Trulioo and PayOS recently published a white paper that advances the concept of Know Your Agent (KYA). At its core is the “Digital Agent Passport,” a tamper-proof credential showing who built the agent, who it represents, and what permissions it has. The passport includes five checkpoints: provenance, user binding, permission scope, real-time behavior telemetry, and continuous risk scoring—creating a verifiable chain of trust at machine speed. The white paper proposes independent Digital Passport Authorities to issue, sign, and revoke passports, much like SSL certificate authorities. A federated directory would ensure interoperability across borders and marketplaces, with real-time revocation lists. KYA would combine Trulioo’s identity graph and fraud detection with agent behavior monitoring. If an agent exceeds its permissions or behaves suspiciously, its passport could be flagged or revoked instantly. For merchants, KYA offers tighter audit trails and fewer manual exceptions. For FinTechs and retailers, it enables higher straight-through processing while guarding against fraud. Trulioo urges support for a federated directory of “white list agents,” ensuring payloads are signed and trusted. Each passport includes cryptographic proof of the developer’s identity and a hash of the latest code commit, giving merchants real-time visibility into agent behavior.