Token, one of the leaders in biometric assured identity, announced on June 17th the expansion of its identity security architecture to protect enterprise AI agents. The new capability enables organisations to place Token biometric hard gates around high-consequence agent actions, including sending money, deleting data, changing access rights, releasing confidential information, modifying production systems, and approving sensitive transactions.
As enterprises move AI agents from advisory roles into operational workflows, the risk has shifted. Agents are no longer just generating text. They are being connected to systems of record, financial platforms, cloud consoles, help desk tools, development environments, and customer data. That creates two urgent risks: hijacked agents manipulated by bad actors, and well-meaning rogue agents that act too broadly, too quickly, or without enough context.
Token’s approach stops both.
With Token, an AI agent can prepare work, recommend action, gather context, and request authorisation. A second agent can inspect the request and verify whether it appears truthful and aligned with policy. But before a high-consequence action can be executed, the workflow stops at a Token biometric hard gate. The correct authorised human must approve the action using a Token biometric device. Until that happens, the transaction cannot proceed.
“AI agents are becoming part of the enterprise operating system,” said Kevin Surace, CEO of Token. “That is incredibly powerful, but it also means agents need real control points. More AI watching AI is useful, but it is still probabilistic. Biometric-assured identity is deterministic. When an action matters, the right human must be physically present and must approve it biometrically. That is the control model enterprises need now.”
Token’s biometric-assured identity platform already protects enterprise access by requiring a live fingerprint match, secure hardware, cryptographic authentication, proximity, and domain-bound credentials. Token devices do not rely on passwords, codes, push approvals, shared secrets, or cloud-synced credentials. The same architecture now extends to agentic workflows, where enterprises need proof that the right human approved a specific action at the specific moment it was requested.
This changes how organisations secure AI autonomy.
A finance agent may be allowed to prepare a vendor payment, but not release funds without Token biometric approval. A support agent may identify records for deletion, but not delete them without an authorised human. An IT agent may recommend a privilege change, but not grant access until the correct approver signs biometrically. A software agent may write code and prepare a deployment, but not push to production or modify secrets without a Token hard gate.
In each case, Token allows the agent to work at machine speed while preventing the agent from crossing a line that could damage the business.
“Enterprises do not need to slow AI down,” Surace added. “They need to put absolute gates around the moments that matter. A hijacked agent should not be able to execute the attacker’s intent. A well-meaning rogue agent should not be able to accidentally damage the business. Token makes both impossible at the transaction point.”
Token will provide code, prompts, and integration patterns that allow organisations to add biometric approval gates into agentic workflows. Developers and security teams can define which actions require approval, which human roles are authorised, and where the Token gate must occur before execution.
Unlike software-only guardrails, Token’s biometric gate sits outside the agent’s reasoning environment. It is not another prompt. It is not another model opinion. It is not another policy suggestion. It is a hard stop enforced through biometric-assured identity.
The announcement marks the next step in Token’s continuing march to secure the modern enterprise identity perimeter. Token has already established biometric-assured identity as the answer to phishing, stolen credentials, legacy MFA bypass, social engineering, and identity-based attacks. As AI agents become operational actors inside the enterprise, Token is extending that same proven identity foundation to secure the next major attack surface.
“Everyone is moving quickly to deploy AI agents,” said Surace. “The leaders are already realising that agent autonomy needs assured human control. Token is already there. We are giving enterprises the confidence to deploy agents safely, knowing that no high-consequence action can be completed unless the correct human approves it biometrically.”
More related news:
HID fingerprint biometric technology conforms to PAD Level 2 ISO/IEC Standards
iProov Unveils Facial Biometric MFA to Prevent Workforce Identity Theft
SmartMetric to incorporate embedded AI into its Biometric Credit Card
