Identi3

What happens to liability when the entity making a purchase is not a human? AI agents are moving from research into commercial reality. They can research and execute purchases. But the legal, identity, and payment infrastructure that commerce runs on was designed around humans in the loop. This session explores what breaks when agents enter the picture and what needs to be built before agentic commerce can scale.
Guests:
- Przemek Praszczalek, Product Lead at Invela Network (formerly Mastercard, nine years in emerging payments and verifiable credentials)
- Ronald Kogens, Partner at MME, a Swiss law firm specializing in technology and financial markets law
(0:00) — Introduction and framing
(6:44) — How is agentic commerce different from traditional e-commerce?
(10:18) — Legal perspective: what changes when a non-human initiates a transaction?
(12:46) — Authenticating the agent vs. authenticating the person behind it
(16:26) — Bank liability when agents interact with fraudulent merchants
(19:07) — The closed vs. open ecosystem problem
(20:34) — Does the "I agree" button still work when an agent is clicking it?
(25:07) — Dispute flows, chargebacks, and cognitive overload
(28:31) — When the agent screws up: who is actually liable?
(31:33) — The EU AI Act and its implications for agent developers
(33:18) — New fraud vectors introduced by agentic commerce
(37:10) — Should agentic transactions be flagged differently in payment rails?
(40:08) — How will dispute resolution change in practice?
(43:37) — Could agents ever have legal personality?
(46:00) — Timeline: when does autonomous agentic commerce actually arrive?
(48:43) — B2B vs. B2C: which scales faster and why?
(54:16) — Audience Q&A: UK regulation and the T&Cs consent problem

Website - https://www.dock.io/
LinkedIn - https://www.linkedin.com/company/docknetwork/

Most organizations say they are doing Zero Trust. Many still trust their IAM directory implicitly, protect it with a firewall, and call that a modern identity architecture. That is a perimeter by another name. In this session, Agne Caunt (Dock Labs), Richard Esplin (Dock Labs) and Justin Richer (MongoDB) work through what Zero Trust actually requires at the identity layer, why federated architectures tend to recreate the problems they were designed to solve, and what a more structurally sound approach looks like.
0:00 Introduction and guest overview
3:48 Zero Trust: origins and core principles
10:26 Why Zero Trust is still unnatural
11:45 Zero Trust in what? The foundational question
13:14 Directory synchronization: how enterprise identity fragility compounds
15:47 Verifiable credentials and the move to user wallets
18:06 Is the wallet really untrusted? Justin pushes back
20:39 Practical transition: using wallets at domain boundaries, not everywhere
22:55 VCs as a reinvention of X.509 for an online world
26:22 Tool comparison: OAuth/OIDC/SAML + SCIM vs. VCs
27:42 Shared Signals and Events (SSE): strengths and structural limits
31:51 User Managed Access (UMA): what it got right, why it stalled
34:35 GNAP: what it solves, when to use it instead of OAuth
41:00 SPIFFE/SPIRE: workload identity and short-lived credentials
46:06 SPIFFE's trust model and the "bottom turtle" question
47:24 WIMSE: bridging workload identity across trust domains
51:12 Agentic identity: the question from the audience
52:38 AI agents -- neither human nor workload, and why that matters
55:26 "On behalf of" vs. "for the benefit of" -- the liability distinction
58:55 What would a Zero Trust native architecture actually look like?
Website - https://www.dock.io/
LinkedIn - https://www.linkedin.com/company/docknetwork/

