When a customer calls or chats to make a transaction (a payment, a transfer, a sensitive account change), an AI agent verifies the customer's identity at the level the action requires, completes the transaction, and confirms. This rung adds strong identity verification as a first-class part of the workflow, because the action being requested is sensitive enough that the AI cannot just trust the channel.

A customer calls a bank to transfer money. Before AI, the call went through three layers: an IVR collected the card number, a voice menu asked for a PIN, a human agent picked up, asked three security questions, verified, and then asked what the customer wanted. By the time the customer had explained, ten minutes had passed. An AI agent does the verification continuously while it understands the request, and starts the transaction in the same conversation.

How this used to be a decision tree

The verification was its own tree, run before the customer was even told what was possible. Press 1 for English. Enter your account number. Enter your PIN. Listen to a disclosure. Press 2 for transfers. Now answer a security question. Now a second. Each branch was a separate, fixed step. The tree was the same whether the customer wanted to check a balance or move ten thousand euros.

Why AI doesn't make this a decision tree anymore

The AI listens to the customer's intent, runs verification appropriate to the action requested, and completes the work. Verification steps appear when they are needed (high-value transfer means step up; low-risk balance check means session only), not as a fixed gate at the start. The customer is not made to authenticate against the entire system; they authenticate against the action they actually want.

What people in the field are saying

Service Matters covers the contact-centre authentication angle in "Is your contact centre a cybersecurity...", noting that the move to AI changes who makes the in-the-moment identity decision and how that decision is logged.

How does AI authenticate and complete a transaction today?

The AI identifies the customer through layered checks: session if there is one, a knowledge-based answer if needed, a possession factor (a code to a registered device) for higher-risk steps, and biometric checks where lawful. Each layer is added when the action requires it. The AI completes the transaction inside the same conversation, with each verification step and each system call logged.

What does it take to make this work?

An identity stack that the AI can call into: session, KBA, possession factors, biometrics. A policy that maps each action to the minimum verification level needed. Write access to the systems that will execute the transactions. An audit trail of every verification and every action. A human escalation path when verification fails or the customer's situation falls outside the policy.

Where does this go wrong?

Verification drift: the customer authenticated at one level early in the call, but later asks for something that needs a higher level, and the AI forgets to step up. False confidence: the AI says "verified" because the script said so, but one factor quietly failed. Social engineering: the AI is consistent and predictable, which a determined attacker can probe. And the inverse: too much verification on routine reads, which trains the customer to expect friction.

Which tools handle authenticated transactions?

  • Lorikeet: fintech-focused, strict procedure following.
  • Sierra: autonomous resolution including financial actions.
  • Cognigy: enterprise platform with regulated deployments.
  • Decagon: action-taking with logged decisions.
  • PolyAI: voice-channel verification and transactions.
  • Fin (Intercom): connected back-end actions.

How would I start doing this?

Write the action-to-verification-bar policy first, on one page. For each transaction type your AI will handle, decide the minimum verification level and the escalation rule. Compliance signs off. Then wire the AI to one transaction type and watch it on a sample of real cases, including edge cases (failed factor, mid-call step up, attempted social engineering). Tighten before adding the next.

Next on the ladder: a regulated, narrative-driven case where the customer tells a story and the AI extracts the structured data. Handling a first notice of loss for an insurance claim.