Over the last year, we have seen a step change in the performance at the AI infrastructure layer powered by foundational model improvements and expansions on what they can do. We now have machines that can reason and soon will be able to act through a sense of agency.
But as we venture into the age of autonomous agents and AI-driven systems, a critical question arises: How do we do that securely?
These autonomous agents, powered by AI and Large Language Models (LLMs), increasingly assume roles that involve making decisions, executing tasks, and interacting with other systems without human intervention.
However, the security infrastructure to support this evolution, particularly in authentication, is still in its infancy. That said, it is a ripe area for founders to build a key infrastructure for the emerging era. After many discussions with founders building this “agentic” future, it’s clear why a specialized authentication startup for agents is urgently needed—and why it hasn’t emerged yet.
If you are building in this area or there are others you think we should be paying attention to, please reach out to richard@underscore.vc or anyone on our team. We would welcome the opportunity to discuss and partner with you.
If you are just interested to learn more, read on. This article explains what we’ve gleaned while meeting with founders in the community over the last year. It is meant to help tease out the potential of solving the significant opportunity in authentication infrastructure for intelligent agents and why we are excited about it.
The Growing Role of Autonomous Agents
We’d be the first to acknowledge it’s early to be heralding in an “agentic era” of computing. Still, we also believe it’s inevitable, and that is where we like to invest — in the “soon to be broadly apparent” infrastructure categories. Our job is to partner with founders to help navigate that, figuring out when to step on the gas and ease off of it as the market develops.
Autonomous agents are becoming integral to various industries, from finance and healthcare to logistics and customer service. Unlike traditional software, which follows predetermined rules, autonomous agents make decisions based on real-time data, machine learning models, and contextual understanding.
We believe the ROI of these systems is going to be so great that it is inevitable that they will pervade nearly every industry and function; it’s just a matter of time and infrastructure to support it!
Despite this promise, the level of autonomy introduces new challenges in ensuring that these agents act securely and reliably. As agents become more embedded in critical operations, the need for robust authentication mechanisms that go beyond traditional user credentials becomes paramount.
Why Current Authentication Methods Fall Short
- Lack of Identity Standards for Agents: Traditional authentication systems are designed for human users or well-defined services. They rely on passwords, tokens, or cryptographic keys that are tied to human or machine identities. However, autonomous agents are neither fully human nor machine in the traditional sense. They are dynamic entities that can adapt, learn, and even evolve over time, making it difficult to establish a fixed identity. Without a standard framework for agent identities, it’s challenging to authenticate these entities consistently and securely.
- Complexity of Agent Interactions & Handoffs: Autonomous agents often interact with multiple systems and other agents across different networks. These interactions can be highly complex, involving a mix of public and private data, sensitive transactions, and real-time decision-making. Traditional authentication methods, usually linear and static, struggle to accommodate this complexity. Example: An agent managing financial transactions may need to authenticate itself to multiple banks, payment gateways, and regulatory systems—all while ensuring that its identity remains secure and trusted across these interactions.
- Dynamic and Adaptive Nature of Agents: Autonomous agents are designed to be adaptive, learning from their environments and modifying their behavior accordingly. This adaptability complicates traditional authentication approaches, which assume static identities and predictable behaviors. Example: An AI-driven logistics agent might change its operational strategy based on real-time data, such as traffic patterns or supply chain disruptions. Traditional authentication systems may need help to keep up with these changes, leading to potential security gaps.
The Need for an Authentication Layer for Agentic AI
Given these challenges, there is a clear need for a startup that focuses on developing authentication solutions tailored explicitly to autonomous agents. This startup would address several key areas:
- Dynamic Identity Management: The startup would develop systems for dynamically managing agent identities, allowing for flexibility as agents evolve. This could involve creating a new class of digital identities that can adapt to changes in the agent’s role, capabilities, and context.
- Context-Aware Authentication: A key innovation would be the development of context-aware authentication methods that consider not just the agent’s identity but also its behavior, environment, and interactions. This could include machine learning models that continuously assess the agent’s actions for anomalies or signs of compromise.
- Inter-Agent Trust Networks: The startup could pioneer the concept of trust networks among agents, where agents authenticate each other based on shared credentials, trust scores, or decentralized verification methods. This would enable secure, peer-to-peer interactions between agents across different systems.
Beyond these facets, authentication implies knowledge of the endpoint and use case. There may be a broader opportunity in building the utility tooling and integrations layer for agents in tandem with authentication.
Why This Startup Doesn’t Exist Yet
Despite the clear need, a specialized authentication startup for autonomous agents has yet to emerge for several reasons:
- Nascent Market: The market for autonomous agents is still relatively new, and many companies are in the early stages of deploying these systems. As a result, the demand for specialized authentication solutions has yet to reach critical mass. We believe this is just a matter of timing, and getting it right will be critical, which is why we are happy to partner with founders to “figure it out” together with our pulse on the markets development.
- Technical Complexity: Developing authentication systems that can handle the dynamic and adaptive nature of agents is technically challenging. It requires expertise in AI, cybersecurity, cryptography, and identity management, making it a niche field that few startups have ventured into. There are n<10 people in the world that could build this, and we are keen to meet them!
- Lack of Standards: The absence of industry standards for agent identity and authentication has slowed progress. Without a clear framework to build on, startups face significant uncertainty in developing solutions that will be widely adopted. For these reasons, we have a slight orientation to believe this will be solved with open source distribution and standards, but are willing to be convinced otherwise by founders with a more informed opinion!
- Focus on Traditional AI Security: Many companies and researchers currently focus on securing AI systems in traditional ways, such as improving data privacy, ensuring model robustness, and preventing adversarial attacks. This has diverted attention away from the more specialized field of agent authentication. CISOs are focused on solving today’s “hair on fire” problem, not tomorrow, which will take time to pan out.
All of those feel solvable – so if you are working on this, please reach out; we would love to partner with you! This will be a complex business to build, but if you’d like support in having us in your corner, just reach out.
Conclusion
As autonomous agents become more prevalent and take on increasingly complex roles, the need for specialized authentication solutions will become critical. A startup dedicated to this field would not only fill a growing gap in the market but also play a crucial role in ensuring the secure and ethical deployment of autonomous agents. While the challenges are significant, the potential rewards— market opportunity and societal impact—are immense. The future of digital interaction depends on secure, trustworthy agents, and it’s time to start building the infrastructure that will make this possible.
We look forward to supporting the founders in taking this challenge on and accelerating the agentic and autonomous era of software. We look forward to meeting you!