Hi everyone, thanks for coming back to Customer Futures.

Each week I unpack the disruptive shifts around Empowerment Tech. AI Agents, digital wallets, Personal AI in and the future of the digital customer relationship.

If you haven’t yet signed up, why not subscribe:

Hi folks,

“There’s so much to do, and so little time, we must go slowly.”

I find myself saying it most weeks at the moment.

Because with AI Agents, we need to slow down, think carefully, and weigh up what’s actually happening. Beyond the tech waffle and hype, there are some huge open questions that we need to understand and resolve. And some huge new risks.

Yes, we can automate a task or step. But what changes when it’s a machine doing it vs. a human? What changes when it’s 24/7, machine-readable, data-rich, non-emotional, highly scalable and autonomous?

I don’t think we are anywhere close to understanding the implications of agentic commerce.

We are firmly in the ‘faster horses’ stage.

Automating checkout. Writing documents. Scanning spreadsheets. Reading and scraping websites. Booking restaurants. Replacing things that humans do, to save time, money and effort.

But the real shift comes when we apply agents to new areas.

Today, it’s tech-disruption-as-normal. But that, people, is why AI is a different beast.

With previous tech cycles, from the web, to mobile, to cloud, we had to wait until someone saw a disruptive new opportunity, and then applied the new technology of the day in a new way.

Like turning the web from purely a consumption tool (‘browsers’ help us view things) into a publishing tool (social media and the rest). Or turning our mobile devices into location-aware, context-specific applications and services. We got dynamic maps, payment wallets and Uber.

But with AI - and specifically AI agents - these clever new platforms are going to work out the new things for themselves. New pathways to connect with each other. New ways to discover and share data. And new ways to create value.

That’s the exciting part. But also the fear, the challenge of today.

So we must go slowly.

That doesn’t mean we shouldn’t make decisions or take action. It just means we need to take the time to think through the implications, the power shifts, and to see more of the chessboard. Not just what’s in front of us, like automating payments or booking meetings.

Folks, we are going to need experts more than ever. But not just the techbro experts. We need ethnographers. CX designers. Accessibility gurus. Historians. Sociologists. Specialists and leaders who are human-first, not tech-first.

And more than ever, we are going to need each other. Peers, community networks and expert groups to help us navigate what’s coming.

It’s one of the reasons we’re running a new series of meetups: the Trusted Agents Table.

Starting in London, we held our first event last week. My co-founder Gam Dias summed it up brilliantly:

“It was exactly what we hoped it would be. No slides. No pitching. Just smart people from retail, banking, governance and payments swapping stories over dinner and comparing notes on what is actually changing.”

And here’s what we took away:

• AI capabilities are moving fast, but enterprise readiness is not

• There are too many “agentic” projects being pushed forward without governance, infosec discipline, or clean enough data

• The pressure for efficiency gains from the board and PE firms is arriving well before agent controls are in place

• Most organisations are simply not ready to coordinate ‘hybrid human and agent’ operations

• The most immediate opportunities are not glamorous - invoice processing, reconciliations, service ops - it’s the mundane work that quietly burns time and money

• The hard part is not the demo - it is trust, identity, permissions, liability… knowing who an agent represents, what it is allowed to do, and what you can prove afterwards

More Trusted Agents Tables are coming soon - with invites coming out shortly.

Today with AI agents and customer empowerment, it feels a little like tornado chasing. We’re all trying to work out where this crazy new weather system is going to hit land.

While we can’t name the exact towns and coastlines that will be affected, we can certainly now see the direction of travel. We can see roughly what’s coming, and how to prepare.

Like I said last week, the Great AI Doubling is already here, and it’s now visible and having an impact. Did you see that Figma’s share price dropped right after Claude Design was announced? Expect more of that, in more places, impacting more companies.

Next up: the Great Empowerment Doubling.

So who gets impacted then?

It’s why it’s never been more important to understand the future of being a digital customer.

Welcome back to the Customer Futures newsletter.

In this week’s edition:

• Whenever you see someone write ‘on behalf of’, give a little OBO wave

• Is Apple about to launch ‘Embedded Identity’?

• New face-swap tools for webcams make deep fakes trivial… and free for everyone

• Are you building an ID product, or is it really just an ID feature?

• … and much more

Grab a comfy corner, a pot of freshly brewed tea, and Let’s Go.

