Yubico Partners With IBM And Auth0 To Secure Agentic AI And Harness Its Power While Ensuring Trust And Governance

Wednesday, 25 March 2026, 11:43 am
Press Release: Yubico

Yubico has announced a strategic collaboration with IBM and Auth0 to help organisations securely deploy AI agents at scale, introducing a new model of human-in-the-loop authorisation for high-risk automated actions.

As enterprises rapidly adopt AI-driven automation, agentic AI systems are evolving beyond advisory roles to act as “digital workers” capable of executing transactions, deploying code and accessing sensitive systems. While this shift promises significant productivity gains, it also introduces new governance and security challenges.

According to recent industry data, 87 per cent of organisations report increased risk associated with AI vulnerabilities, while 77 per cent lack foundational AI security practices.

The joint solution from Yubico, IBM and Auth0 addresses this emerging risk by ensuring that critical AI-driven actions require cryptographically verified human approval.

Closing the automation trust gap

Traditional identity and access management models were designed for human-initiated actions. However, as AI agents begin operating autonomously, organisations must be able to prove not only that an action occurred, but who authorised it.

The new architecture introduces a Human-in-the-Loop model that enables AI systems to operate autonomously for routine tasks, while escalating high-risk actions for secure human approval.

This approach is designed to support a wide range of enterprise use cases, including:

• High-value financial transactions
• Deployment of production code
• Access to sensitive corporate data
• Procurement approvals and vendor onboarding
• Security response actions impacting system availability.

Hardware-backed trust for critical decisions

At the centre of the model is Yubico’s hardware-backed authentication, delivered through the YubiKey, which ensures that approvals for sensitive actions are tied to a verified individual and physical presence.

When a high-risk action is triggered, Auth0 initiates a secure approval request via backchannel authentication, while IBM’s AI agents orchestrate the workflow. The authorised user must physically authenticate using a YubiKey, providing cryptographic proof that:

• The correct individual approved the action
• The approval cannot be replayed or intercepted
• The decision is securely bound to a verified identity.

This creates a clear audit trail and delivers non-repudiation, supporting compliance, financial accountability and risk management requirements.

Enabling secure AI adoption at scale

According to Sheryl Chamberlain, Vice President at Yubico, organisations are facing a critical inflection point as AI moves from experimentation to execution.

AI agents are quickly becoming part of the enterprise workforce, capable of taking real action across systems. The challenge is ensuring that this speed does not come at the expense of trust or governance.

By combining hardware-backed authentication with intelligent identity orchestration, we are enabling organisations to scale AI securely while ensuring that the right human remains in control of critical decisions.

The collaboration brings together:

• IBM’s WatsonX AI capabilities to analyse data and execute workflows
• Auth0’s identity orchestration to manage secure approval flows
• Yubico’s hardware root of trust to enforce human verification.

Together, the solution enables organisations to bridge the gap between autonomy and accountability, ensuring that AI can operate at machine speed without compromising security.

A new foundation for the autonomous enterprise

As AI adoption accelerates across industries, including financial services, software development and procurement, organisations must rethink how they govern automated decision-making.

The Human-in-the-Loop model represents a shift from reactive security controls to proactive, policy-driven authorisation embedded directly into AI workflows.

By integrating cryptographically enforced human approval into high-risk actions, organisations can unlock the full potential of AI-driven automation while maintaining control, transparency and trust.

© Scoop Media