authID (Nasdaq: AUID), a leader in biometric identity authentication, today unveiled the authID Mandate™ Framework, a comprehensive governance model for Agentic AI security with support for non-human identities, including autonomous and semi-autonomous AI agents. Mandate gives enterprises the trust foundation, policy controls, and auditability required to safely deploy agentic systems at scale.

The Problem: AI Agents Operate with Phishable Credentials and No Accountabilit

As AI evolves from answering questions to acting on behalf of humans in tasks like transacting, purchasing, and approving services, most online and enterprise systems were never designed to verify or trust autonomous decision makers like AI agents. Today’s AI agents typically operate with weak, static, and phishable credentials, or keys, and tokens that are not biometrically and cryptographically bound to a human. Nor is there any consistent governance framework to validate those credentials before actions are taken.

When these credentials are breached or reused in account takeover attacks, a compromised token can be replayed by an AI agent, resulting in fraudulent transactions, data leaks, and a loss of accountability. Without a governance framework that enforces strong credential validation, these risks are significant enough to stall many large enterprise Agentic AI initiatives.

Mandate defines how organizations establish accountability for autonomous activity: each agent is sponsored by a verified human so that it operates within explicitly authorized boundaries, and the platform produces immutable records that can be audited after the fact. The Framework operationalizes the issuance of biometric-rooted, cryptographically verifiable credentials of those human sponsors and enforces them at runtime across digital workflows, APIs, and multi-agent ecosystems.

“Enterprises are ready to let AI agents work, but not without a governance framework,” said Rhon Daguro, CEO of authID. “The authID Mandate Framework is our blueprint for accountable Agentic AI. Customers can govern which agents take action, who sponsors them, and what they are allowed to do, before, during, and after every action.”

What the Mandate Framework Establishes

Mandate provides a unified, control-ready model for governing agentic AI activity:

• Provenance & Sponsorship: Cryptographically bind each AI agent to a verified human sponsor using biometric-anchored identity.
• Authorization & Policy: Define and enforce fine-grained scopes, guardrails, and contextual risk checks for AI agent actions.
• Continuous Observability: Monitor AI agent invocations, decisions, and escalations in real time.
• Accountability & Audit: Produce non-repudiable, tamper-evident logs for compliance, incident response, and post-trade review.

“One of the greatest concerns enterprise CEOs face today is the introduction of Agentic AI solutions into their businesses, and it’s not without reason,” said Erick Soto, Chief Product Officer at authID. “Just last week, fraudsters successfully orchestrated attacks on over 30 companies through AI agents. This incident shows how quickly AI tools can be weaponized when there’s no clear chain of trust. The Mandate Framework is designed to provide the necessary accountability and trust to enterprises through unphishable credentials bound to a real human and a specific AI agent instance. It also provides standards-aligned interoperability across multiple protocols such as OIDC, A2A, and MCP, and human-in-the-loop confirmation for high-risk actions like final approvals. authID Mandate provides the assurance these CEOs need to launch their AI solutions with confidence.”

For further information please contact authID

About authID Inc.

authID® (Nasdaq: AUID) ensures enterprises “Know Who's Behind the Device™” for every customer or employee login and transaction through its easy-to-integrate, patented, biometric identity platform. authID quickly and accurately verifies a user's identity, eliminating any assumption of 'who' is behind a device to prevent cybercriminals from compromising account openings or taking over accounts. Leveraging a 1-in-1-billion False Positive Rate for the highest level of assurance, coupled with industry-leading speed and privacy-preserving technology, authID provides the most secure digital identity experience. Our IDX platform secures the distributed workforce of employees, contractors, and vendors, as well as bringing authorization and accountability for AI agents through our authID Mandate product line. By creating a biometric root of trust for each user, authID stops fraud at onboarding, detects and stops deepfakes, eliminates password risks and costs, and provides the fastest, frictionless, and most accurate user identity experience in the industry. For more information, please visit www.authID.ai.

View source version on businesswire.com: https://www.businesswire.com/news/home/20251118838387/en/