Know Your Agent is not enough to scale Agentic Commerce - there’s a missing piece

OBO means ‘On Behalf Of’.

But it’s more than just another little name.

It’s the beginning of a common framework for agentic trust.

And one that’s not just about payments. One that covers any kind of customer interaction, not just checkout. And a framework that’s not just about one protocol or vendor.

There are now quite a few projects out there describing ‘KYA’ - Know Your Agent. It’s going to be foundational for AI agent identity and reputation.

But remember, agents are different beasts. We can’t just treat them like ‘automated, faster people’. Doing the same things, but quicker and more efficiently. Meaning we can’t just do an ID check on who (or what) they are, and be done.

For two huge reasons.

First, AI agents are going to need their own identity infrastructure. We can’t rely on a driving license or bank attestation to prove who someone, or something, is any more. And second, these AI agents are going to act on behalf of other people and organisations, and indeed other AI agents. Not just do things on their own.

So we need more than KYA. We need to understand how liability works when something goes wrong. We need to know the scope of the agent’s permission. And so much more.

Here’s my starting list of eight things ‘Agent OBO’ needs to describe:

1. The identifier of the ‘principal’ (the person, org or machine) doing the delegating

2. The identifier of the AI agent

3. Proof of the ‘binding’ between the principal and the AI agent (the relationship)

4. The scope of the delegation (what, where, when, who)

5. The intent of the delegated task (why)

6. The operator of the agent (e.g. SaaS provider vs. device owner)

7. The reputation of the agent

8. The terms on which data will be shared about the principal (a pointer to a machine-readable governance framework, and covering compliance with any particular regulations)

I believe the ‘OBO 8’ can be wrapped up into a single digital object that can be asked for, inspected and verified instantly. Something machine-readable, and suitable for high-frequency, real-time transactions.

OBO can become a new kind of digital, portable credential. Cryptographically signed by the AI agent’s owner and any network it belongs to (e.g. an approved Fintech or all the way up into something like a Retail network). For the technical folks, that could be a verifiable credential (VC), or possibly an ‘authorisation capability’ (ZCAP). Some other formats are being discussed too.

Regardless, an OBO credential can be carried by the AI agent, with portable proof of its ability to act On Behalf Of (OBO) another entity.

Maybe that’s a customer, a patient, an athlete, a customer services department, a homeowner, another agent, and who knows what else.

But for now, OBO describes what’s needed - as a minimum - for agentic commerce to scale. And to handle interactions that happen well before, and well after, payment.

OBO needs to become as widespread and as important as KYC or AML.

Similar to KYC, it can flex for different rules by jurisdiction. And express different requirements by each organisation. But it can become a common approach to verifying an AI agent, anywhere, for any purpose. Especially when AI agents are going to be cross-border and cross-sector by definition.

It turns out that Agent ID, and KYA, is going to be necessary but not sufficient.

And OBO is the missing piece.

READ

Is Apple about to launch ‘Embedded Identity’?

Apparently, Apple is working on a new wearable: a ring.

Most people see a potential breakthrough for sleep apps, health tracking and a new gesture-based controller for Apple devices.

But I also see something different: Apple doing something similar to 'Embedded Finance', but with digital ID.

Why?

Banks and payments providers have talked about Embedded Finance for ages. Where we weave payments into another, existing experience. It disappears into the customer journey, when the individual is trying to get something done.

We can seamlessly add a payment step into the customer experience, like buying shoes, or a TV, or tickets or whatever. And introducing new payment tools like Buy Now Pay Later.

I’ve written for a long time about this pattern, but applied to digital ID. It's called ‘Embedded Identity’.

Where we do the same as embedded payments, but this time with authentication and personal data sharing. Where the customer can be verified in the background, with consent, transparency and control.

And where ‘ID’ isn’t another step or product. Instead, it's a secure, seamless and empowering capability that helps both the individual and the business get something done.

Lower fraud, better personalisation, smarter checkout, higher conversion, and a better CX overall.

For me, this Apple news teaser is less about a potential new Apple product called Ring, and more about the opportunity to embed digital identity into existing customer flows. All while adding transparency, security and privacy.

Embedded Identity is coming. We might just not know what it looks like yet.

