KYA: the four pillars of agent identity - authentication, mandate verification, behavioural fingerprinting, and principal traceability..
| Dimension | Traditional UX | Agentic Experience Design (AXD) |
|---|---|---|
| Primary material | Attention and affordance | Trust and delegation |
| User state | Present, navigating | Absent, delegating |
| Design output | Screens and interfaces | Outcomes and constraints |
| Temporal model | Session-based | Relationship-based |
| Success metric | Task completion | Trust calibration |
Know Your Agent (KYA) is a framework for verifying the identity, authority, and trustworthiness of autonomous AI agents. Modelled on Know Your Customer (KYC) in financial services, KYA establishes the verification standards that enable businesses and systems to trust that an agent is who it claims to be and is authorised to act.
Without KYA, agentic commerce is vulnerable to impersonation, unauthorised transactions, and fraud. KYA provides the trust infrastructure that enables merchants to accept agent-initiated transactions with confidence, knowing the agent is genuine, authorised, and operating within its delegated scope.
Know Your Agent (KYA) is a framework for verifying the identity, authority, and trustworthiness of autonomous AI agents. Modelled on Know Your Customer (KYC) in financial services, KYA establishes the verification standards that enable businesses and systems to trust that an agent is who it claims to be and is authorised to act.
Without KYA, agentic commerce is vulnerable to impersonation, unauthorised transactions, and fraud. KYA provides the trust infrastructure that enables merchants to accept agent-initiated transactions with confidence, knowing the agent is genuine, authorised, and operating within its delegated scope.
Know Your Customer has been the bedrock of regulated commerce for half a century. The principle is deceptively simple: before you transact with someone, verify who they are. Banks check passports. Exchanges confirm addresses. Payment processors validate identities. The entire architecture of financial trust rests on the assumption that the entity initiating a transaction is a human being whose identity can be established through documentary evidence and biometric confirmation. Know Your Agent (KYA) is the AXD Institute's framework for addressing this challenge. It does not replace KYC - it extends it into the agentic domain, as explored in the Institute's analysis of The fundamental problem is not that we lack identity verification technology. It is that every identity verification system ever built assumes the entity being verified is human. Biometric authentication requires a body. Document verification requires a government-issued credential tied to a natural person. Even behavioural analytics - keystroke dynamics, mouse movement patterns, typing cadence - are calibrated against human behavioural baselines. AI agents violate every one of these assumptions. They have no biometrics. They carry no documents. Their behavioural patterns are determined by their training data and system prompts, not by the neurological characteristics of a human operator. When an agent authenticates to a banking API, it presents cryptographic credentials - tokens, certificates, API keys - that prove it has been granted access, but reveal nothing about the human principal whose intent it claims to represent. This creates what Sumsub's research team calls the "identity gap" - the space between technical authentication (proving the agent has valid credentials) and meaningful identity (establishing who is responsible for the agent's actions and what authority has been delegated to it). Traditional KYC closes this gap for humans through documentary evidence and biometric confirmation. For ag