strict price and authenticity parameters.

Beyond retail, the implications extend to:

• Healthcare: Agents could securely manage insurance claims and pharmacy payments while protecting sensitive medical data.
• Corporate Procurement: Autonomous agents could handle supply chain transactions, ensuring that orders are only placed with verified vendors at pre-approved rates.
• IoT (Internet of Things): Smart devices, such as refrigerators or electric vehicles, could autonomously purchase supplies or charging services using the FIDO-standardized protocols.

However, the path to widespread adoption will be long. Developing technical standards that work across different operating systems, browsers, and payment networks is a painstaking process that typically takes years. The FIDO Alliance has acknowledged this challenge, stating that the rapid pace of AI development requires a more accelerated timeline than previous standardization efforts.

Conclusion and Future Outlook

The launch of these working groups by the FIDO Alliance, Google, and Mastercard represents a proactive attempt to secure the future of autonomous digital interactions. By addressing the security and payment challenges of agentic AI today, the industry is laying the groundwork for a more resilient and trustworthy digital economy.

As the working groups begin their sessions, the focus will remain on interoperability and ease of use. For agentic AI to reach its full potential, the underlying security must be invisible yet unbreakable. The transition from passwords to passkeys was a major step in human-centric security; the move toward verifiable intent for AI agents marks the beginning of the next era—one where machines can act on our behalf with the same level of trust we accord to our most secure personal devices. The coming months will be critical as the FIDO Alliance works to translate these high-level frameworks into the technical specifications that will govern the next generation of AI-driven commerce.