READ

New face-swap tools for webcams make deep fakes trivial… and free for everyone

Exactly three years ago in April 2023, I wrote a piece on deep fakes and live calls: Welcome to the Zoom call… now please prove it’s you.

Back then I wrote:

“As of right now, it’s really only the channel, the publisher that’s bringing trust to our digital experiences.

“There’s already enough training data out there to fake any one of us at will. We’re only one online recording away from a digital doppelganger. This will soon all be available to produce in real-time.

“Yes, text-to-video is exciting. And yes it’s going to create a lot of new value, new jobs and disruption. But it’s also going to usher in a collapse of digital trust. We won’t be able to believe what we’re seeing or hearing when online.”

Deep fakes arrived shortly after, but only really worked for pre-recorded video, and high-tech setups and fraudsters.

Now it’s available to everyone, in real-time feeds and using standard webcams. New open source ‘face swap’ tools are a commodity now.

Linas Beliūnas covered the story as you’d expect:

“Deepfakes are getting absolutely wild… and Deep Live Cam is now the top-trending GitHub repo. It lets you swap faces in real-time using just a single image.

“No lag. No weird artifacts. It even adapts to lighting, angles, and even expressions. The crazy part? The tech behind it is fully open-source and runs on almost any machine.

“Meaning it can be easily used in video calls: Zoom, Team, KYC checks, Bank onboarding.

“This breaks the assumption that seeing you live = verifying you. Now it just means someone found your photo.”

More of the great AI doubling. Not some causal breakthrough we didn’t expect.

You can start to expect hearing it down the pub:

“What’s that? We can’t trust Zoom anymore?

No way! Because I looked at some AI images recently, and the person had six fingers! And in the live stream video last week, they couldn’t touch their nose without it glitching! There were some suspicious shadows!

“What’s that? Oh, they’ve caught up? And it’s getting better all the time? We now need to prove it’s us when we join a live call? And I can’t trust the live feed anymore?”

That’s right. Welcome to the Zoom call… now please prove it’s you.

What a time to be alive.

WATCH

Are you building an ID product, or is it really just an ID feature?

I’ll say it again: most digital wallet and digital ID companies think they are building products. But really, they are building features.

To be integrated into a wider customer experience.

It matters because there are so many ID companies saying ‘where should we start’ or investors saying ‘I get the tech, but what about adoption?’

Worth taking a look at Ireland’s EU Digital ID Wallet plans. Rather than launching a brilliant identity wallet capability that doesn’t really have a clear use for citizens, they are doing the opposite.

They are starting with the citizen’s ‘job to be done’.

Moving home. Getting a job. Registering a birth. All of which have multiple steps. All of which you need to interact with multiple organisations. And where identity is only a fraction of the customer journey and experience.

So let’s design for that. Design for the outcomes. Not the data.

Last week, I wrote about Steve Jobs’ principle of starting with the customer experience and working backwards. It’s precisely what Ireland’s ‘Life Architecture’ approach is doing.

It’s much more thoughtful than many of the EUDIW projects I’ve seen out there. And I suspect will mean that Ireland’s wallet rollout will out-perform other countries, especially those that are leading with tech (oooh! selective disclosure!) and regulation (oooh! QTSPs and VLOPs!).

Ireland is not building an ID product. Instead, it’s designing digital identity as a feature to be added into other, wider and richer customer experiences, all crafted around meaningful life events.

Bravo to the Irish Gov ID team. I’m excited to see how it goes.

READ

OTHER THINGS

There are far too many interesting and important Customer Futures things to include this week.

So here are some more links to chew on:

• News: Fully automated remote onboarding is now explicitly allowed for EU Digital ID wallets READ

• Article: Amazon’s Rufus just added ‘Scheduled Actions’ - moving Amazon from recommendation engine to execution layer READ

• Announcement: Brex just open-sourced CrabTrap - it’s Okta, but for agents READ

• Another announcement: Introducing the new World ID: full-stack proof of human READ

• Article: Is it time to delete the Booking.com App? READ

• Post: AI agents don’t just need identity — they need delegation READ

• News: Woops - an unauthorised group has gained access to Anthropic’s exclusive cyber tool Mythos READ

• Opinion: What can an octopus teach us about agentic AI? READ

And that’s a wrap. Stay tuned for more Customer Futures soon, both here and over at LinkedIn.

And if you’re not yet signed up, why not subscribe: