Token Extends Biometric Assured Identity to Secure AI AgentsNew hard gate architecture protects enterprises from hijacked agents and well-meaning rogue agents by requiring verified human biometric approval before high-consequence actionsToken, the leader in biometric assured identity, today announced the expansion of its identity security architecture to protect enterprise AI agents. The new capability enables organizations to place Token biometric hard gates around high-consequence agent actions, including sending money, deleting data, changing access rights, releasing confidential information, modifying production systems, and approving sensitive transactions.This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260617629675/en/ As enterprises move AI agents from advisory roles into operational workflows, the risk has shifted. Agents are no longer just generating text. They are being connected to systems of record, financial platforms, cloud consoles, help desk tools, development environments, and customer data. That creates two urgent risks: hijacked agents manipulated by bad actors, and well-meaning rogue agents that act too broadly, too quickly, or without enough context.Token’s approach stops both.With Token, an AI agent can prepare work, recommend action, gather context, and request authorization. A second agent can inspect the request and verify whether it appears truthful and aligned with policy. But before a high-consequence action can execute, the workflow stops at a Token biometric hard gate. The correct authorized human must approve the action using a Token biometric device. Until that happens, the transaction cannot proceed.“AI agents are becoming part of the enterprise operating system,” said Kevin Surace, CEO of Token. “That is incredibly powerful, but it also means agents need real control points. More AI watching AI is useful, but it is still probabilistic. Biometric assured identity is deterministic. When an action matters, the right human must be physically present and must approve it biometrically. That is the control model enterprises need now.”Token’s biometric assured identity platform already protects enterprise access by requiring a live fingerprint match, secure hardware, cryptographic authentication, proximity, and domain-bound credentials. Token devices do not rely on passwords, codes, push approvals, shared secrets, or cloud synced credentials. The same architecture now extends to agentic workflows, where enterprises need proof that the right human approved a specific action at the specific moment it was requested.This changes how organizations secure AI autonomy.A finance agent may be allowed to prepare a vendor payment, but not release funds without Token biometric approval. A support agent may identify records for deletion, but not delete them without an authorized human. An IT agent may recommend a privilege change, but not grant access until the correct approver signs biometrically. A software agent may write code and prepare a deployment, but not push to production or modify secrets without a Token hard gate.In each case, Token allows the agent to work at machine speed while preventing the agent from crossing a line that could damage the business.“Enterprises do not need to slow AI down,” Surace added. “They need to put absolute gates around the moments that matter. A hijacked agent should not be able to execute the attacker’s intent. A well-meaning rogue agent should not be able to accidentally damage the business. Token makes both impossible at the transaction point.”Token will provide code, prompts, and integration patterns that allow organizations to add biometric approval gates into agentic workflows. Developers and security teams can define which actions require approval, which human roles are authorized, and where the Token gate must occur before execution.Unlike software-only guardrails, Token’s biometric gate sits outside the agent’s reasoning environment. It is not another prompt. It is not another model opinion. It is not another policy suggestion. It is a hard stop enforced through biometric assured identity.The announcement marks the next step in Token’s continuing march to secure the modern enterprise identity perimeter. Token has already established biometric assured identity as the answer to phishing, stolen credentials, legacy MFA bypass, social engineering, and identity-based attacks. As AI agents become operational actors inside the enterprise, Token is extending that same proven identity foundation to secure the next major attack surface.“Everyone is moving quickly to deploy AI agents,” said Surace. “The leaders are already realizing that agent autonomy needs assured human control. Token is already there. We are giving enterprises the confidence to deploy agents safely, knowing that no high-consequence action can be completed unless the correct human approves it biometrically.”Learn more about this new capability here: https://www.tokencore.com/secure-ai-agents.About TokenToken is the leader in biometric assured identity for enterprises where breaches, data loss, ransomware, and unauthorized access must be prevented. Token provides secure biometric authentication devices and identity infrastructure that verify the right human, the right device, the right domain, and the right physical presence before access or action is granted. Token protects organizations against phishing, stolen credentials, legacy MFA bypass, social engineering, and now high-consequence AI agent actions.For more information, visit www.tokencore.com. Media ContactDan ChmielewskiMadison Alexander PR949 231 2965dchm@madisonalexanderpr.comView source version on businesswire.com: https://www.businesswire.com/news/home/20260617629675/en/
