The Race Is on to Keep AI Agents From Running Wild With Your Credit Cards

· ai-agents ai security · Source ↗

TLDR

  • FIDO Alliance launches two working groups to set security standards for AI agent transactions, with Google and Mastercard as founding contributors.

Key Facts

  • Google contributed the Agent Payments Protocol (AP2), which cryptographically verifies a user intended a given agent-initiated transaction.
  • Mastercard co-developed the Verifiable Intent framework with Google to let users authorize and control agent actions with selective disclosure.
  • FIDO Alliance CEO Andrew Shikiar compared the current moment to the early password era, calling it a chance to build a better security foundation before bad patterns entrench.
  • Mastercard CDO Pablo Fourez said the pace of agentic AI compresses standards timelines that previously took two to three years.

Why It Matters

  • Without these standards, AI agents acting on users’ behalf have no shared mechanism to prove authorization, creating openings for agent hijacking or rogue instructions.
  • The initiative targets interoperability across platforms, merchants, and payment providers, not just one company’s implementation.

Lily Hay Newman, WIRED · 2026-04-28 · Read the original

Related coverage