Three things are true at the same time.
First. AI is now describing your brand to millions of consumers a day. ChatGPT crossed 900 million weekly active users in February 2026. Google reports 750 million monthly users for Gemini. Claude, Perplexity, Copilot, and Grok serve another hundred million plus between them. When a consumer asks an AI which luxury skincare to buy, which payroll software fits a 50-person agency, which law firm handles cross-border IP, they get a specific, confident, immediate answer. That answer is your brand's introduction to that consumer. You did not write it.
Second. It is often wrong. I have asked AI systems to describe brands priced at $200 and been told they are "affordable options for budget-conscious shoppers." I have asked them to describe SaaS companies that pivoted eighteen months ago and been told their old positioning. I have asked them to describe regulated financial firms and been told they offer products they have explicitly disclaimed. None of these errors are exotic. Run the prompts yourself and you'll find your own examples within ten minutes.
Third. There is no widely adopted, open standard specifically designed for your brand to declare authoritative identity to AI systems.
You can update your website. The AI does not always check your website at decision time. You can add structured data. The AI was often trained on a snapshot months or years ago. Modern systems supplement training data with real-time web retrieval, fetching pages from the live web at the moment of the query. That helps with freshness. It does not solve authority. The model may surface a Reddit thread, an old article, and your homepage in the same answer path with no universal authority signal that says which source is entitled to speak for the brand. You can email an AI platform's support team. They will tell you, correctly, that they do not edit model output by request. You can monitor what AI says about you. Monitoring is observation, not correction. There is no inbox. There is no API. There is no signed declaration any AI system is currently obligated to read.
This is the gap I have spent the last several months building infrastructure to close. It is not a small gap. It has the potential to define the next decade of brand identity.
The interface changed and the trust layer didn't.
For thirty years, brands have invested billions of dollars to define how they appear on the open web. Domain names. SSL certificates. Schema.org structured data. Open Graph metadata. robots.txt directives. Authoritative knowledge panels. A whole stack of identity infrastructure that browsers, search engines, and social platforms cooperatively respect.
That stack was built around a specific assumption: that the consumer's primary path to your brand was a search engine that would deliver them to a webpage you controlled.
That assumption no longer holds.
In the last eighteen months, agent-mediated commerce has moved from speculative to operational. OpenAI and Stripe released the Agentic Commerce Protocol, which powers Instant Checkout in ChatGPT. Google announced the Universal Commerce Protocol with Shopify and major retailers including Etsy, Wayfair, Target, and Walmart. Anthropic's Model Context Protocol has moved under the Linux Foundation's Agentic AI Foundation and become one of the core interoperability patterns for connecting AI systems to tools, services, and external context. Google's Agent2Agent Protocol is defining how agents communicate with one another, and Google has donated the Agent Payments Protocol to the FIDO Alliance. These efforts are not identical, but they point in the same direction: AI agents are becoming an interface through which consumers discover, evaluate, and transact with businesses. Five protocols are now moving from specification into implementation.
In a five-year window, a meaningful fraction of consumer-facing transactions will originate inside an AI agent's reasoning, not on a brand's website. The user will say "find me a midsize CRM that integrates with HubSpot and costs less than $50 per seat." The agent will return a single answer. Or three. The brand on that list wins. The brand not on that list does not exist for that consumer.
The agent making that decision needs a source of truth for what each brand actually is. Today it does not have one. So it guesses. Sometimes it guesses well. Sometimes it does not. The guessing is the entire problem.
That asymmetry is a window of category opportunity that opens roughly once per decade.
The authority gap.
When an AI agent decides to recommend your brand, or describe it, or include it in a comparison, the agent has to draw from somewhere. Today the agent draws from three substandard sources.
The first is training data. A snapshot of the web from months or years ago. It does not know about your rebrand. It does not know your new pricing. It does not know your new geographies. The agent treats it as authoritative anyway because it has nothing better.
The second is real-time web retrieval. Many modern AI systems no longer rely on training data alone; they fetch and summarize web content at the moment of the query through search APIs, browsing tools, and retrieval pipelines. This pattern improves freshness. It does not establish authority. The retriever has no universal primitive for distinguishing the brand's own authoritative claim from a competitor's review, a Reddit thread, or a journalist's characterization. The model may surface all three in the same answer path. Real-time retrieval fixes the freshness problem. It does not fix the authority problem.
The third is platform-supplied feeds. When an agent uses Shopify Catalog, OpenAI Product Feed, or Google Merchant Center, the brand has indirect control through the platform. But these feeds describe products, not brands. A product feed cannot tell an agent your brand voice, your stance on certain practices, your jurisdictional eligibility, or what you have explicitly prohibited being said about you.
None of these three sources is brand-authored, cryptographically verifiable, current, and runtime-queryable at the same time. That is the structural problem.
