Experian’s announcement that Akamai Technologies has joined its Agent Trust™ partner ecosystem alongside existing partner Skyfire is a significant signal that the market has moved beyond debating whether agentic commerce needs new identity infrastructure and into the phase of actually building it.

As autonomous AI agents reshape digital commerce, enterprises must rethink how they measure trust, security, and transaction intelligence at scale. From identity verification to edge-based behavioural validation, the next generation of AI-driven commerce will depend on robust performance metrics and governance frameworks. Discover the critical KPIs driving success across leading AI platforms and stay ahead of the evolving agentic economy with this exclusive report

The Trust Gap That Autonomous Commerce Opens

To understand why the Experian-Akamai partnership matters structurally, it helps to be precise about the specific failure mode it is designed to prevent.

Current fraud prevention and authentication systems are built around human behavioural signals. Device fingerprinting, behavioural biometrics, transaction velocity analysis, and anomaly detection all operate on baseline models of how human users interact with digital commerce environments. When an AI agent executes a transaction, it behaves differently with machine consistency, at machine speed, without the micro-behavioural variability that human interaction creates. Existing fraud models have no reliable way to distinguish between a malicious bot executing an unauthorised transaction and a legitimate AI agent executing an authorised one on a user’s behalf.

That distinction matters enormously. A shopping agent with delegated authority to purchase within defined parameters is a legitimate transaction actor. An agent that has been compromised, hijacked, or that is misrepresenting the scope of its authority is a fraud vector. Without infrastructure capable of verifying the agent’s identity, confirming the human principal behind it, validating the scope of delegated authority, and assessing transaction risk in real time, the two are indistinguishable to current systems.

This is not a future problem. AI agent deployment in commerce contexts from automated procurement to AI-assisted purchasing is already underway at scale. The fraud and misrepresentation risk it introduces is accumulating against an infrastructure gap that the industry has not yet closed.

What the Agent Trust Framework Actually Does

Experian’s Agent Trust framework approaches the identity verification problem across three connected layers that collectively establish what the company describes as “human-to-agent binding” a persistent, auditable link between a verified individual, their devices, and the AI agents acting on their behalf.

The first layer is identity issuance. When a verified consumer authorises an AI agent to act on their behalf, Experian issues an Agent Trust token encoding identity confirmation, consent documentation, delegated authority scope, and real-time transaction risk assessment. This token travels with the agent through commercial interactions, providing downstream systems with verifiable evidence of authorisation at the point of transaction.

The second layer, where Akamai’s capabilities operate, extends that trust model to the network edge. Akamai’s position as a global leader in edge computing and security means it processes traffic both human and agent-generated at the infrastructure layer before it reaches merchant and commerce systems. Within the Agent Trust framework, Akamai evaluates agent-driven traffic in real time, validates declared agent identity against behavioural signals and user context, and applies edge-based decisioning to determine whether access and transaction execution should proceed.

This combination declared identity from Experian’s issuance layer and continuous behavioural validation from Akamai’s edge layer creates a layered trust model that is harder to spoof than either component alone. A stolen or fabricated agent identity token that does not match expected behavioural patterns would face enforcement at the edge before reaching transaction execution. An agent exhibiting anomalous behaviour that does hold a valid token would face challenge and verification before proceeding.

The third layer is the Experian Agent Registry a dynamic trust scoring system that maintains ongoing assessments of human-bonded AI agents over time. This moves agent trust from a point-in-time verification event to a continuous posture assessment, building a track record of agent behaviour that informs future transaction risk decisions.

KYAPay and the Standardisation Imperative

The participation of Experian, Akamai, and Skyfire in the KYAPay initiative an extension of the Know Your Agent protocol carries significance that extends beyond the specific partnership announcement.

For agentic commerce infrastructure to function at scale, it cannot rely on proprietary trust frameworks implemented differently across every platform, merchant system, and payment network. The same network effects that made card payment interoperability foundational to digital commerce apply to agent identity verification: a trust framework that only works within one vendor’s ecosystem creates fragmentation that limits adoption and leaves the gaps between ecosystems as exploitable seams.

