Passkeys are powerful and have vastly improved enterprise authentication.

But some of the most important identity moments happen when they aren’t available.

Before a new hire has a device. During onboarding and recovery. In shared environments. And when AI agents act on a person’s behalf.

In those moments, organisations still need trust, accountability, and proof that a real human — and the right human — is behind the action.

While passkeys secure the device, they don’t always secure intent.

This session moves beyond the login to explore the technical architecture of proof of
humanity. We will break down how to maintain a chain of trust across key identity lifecycle stages — from onboarding, login, and recovery to agent-driven actions — ensuring that even when a passkey is absent, accountability remains.

Because in the agentic era, identity isn’t just about login. It’s about knowing which human is behind the action — and that they are the right one.