Digital identity is no longer just about people. Today, organizations manage fifty times more non-human identities such as servers, software and AI agents than human users. According to digital identity expert Jacoba Sieders, the rise of agentic AI forces us to rethink how we manage trust: “Everything we’ve built for people must now be applied to machines and agents, and that is an explosive challenge.”
With a background in classical languages, Jacoba has over twenty years of experience in digital identity. She has worked at major Dutch banks (including ING and ABN Amro) and the European Investment Bank, and is currently an independent consultant and speaker.
The identity explosion
Two decades ago, digital identity in banks and enterprises revolved around employees and customers. Enrollment, authentication and authorization were designed to bind a natural person to a digital account. That balance has shifted completely. Non-human identities have outpaced human ones. In 2010, about one in ten identities belonged to machines. By 2020 the number had multiplied tenfold. Today, for every human account there are dozens of non-human ones. And AI is accelerating the trend. Agents are not only acting autonomously within systems, but are even creating new identities themselves.
But what is an agentic AI identity? An agent is more than a simple account. It is a piece of software capable of making decisions, combining data sources, and performing tasks on behalf of humans. Just like a person, an agent requires enrollment to establish origin, authentication to prove identity, and authorization to define rights. Delegation, which is already a difficult challenge in identity management, becomes even more complex when machines act in our place.
The risks on the horizon
With new power come new risks, Jacoba warns. Shadow agents can proliferate without the knowledge of security teams, much like shadow IT in the past. Hijacking and poisoning of models can give adversaries control over an agent’s actions. Attackers can weaponize AI to automate hacking at unprecedented scale. Critical infrastructure is especially vulnerable, since hospitals, energy plants or transport systems often rely on limited IT resources and outdated protections. A hijacked agent in such an environment could cause real-world disruption.
“Shadow IT has always been a problem. Now we also face shadow agents that organizations don’t even know exist,” Jacoba says.
Yet, standards and regulation are catching up. In Europe, the EIDAS 2.0 regulation and the digital identity wallet aim to give citizens and organizations verifiable credentials. The AI Act categorizes AI use cases from low to high risk, banning the most dangerous use cases. International groups are working on frameworks such as the AI Service Passport (AISP) and on extending identity concepts to workloads and agents. The National Institute of Standards and Technology (NIST) is publishing early testing and evaluation standards. There is convergence happening between identity and cybersecurity, Jacoba highlights, making identity threat detection and response a recognized field in its own right.
Another interesting initiative is the First Person Project, which tries to solve one of the biggest open questions in the AI era: how do we prove someone is a real human being without relying on sensitive biometrics or linking back to government-issued identity? Unlike centralized biometric systems, First Person Credentials are built on Decentralized Identifiers (DIDs) and Verifiable Relationship Credentials (VRCs) – providing cryptographic proof of genuine personal trust relationships.
Practical steps for organizations
For now, organizations cannot wait for perfect standards. The first step is inventory. Organizations must be aware which human and non-human identities exist in their environment. Every agent should be treated as a first-class identity with clear enrollment and lifecycle management. Zero trust principles are essential, assuming nothing and validating everything.
Monitoring and detection are as important as prevention. When something goes wrong, resilience and quick response matter more than perfection at the front door. “We know systems will be hacked. Prevention is not enough anymore. The real priority is resilience and the ability to respond quickly,” Jacoba adds.
Thinking ahead
There are no quick fixes, Jacoba highlights. The relationship between AI, identity and cybersecurity will remain an arms race. Attackers are using AI to scale and automate their methods, while defenders are deploying AI for faster detection, monitoring and response. Each advance on one side provokes a counter on the other. This constant escalation is not likely to stop.
However, looking forward, identity and cybersecurity will merge into a single ecosystem built on continuous verification and adaptive authentication, Jacoba envisions. Identity wallets will likely store not only human credentials, but also verifiable credentials for agents. Attacks will grow in scale and speed, while defenses will rely more on automated detection and response. At the same time, there may be a countertrend toward analog fallbacks. Paper voting, disconnected systems and physical redundancies may remain vital for sovereignty and resilience.
Conclusion
Digital identity is going through a big shift. Human and non-human identities are starting to blur together, and agentic AI is speeding things up faster than most organizations can handle. The ones that will stay ahead are those that treat machines with the same level of care and control as they do people. It’s a tough challenge, but the alternative is even scarier. If we can’t trust our digital systems, the whole economy is at risk.