KYAPay introduces a standardised mechanism for agents to declare intent and enables tokenised payment credentials that work across participating systems. Know Your Agent provides a consistent identity declaration protocol that agent developers can implement once and that businesses can rely on across provider boundaries. These standards are early-stage, but their existence and the participation of three significant commercial actors in their development signals that the industry is taking the interoperability question seriously rather than allowing proprietary fragmentation to define the category.

For enterprises evaluating their own exposure to agentic commerce risk, the emergence of these standards is a timeline indicator: the infrastructure for trustworthy agent identity is being built now, which means the window for defining internal governance frameworks, evaluating vendor positioning, and assessing fraud exposure from unverified agent activity is the current cycle, not a future planning horizon.

Fraud Prevention at Agentic Scale The Numbers Behind the Infrastructure

Experian’s existing identity verification and fraud prevention infrastructure helps clients avoid an estimated $15 to $19 billion in fraud losses annually. That figure provides context for understanding the commercial stakes attached to getting agent identity verification right.

If autonomous AI agents transact at even a fraction of the volume that human-initiated digital commerce currently represents and enterprise deployment trajectories suggest they will the fraud exposure associated with unverified agent activity will scale proportionally. The attack surface is not simply existing fraud vectors executing faster. It is existing fraud vectors plus novel categories of misrepresentation and unauthorised delegation that autonomous action specifically enables.

Akamai’s edge security capabilities processing, assessing, and enforcing against traffic at global scale before it reaches backend systems are architecturally suited to the volume and velocity requirements that agentic commerce creates. The combination of Experian’s identity depth and Akamai’s edge enforcement capacity is a credible answer to the infrastructure scale question that any serious enterprise fraud prevention leader should be asking.

What Enterprise Security and Commerce Leaders Should Be Assessing Now

The Experian-Akamai partnership and the KYAPay standardisation initiative collectively represent a market signal that security, fraud, and commerce leadership teams should be processing as a near-term programme priority rather than a strategic watch item.

Enterprises deploying AI agents in procurement, customer service, or commerce contexts or planning to do so within the next 12 to 24 months need a governance framework for how those agents are authorised, what transaction scope they carry, and how that authority is verified by downstream systems. The absence of that framework is not a theoretical gap. It is a current fraud exposure that existing detection systems are not equipped to catch.

Merchants and payment processors receiving increasing volumes of agent-driven transactions need to evaluate whether their current fraud decisioning infrastructure can distinguish between authorised autonomous transactions and compromised or fraudulent agent activity. The behavioural signals those systems rely on were calibrated against human transaction patterns. They require re-calibration or supplementation with agent-specific verification capability to remain effective.

Security and identity teams at financial institutions should be tracking the KYAPay standards development and evaluating how agent identity declaration protocols map against existing KYC and AML frameworks. The regulatory question of whether AI agent-initiated transactions carry the same verification obligations as human-initiated transactions is not yet settled, and positioning ahead of regulatory clarity is consistently less costly than retrofitting compliance after it arrives.

Identity Is the New Perimeter for Agentic Commerce

The security industry has spent a decade establishing that identity, not network location, is the meaningful perimeter for enterprise security. Zero-trust architectures, continuous authentication, and identity-centric access models all reflect this shift.

Agentic commerce extends that principle into a domain where identity has never been systematically addressed: the autonomous, non-human actor operating with delegated authority on behalf of a verified principal. The infrastructure that Experian, Akamai, and Skyfire are assembling token-based identity issuance, edge enforcement, behavioural validation, dynamic trust scoring, and interoperable standards is the identity perimeter for a commerce environment where human presence at the point of transaction is increasingly optional.

The organisations that treat this infrastructure as foundational rather than as a future capability to be evaluated when agentic commerce matures will define the trust standards that the rest of the market follows. The organisations that defer will spend the intervening period accumulating fraud exposure that neither their detection systems nor their governance frameworks are equipped to manage.

Trust, as Experian’s framing correctly identifies, does not scale automatically alongside autonomous commerce. It has to be built. The building is now underway.

Research and Intelligence Sources: Experian, Akamai Technologies, Skyfire, NIST Digital Identity Guidelines, OWASP Automated Threats to Web Applications

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com