Token Extends Biometric Assured Identity to Secure AI Agents
Token Extends Biometric Assured Identity to Secure AI AgentsNew hard gate architecture protects enterprises from hijacked agents and well-meaning rogue agents by requiring verified human biometric approval before high-consequence actionsToken, the leader in biometric assured identity, today announced the expansion of its identity security architecture to protect enterprise AI agents. The new capability enables organizations to place Token biometric hard gates around high-consequence agent actions, including sending money, deleting data, changing access rights, releasing confidential information, modifying production systems, and approving sensitive transactions.This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260617629675/en/ As enterprises move AI agents from advisory roles into operational workflows, the risk has shifted. Agents are no longer just generating text. They are being connected to systems of record, financial platforms, cloud consoles, help desk tools, development environments, and customer data. That creates two urgent risks: hijacked agents manipulated by bad actors, and well-meaning rogue agents that act too broadly, too quickly, or without enough context.Token’s approach stops both.With Token, an AI agent can prepare work, recommend action, gather context, and request authorization. A second agent can inspect the request and verify whether it appears truthful and aligned with policy. But before a high-consequence action can execute, the workflow stops at a Token biometric hard gate. The correct authorized human must approve the action using a Token biometric device. Until that happens, the transaction cannot proceed.“AI agents are becoming part of the enterprise operating system,” said Kevin Surace, CEO of Token. “That is incredibly powerful, but it also means agents need real control points. More AI watching AI is useful, but it is still probabilistic. Biometric assured identity is deterministic. When an action matters, the right human must be physically present and must approve it biometrically. That is the control model enterprises need now.”Token’s biometric assured identity platform already protects enterprise access by requiring a live fingerprint match, secure hardware, cryptographic authentication, proximity, and domain-bound credentials. Token devices do not rely on passwords, codes, push approvals, shared secrets, or cloud synced credentials. The same architecture now extends to agentic workflows, where enterprises need proof that the right human approved a specific action at the specific moment it was requested.This changes how organizations secure AI autonomy.A finance agent may be allowed to prepare a vendor payment, but not release funds without Token biometric approval. A support agent may identify records for deletion, but not delete them without an authorized human. An IT agent may recommend a privilege change, but not grant access until the correct approver signs biometrically. A software agent may write code and prepare a deployment, but not push to production or modify secrets without a Token hard gate.In each case, Token allows the agent to work at machine speed while preventing the agent from crossing a line that could damage the business.“Enterprises do not need to slow AI down,” Surace added. “They need to put absolute gates around the moments that matter. A hijacked agent should not be able to execute the attacker’s intent. A well-meaning rogue agent should not be able to accidentally damage the business. Token makes both impossible at the transaction point.”Token will provide code, prompts, and integration patterns that allow organizations to add biometric approval gates into agentic workflows. Developers and security teams can define which actions require approval, which human roles are authorized, and where the Token gate must occur before execution.Unlike software-only guardrails, Token’s biometric gate sits outside the agent’s reasoning environment. It is not another prompt. It is not another model opinion. It is not another policy suggestion. It is a hard stop enforced through biometric assured identity.The announcement marks the next step in Token’s continuing march to secure the modern enterprise identity perimeter. Token has already established biometric assured identity as the answer to phishing, stolen credentials, legacy MFA bypass, social engineering, and identity-based attacks. As AI agents become operational actors inside the enterprise, Token is extending that same proven identity foundation to secure the next major attack surface.“Everyone is moving quickly to deploy AI agents,” said Surace. “The leaders are already realizing that agent autonomy needs assured human control. Token is already there. We are giving enterprises the confidence to deploy agents safely, knowing that no high-consequence action can be completed unless the correct human approves it biometrically.”Learn more about this new capability here: https://www.tokencore.com/secure-ai-agents.About TokenToken is the leader in biometric assured identity for enterprises where breaches, data loss, ransomware, and unauthorized access must be prevented. Token provides secure biometric authentication devices and identity infrastructure that verify the right human, the right device, the right domain, and the right physical presence before access or action is granted. Token protects organizations against phishing, stolen credentials, legacy MFA bypass, social engineering, and now high-consequence AI agent actions.For more information, visit www.tokencore.com. Media ContactDan ChmielewskiMadison Alexander PR949 231 2965dchm@madisonalexanderpr.comView source version on businesswire.com: https://www.businesswire.com/news/home/20260617629675/en/
