FLINT Design Partner Program: now accepting a founding cohort.Apply

FLINT
AGENT IDENTITY · AGENT VERIFICATION · FRAUD PROTECTION

Never give an AI agent a wallet without a kill-switch.

Stop AI agent takeover before it drains your wallet. You set your agent's spending limits; FLINT Sentinel watches them for tampering. The moment your agent is hijacked or its permissions are escalated, you get an instant out-of-band alert, and you can freeze it with one tap.

$1.5T

agentic commerce by 2030

Juniper Research

109:1

machine identities to every human

Palo Alto Networks, 2026

+340%

prompt-injection attempts, year over year

Wiz Research

Built to interoperate with
CircleStripe + BridgeFireblocksCoinbase Agent KitSkyfire
AGENT PASSPORT · HYBRID RECORD
kya_01J_demo · agt_skyline_88af3c12
DRAFT
Agent Passport
pending
Principal Binding
pending
Wallet Binding
pending
Mandate Scope
pending
Signal Mesh
pending
Trust Graph
pending
Trust score0
BLOCK
REVIEW
STEP-UP
ALLOW
Verdict...
HYBRID ENVELOPE · ES256 + ML-DSA-65awaiting_signature

eyJhbGciOiJFUzI1NiIsInBxIjoiTUwtRFNBLTY1In0.eyJwYXNzcG9ydCI6Imt5YV8wMUoiLCJ2ZXJkaWN0IjoiQUxMT1cifQ....

The agentic fraud surface

Accept more agents.
Stop the abuse.

Trust infrastructure for the agents that move money. Clear the good ones, stop the rest, keep the proof.

Platforms prove who issued an agent inside their own walls. FLINT proves it still behaves as issued across any domain, on every transaction. Identity is granted once, but a valid agent can be compromised, over-delegated, or pushed outside its scope, which is how cyber-enabled agentic fraud happens. FLINT verifies it across the layers that move: environment identity, authorization scope, and cross-merchant agent reputation.

What FLINT catches
Live verificationsigned proof
Agent checkout
Acme supplier checkout
invoice-bot · USDC payment
Merchant_Acme Universe
Amount_$847.00
Mandate_$950 cap · net-30 invoices
Rail_stablecoin settlement
payment cleared before settlement
FLINT signalsALLOW
Agent ID_agt_61f9·invoice-bot
Trust score_92 / 100
Principal_org_acme · attested
Authority_in scope · $950 cap
Behavior_consistent
Environment_stable runtime
Wallet_known · low risk
Verdict_ALLOW
Signature_ES256 + ML-DSA-65 · verified
WHY NOW

What is agent commerce already costing you?

Most stores are already losing revenue to false declines, declining good customers on fraud suspicion. Agent traffic widens that gap. Move the slider to see your estimate.

Estimate using published industry rates

~$120,000

a year at risk

Breakdown

About $120,000 a year lost to false declines at a 2.0% rate on $6,000,000 in revenue.

Agent amplifier

And the gap widens: AI-driven retail traffic is up about 4,700% year over year and agent-referred shoppers convert roughly 42% better, so you will block more of the channel that's growing fastest.

The clock

The rules have a deadline too: GENIUS Act enforcement in 2027 and FinCEN's new effectiveness standard.

Assumptions

Published false-decline rates run about 2.6% to 5.5%. FLINT defaults to 2.0% deliberately to stay conservative.

Additional references: NoFraud, Adobe, GENIUS Act effective date, FinCEN effectiveness standard.

How it works

Give your agent a passport merchants can verify.

Connect your agent to FLINT, issue a portable identity record, and return signed proof every time it tries to pay or act.

ISSUE

Mint the passport

Create a reusable agent identity tied to the principal, wallet, scope, and runtime.

VERIFY

Check each action

Ask FLINT whether this agent can take this action, in this context, right now.

PROVE

Return signed evidence

Send merchants a tamper-resistant verification record they can store with the transaction.

LEARNOptional

Feed outcomes back

Optional. Report success, refund, dispute, or abuse to sharpen the next verdict. FLINT works fully without it, and your data is never resold or rebuilt against you.

response.json

flint_passport · builder_check

signed
{
  "agent_id": "agt_61f9_invoice_bot",
  "passport": "issued",
  "principal": {
    "id": "org_acme",
    "attested": true
  },
  "authority": "in_scope",
  "max_amount_usd": 950,
  "trust_score": 92,
  "verdict": "allow",
  "signature": {
    "alg": "ES256 + ML-DSA-65",
    "verified": true
  }
}
PROVEN, NOT PROMISEDVETERAN-FOUNDED

You're being asked to trust machines you can't see.

The tools you have were built for humans, not for agents that act and pay on their own. We've spent our careers telling real actors from impostors. Here's our record, verified the way we verify an agent.

TEAM RECORD · SIGNED CREDIBILITY
flint_team_record · guide_check
verified
Signed evidence_ES256 + ML-DSA-65 verified
Your data_non-extractive verified
Rails_agnostic verified
Aligned_NIST · MITRE F3 · FinCEN · GENIUS Act verified

We render our own credibility the way we verify agents: as a signed record.

TRACK RECORD

We previously built the fraud program at a digital identity unicorn credited with preventing more than $270 billion in fraud.

TESTIMONY

We have testified before Congress, including the House Ways and Means Committee, the House Small Business Committee, and the Senate Select Committee on Intelligence, on AI, biometrics, and fraud, and on strengthening the federal wire fraud, bank fraud, and computer fraud statutes, the same laws agentic fraud falls under.

