Mastercard and Google Open-Source Verifiable Intent Standard for AI Agents
Mastercard and Google have open-sourced a specification called Verifiable Intent to address the gap in proving that a human authorized a specific transaction made by an AI agent.
Why it matters
Verifiable Intent provides a standard to prove human authorization for transactions made by AI agents, which is critical as the agent commerce market is projected to grow rapidly.
Key Points
- 1Verifiable Intent links the identity of the human, their expressed intent, and the agent's action into a tamper-resistant record
- 2Several protocols have launched to enable AI agents to make purchases, but none of them prove human authorization for specific transactions
- 3The agent commerce market is projected to reach $1 trillion in the US by 2030, making the need for verifiable authorization urgent
Details
The Verifiable Intent specification uses a layered credential format based on Selective Disclosure JSON Web Tokens. It allows the human user to constrain the agent's parameters, such as spending limits and approved merchants, and cryptographically delegate the authorization to the agent. This ensures that any agent action outside the delegated parameters is cryptographically detectable. The specification defines two modes - immediate authorization with the human present, and autonomous mode where the human sets boundaries in advance. Selective Disclosure ensures each party only sees what they need to, preserving privacy. This specification is designed to address a legal precedent established by a recent court ruling that user permission to an AI agent does not equal platform authorization, which the entire agent commerce industry will need to navigate.
No comments yet
Be the first to comment