This session presents the results of a six-month proof of concept run by Telefónica Tech, GSMA, Dock Labs, and TMT ID to rebuild call center authentication using mobile network APIs and verifiable credentials. The PoC completed authentications in under 60 seconds on average, with 100% of trialists saying they would prefer it over existing methods.
Guests:
- Glyn Povah, Global Product Development Director at Telefónica Tech
- Helene Vigue, Identity and Data Director at GSMA
Timestamps
(00:00) - Introduction and context
(00:28) - Guest introductions: Glyn Povah (Telefónica Tech) and Helene Vigue (GSMA)
(04:34) - Strategic context: why call center impersonation fraud prompted this PoC
(07:00) - The problems with current authentication: CLI spoofing, SIM swap, knowledge-based checks
(08:32) - PoC goals: speed, security, and privacy
(10:17) - GSMA perspective: scam as a global cross-industry problem
(14:41) - Demo video: how the authentication flow works
(16:26) - PoC results: trialist feedback and quantitative outcomes
(20:32) - Carrier perspective: commercialisation, network APIs, and next steps
(22:09) - The wallet ecosystem: complexity, government-led development, and commercial tension
(30:05) - Identity industry perspective: user experience design choices and distribution challenges
(37:10) - The extensibility of verifiable credentials beyond call center authentication
(44:06) - Audience Q&A
📚 EXPLORE:
Website - https://www.dock.io/
LinkedIn - https://www.linkedin.com/company/docknetwork/

In a recent webinar, Richard Esplin, Head of Product at Dock Labs, and Agne Caunt, Product Owner, walked through a live demo of our new browser-based approach to digital identity.
Through a step-by-step demo, Agne showed how this works in practice, from signing into newly acquired platforms without re-onboarding, to verifying identity with external partners using privacy-preserving credentials. Along the way, they explored the underlying architecture, trade-offs around security and decentralization, and how this model can unlock both better user experiences and new business opportunities.
(00:00) Introduction
(01:47) The problem: fragmented identity across systems
(06:08) The shift: reusable digital identity
(06:40) Demo begins
(15:31) Architectural shift to user-held identity
(16:24) Web and mobile wallet with shared storage
(18:21) Issuance from trusted data
(20:18) Verification with proof requests
(27:17) Fraud model and Dock Labs' role
(43:48) Decentralization trade-offs
(48:08) Business wallets and delegation
Website - https://www.dock.io/
LinkedIn - https://www.linkedin.com/company/docknetwork/

AI agents are quickly moving from experimentation to real-world deployment, but one critical question remains: how do you establish trust when agents start acting on behalf of users?
In a recent webinar, Mike Parkhill (Head of Engineering at Dock Labs) and Agne Caunt (Product Owner at Dock Labs) explored this challenge and demonstrated how identity infrastructure can play a central role in solving it.
The session focused on Truvera’s MCP (Model Context Protocol) server, showing how agents can issue, verify, and eventually hold digital ID credentials, and how this enables more secure, auditable, and constrained agent behavior. Along the way, they walked through a live demo of credential issuance and verification, and shared their perspective on where agent identity, delegation, and agentic commerce are heading next.
(01:08) Why agent identity is becoming a problem
(02:20) What MCP (Model Context Protocol) is
(03:19) Goal: identity infrastructure for AI agents
(04:27) What MCP enables for agents (analogy + capabilities)
(05:56) Demo setup (Claude + web wallet)
(14:27) Roadmap: wallet MCP and agent capabilities
(15:16) Agent-to-agent (A2A) and DIDComm direction
(16:13) Introduction to Agentic Payment Protocol (AP2)
(18:02) AP2 mandates (cart, intent, payment) explained
(19:51) Demo: issuing a cart mandate to an agent wallet
(21:31) End of demo and transition to Q&A
(22:21) What is an agent’s identity?
(25:05) How MCP improves security and limits agent scope
(28:07) Schema flexibility and support for new protocols
(30:03) Ease of implementation and setup
(31:43) How agents get their identity (onboarding)
(33:04) Human-to-agent delegation model
(34:19) EUDI and business wallet discussion
(40:38) What happens when an agent invokes MCP tools
(42:52) Multi-tenant vs one-to-one MCP architecture
(45:36) Why did:cheqd was chosen
(47:41) Real-world use cases (e-commerce, travel)
(49:01) Sensitive use cases (loans, insurance, documents)
(50:23) DID methods (did:key vs cheqd) explained
(52:45) Closing remarks and next steps

📚 EXPLORE:
Website - https://www.dock.io/
👨‍👩‍👧‍👧 FOLLOW:
LinkedIn - https://www.linkedin.com/company/docknetwork/