BACKGROUND

Careers across U.S. federal law enforcement, the U.S. intelligence community, and the financial sector.

Built for the agent commerce stack
x402MCPAP2StripeStablecoinsSIEM

Verify the agent.Stop the fraud.Recover the revenue.

Trust infrastructure for the agents that act and pay in your business.

Verification record

flint_passport · final_check

Signed
Agent ID_agt_61f9_invoice_bot
Principal_org_acme · attested
Authority_in scope · $950 cap
Trust score_92 / 100
Signature_ES256 + ML-DSA-65 · verified
ALLOW
FAQ

What people ask before they give an AI agent a wallet.

What is agent identity verification?

Agent identity verification confirms that an AI agent trying to act or pay is the agent it claims to be, that it carries real authority delegated by a named principal, and that the action falls within that authority, all checked before the transaction executes. FLINT performs this verification and emits a signed record of the result.

What does FLINT do?

FLINT is trust infrastructure for the agents that move money. It verifies an agent's identity and financial authority at the moment it acts, returns a verdict, and emits a signed verification record you can keep as evidence.

What does FLINT actually verify?

Six layers: the principal behind the agent, the agent's own identity, the provenance of its wallet, the scope of its authorization, its runtime environment, and its reputation across merchants. Together they answer one question: should this agent be allowed to take this action right now.

What is the difference between a valid agent and a valid transaction?

An agent can be entirely real and still act outside its authority. A compromised, misconfigured, or over-delegated agent is the new fraud surface. FLINT verifies the delegation chain that flows from a principal down to the action, so a genuine agent attempting an ungranted action is caught. Most controls confirm the agent is real; FLINT confirms the action is authorized.

What is in a signed verification record, and why does the signature matter?

Each record captures the agent, the principal, the authorized scope, the layer results, the trust score, and the verdict, signed with a hybrid scheme (ES256 plus ML-DSA-65) so it stays verifiable as quantum-capable adversaries emerge. Because it is signed, the record is tamper-evident evidence: you, an auditor, or a counterparty can later prove what was verified and what was decided.

Can a verified agent still be compromised later?

Yes, and detecting that is the point. Because every verification is a signed record, a corrupted or drifting agent shows up as a broken signature or a changed behavioral profile on its next action. A security team can pull the records for every agent on its network and see at a glance which ones no longer verify.

How is FLINT different from device fingerprinting?

Device fingerprinting identifies the browser, device, and session a request comes from, and it assumes a human is behind the screen. FLINT identifies the agent itself and the financial authority it carries: who delegated it, what it can spend, and whether this action is in scope. Device signal is one of our six layers, not the whole picture.

How is FLINT different from on-chain analytics?

On-chain analytics trace funds after they move. That is forensic and backward-looking. FLINT verifies the agent's authority before money moves and produces a signed record at decision time. We sit in front of the transaction; on-chain analytics sit behind it. The two are complementary.

Is FLINT a payment rail or a wallet?

No. FLINT is rail-agnostic and holds no funds. It verifies the agent and returns a verdict; the rails move the money. We work alongside x402, Circle, Stripe, and the card networks rather than competing with them.

Does FLINT block legitimate agents?

No. Blunt blocking is the problem we solve. Most businesses already lose more revenue to false declines than to fraud. FLINT returns a four-state verdict (allow, step-up, review, block) so good agents pass, ambiguous ones get a check, and only the unauthorized are stopped. The goal is to recover the revenue crude rules reject.

What is AI agent takeover?

AI agent takeover is when an attacker gains control of an AI agent that can spend money, by hijacking the server or framework it runs on, poisoning its instructions, or stealing its credentials. The agent keeps its valid identity, so it passes checks that only ask who it is, but it now acts for the attacker. It is account takeover moved up to the agent layer.

What is a kill-switch for an AI agent?

A kill-switch lets the owner instantly stop an AI agent from transacting. With FLINT Sentinel, the verified owner can freeze the agent's passport from an out-of-band alert on Telegram or email, and a frozen agent is blocked from transacting anywhere FLINT is checked. Freeze is reversible.

How do I protect an AI agent's wallet?

Give the agent a verifiable identity (a FLINT agent passport), set explicit spending limits, watch for tampering with those limits, and keep an out-of-band kill-switch. FLINT Sentinel does the watching and the kill-switch: it alerts you when an agent's permissions are escalated and lets you freeze it with one tap.

Does FLINT stop my agent from being hijacked?

No. FLINT does not patch the framework or prevent the breach itself. It catches the takeover the moment the agent tries to escalate its authority or move money, alerts you out-of-band, and lets you freeze it, so a compromise upstream does not become an unbounded loss. It is one layer of defense in depth.

What is FLINT Sentinel?

FLINT Sentinel turns an agent passport into a portable anti-fraud tool. It watches an AI agent's permissions, logs every change, alerts the owner out-of-band when those permissions are escalated, and provides a one-tap reversible freeze.

Build the agentic commerce trust layer with us.

We're partnering with a founding cohort, from teams scaling agent payments to teams just starting to integrate digital payments. Wherever you are on that journey, if agents are beginning to move real value for you, we want to build with you.

Partner with FLINT and you get a future-proofed solution built at the frontier of agentic commerce, designed by people who live in both halves of the problem: compliance and agentic finance. That means early access to the full six-layer verification stack and the trust graph, a direct line into the roadmap and the spec, white-glove integration support, and a signed, regulator-grade verification record you can stand behind from day one.

FLINT is already live where agents are: a connectable MCP server in Claude and a listed verification endpoint in Coinbase's x402 Bazaar.