Banks, payment firms and digital platforms are rebuilding identity verification around what many executives now describe as “ID supply chains,” a networked approach to trust that distributes identity checks, risk signals and verification data across multiple participants rather than locking them inside a single institution.
The shift reflects mounting concern that traditional know your customer (KYC) and know your business (KYB) systems were engineered for an earlier internet, one where customers, businesses and transactions stayed within relatively contained environments. That architecture is buckling as AI agents, automated bots and embedded financial services move freely across ecosystems spanning marketplaces, banks, payment processors and third-party platforms.
For years, digital identity verification operated as a relatively narrow checkpoint conducted during onboarding or account opening. Financial institutions and merchants largely treated KYC and KYB as perimeter controls designed to confirm that a customer or business was legitimate before access was granted. Once verification occurred, identity systems often functioned in separate silos tied to payments, fraud monitoring, lending or vendor management.
That model assumed transactions remained within reasonably stable environments controlled by identifiable users. Artificial intelligence agents, automated commerce flows and interconnected digital platforms have altered those assumptions.
As noted in a report by PYMNTS Intelligence and Trulioo, identity risk has become shared and systemic. Companies now use digital identity verification across an average of 4.4 workflows, extending well beyond customer onboarding into login systems, online transactions, fraud monitoring, lending and vendor onboarding.
That expansion is reshaping identity verification into an operational layer that stretches across entire ecosystems (hence the supply chain analogy).
Advertisement: Scroll to Continue
Recent PYMNTS coverage has tracked similar pressures as financial institutions and merchants prepare for agentic commerce and AI-driven transaction activity. PYMNTS recently reported on payment networks positioning tokenization, credentialing and fraud orchestration systems for autonomous commerce environments where AI agents may eventually initiate transactions on behalf of users. Those developments increasingly require identity verification systems capable of operating across interconnected platforms rather than inside isolated databases.
Identity and Shared Infrastructure
KYC, KYB and emerging know your agent controls are beginning to operate as connected layers spanning customer access, transactions, suppliers and counterparties.
Nearly 8 in 10 firms surveyed use digital verification during customer login and access management, while roughly three-quarters apply it to online transactions. More than 61% also use verification for vendor onboarding. Identity failures no longer remain isolated. A misclassification or weak control in one workflow can ripple into fraud losses, supplier risk, onboarding friction and downstream trust failures across multiple participants. Companies using identity verification in only three or four workflows reported greater pressure from bots and adversarial agents, alongside higher rates of false positives, onboarding abandonment and customer friction.
In this supply chain construct, identity validation becomes distributed among internal teams, external verification providers, consortium data networks and risk-sharing partners. Broader identity coverage appears to push firms toward shared governance models.
The differences were particularly sharp in KYB processes.
Among firms with lower-touchpoint KYB programs, 43.3% reported onboarding suppliers that later proved untrustworthy, compared with 28.8% among firms operating broader identity coverage models.
Lower-density identity programs also produced materially higher false-positive rates.
Loan applications produced the highest concentration of know your agent threats, with 63.2% of firms identifying KYA-related risks in that workflow. Nearly half of firms reported incidents or losses tied to adversarial bots and agents in loan application environments.
