At the recent Microsoft Build event, Au10tix got a public endorsement from Microsoft as an ideal match for AI agents built with MC Copilot. The two firms have enjoyed a long partnership: Au10tix is a top-tier Microsoft Verified ID credentials issuer and verification partner. But the emergence of AI agents, and the potential benefits and risks in using agentic AI to make decisions and perform transactions for us, is reshaping the identity and security landscape.

In an interview with Biometric Update, Ofer Friedman, chief business development officer for Au10tix, describes how an AI agent might, for instance, find and book the cheapest tickets for a flight. “Simply put,” he says, agentic AI is “a way of assembling all the tools that you might need to make decisions with the information that you might need to do that, and the actions that you can do based on it.” The Microsoft Copilot demo at Build is notable because it looked at a use case that is highly vulnerable to fraud, and sticky about identity and compliance: insurance claims. “When it’s about claims or financial services as a whole, and the regulations mandate, that’s where we come into play,” Friedman says.

While the complexity increases in financial transactions, it also loops in identity verification – which, Friedman says, has to date been relatively straightforward for learning models, because of its highly structured nature. “I need your ID. I need your face picture if I don’t know you yet.

And then I need to check the data against something.” For the first part, “you need just an effective deep checking type of solution, a multilayered solution like ours. In order to do biometrics, you have pretty good solutions right now. They don’t do 100 percent, but they do it well enough.” Identity data becoming more complex: Friedman But it’s the referencing data against another source that increases the complexity.

Friedman compares it to a brain monitoring device that uses many contact points to generate readings. “You’re migrating from a simple, let’s check a document, let’s check a biometric, to a kind of minestrone soup of many indicators. It has to have lots of points, otherwise it doesn’t make sense.” Friedman believes the world is heading toward a scenario in which identity data of one sort or another is constantly being generated and distributed by the Internet of Things (IoT).

“So what you’re looking at is the emergence of using AI to create a situation where the inputs you need are so vast and distributed all over the place, that it doesn’t make sense to do it manually or in a simplistic way. You have to search for it.” “In those systems, the main thing is to get all those connections connected to all these places, and then you can make effective decisions. Now, in terms of the agentic AI side, this adds an extra layer of obfuscation, if you will – where now we have not just the proving of identity as in I know who you are, but this idea of proving humanness.

Understanding who a bot or an agent is functioning for, and understanding that they are genuine and authentic.” Cybersecurity, identity verification continue to converge This is where the inevitable questions about fraud vulnerabilities come in. The proof-of-personhood (PoP) market is predicated on the idea that the influx of AI will mean people need a way to know they’re dealing with real humans making genuine requests. Friedman identifies two main vectors for fraud.

“One of them is obviously what everyone is talking about, deepfakes and that sort of thing.” But he notes that real-time fraud – biometric injection attacks – have shifted the locus of verification to real-time as well, wherein liveness detection and responsive behavior are as important as knowing if an image is real. “Most of the identity fraud that has been taking place, or let’s say has been made public or making headlines taking place, is one of someone doing a phone call or a video call to a bank, pretending to be the bank’s CEO or something. So the credentials are becoming less and less relevant in terms of the ID in your pocket.

And it’s more the ability to know that I’m actually talking to Mr. McConvey, and he’s there behind the camera and not somebody else.” The result is a growing convergence between identity verification and cybersecurity. This, Friedman says, is reflected in Au10tix’s partnership with Microsoft. Friedman says Microsoft “understood from the onset that you need a kind of ecosystem.” That started with B2B credentials – but is now evolving to keep pace with new opportunities and risks in an identity verification and authentication sector complicated by rapid technological evolution.

“It was clear from the beginning that digital credentials are not just for companies. They are not a B2B situation. The B2B was just a dry run, in order to understand how all those systems need to be connected.

So now it is becoming mature enough for Microsoft to say how this will play inside a complete process, which also includes the risk elements.” “The main challenge right now is to throw into the pot all the different elements, and understand who should be out, who should be in, and why.” Explainability will be very big deal In this, Friedman believes explainability will be a “big, big, big deal” in the coming years, and a key to the success of a functional, AI-populated internet. He notes that “there are already regulations around explainability in the US, in Europe, in main markets.” The basic idea is, there needs to be a way to corroborate decisions made by AI, so as not to, in Friedman’s words, “kick out good customers.” It’s in this spirit, he says, that Au10tix’s relationship with Microsoft continues to “mature to fuller processes” and adapt to agentic AI and rapid evolution of fraud techniques, so as not to be chasing “yesterday’s fraud.” “It’s an ongoing battle,” Friedman says. “I don’t see any magic spell that will make fraud disappear.

The market as a whole is in a transitional situation now: the threat has been changing, the tools have been changing and the concept of how and when to identify you has been changing.” Friedman envisions “many, many more points” of identity data: “it will be much more immersive the question of identifying who you are and it probably will encompass anything you do because you are carrying the devices that track you and track what you do all the time.” “It’s an emerging situation between identity verification, cyber identity and credential management, and then tying it to all those points waiting to be identified.” He concedes “we are living in a dangerous reality” – “but the whole idea here is that these companies like us are trying to think of those two steps forward and the methodologies have to change because the pace of change of the threats is of that nature.” His final message? “Don’t be discouraged.” Article Topics AI agents | AI fraud | AU10TIX | biometrics | cybersecurity | digital identity | explainability | identity verification