I call it the authority gap: the absence of any source the agent can consult, at the moment of decision, where the brand itself has authoritatively declared what is true about it. The authority gap is not a UX problem. It is not a brand-monitoring problem. It is not a marketing problem. It is an architectural absence, the missing layer between the brand and every AI system that now sits between the brand and its customer.
The pattern that has always worked.
This is not the first time the internet has had to build a verification layer. It is the third.
In the early 1990s, email had no concept of authenticated authorship. Anyone could send a message claiming to be anyone. Spam, phishing, and brand impersonation arose immediately and the cost ran into hundreds of billions of dollars before the IETF standardized DKIM in 2007. DKIM did one thing: it gave email receivers a cryptographic mechanism to verify that a message was actually authored by the domain it claimed to be from. The internet did not vote on DKIM. No platform owned it. It became infrastructure because mailbox providers cooperatively chose to honor signatures and reject what failed verification.
In the mid-1990s, the web faced the same problem at a different layer. Anyone could host a webpage. Browsers had no way to verify they were talking to the real Bank of America rather than an attacker spoofing the domain. SSL/TLS solved this with cryptographic certificates issued by trusted authorities. The padlock icon you have looked at fifty times today is the visible artifact of that infrastructure. TLS was open, multi-vendor, neutral. It became universal.
In the late 2000s, third-party application access faced the problem again. Apps needed to act on behalf of users without users handing over their passwords. OAuth solved it with delegated authentication tokens. It is now the substrate beneath every "Sign in with Google" button on the internet.
Three different decades, three different interfaces, the same answer in each case: a cryptographic verification primitive, defined as an open standard, adopted because the alternative was indefinitely worse.
The agentic AI interface needs the same thing. The primitive must be a brand-authored, cryptographically signed declaration that AI systems can check. The form factor will look familiar to anyone who has worked with DKIM or TLS: same architectural shape, applied to a different problem. The new layer of internet trust is brand identity, and the work of standardizing it has begun.
What verified brand identity actually looks like.
A Verified Brand Record™, the standard primitive we are calling for, is a brand-authored declaration of the brand's identity, signed with the brand's cryptographic key, published at a domain the brand verifiably controls, and structured for both human review and machine consumption.
It contains the things the brand controls. The brand's legal name. Founding details. Geographic scope. Price tier. Positioning. Target customer. Operative claims and disclaimers. Categories the brand explicitly is and explicitly is not. Practices the brand prohibits being characterized as engaging in. Affiliations and certifications. Time-bounded promotional state. Whatever the brand needs to declare in order for an AI to describe the brand accurately.
It is signed. The signature is the difference between a webpage and a verified record. A webpage can be scraped, mirrored, summarized, paraphrased, and recombined; the result has no provenance. A signed record, when retrieved by an AI system, can be cryptographically verified back to the brand's controlling key. Tampering is detectable. Spoofing is detectable. Stale versions are detectable. The brand's authorship is not a claim. It is a property of the artifact itself.
It is published at the brand's own domain. Not in a third-party registry that the brand depends on for its identity. The brand owns the canonical source. A registry can mirror, index, and time-stamp signed records, but the authoritative version lives at your-brand-domain.com/.well-known/brand-assertions.json. This matters because architectural sovereignty matters: the brand's identity should not be hostage to any vendor's continued existence, including ours.
It is queryable by AI systems at runtime, not buried in training data. An AI agent making a recommendation now has somewhere to look: somewhere the brand authoritatively wrote what is true. The agent can choose to honor the verified record or not. Many will have an incentive to honor verified records over time, because better provenance can improve output quality and reduce risk. The same dynamic that drove mailbox providers to honor DKIM is likely to drive AI platforms to honor verified brand records.
It is time-stamped and historically auditable. Every signed Verified Brand Record carries a verifiable publication timestamp. Every change a brand makes to its declared identity, a price tier update, a new certification, a retracted claim, a category exit, is captured with cryptographic provenance and preserved as a historical record that cannot be backdated. This matters for three reasons. For brands, it means a verifiable defense: six months from now, you can prove what you declared today, what you did not declare, and exactly when each change occurred. For AI platforms, it means a defensible position: a platform that relied on a brand's verified record at the moment of a recommendation can prove which version was current. For regulators, courts, and counterparties, it means a clean evidentiary trail in an environment where automated decisions otherwise leave none. The legal and compliance communities have already begun asking how brands and AI systems will produce this trail when consumer harm or commercial dispute arises. The current answer, that no such trail exists, will not survive contact with the first major liability case. A signed, time-stamped, immutable record is what closes that gap.
It organizes a hierarchy of authority that is brand-controlled and time-aware. A Verified Brand Record is the structure through which a brand designates which source should be treated as authoritative for each class of time-sensitive claim, its own signed declaration, a live platform feed, or independent third-party corroboration. Identity, audience, voice, positioning, and prohibited terms stay anchored to the brand's signed declaration. For volatile claim classes, pricing, inventory, promotions, certifications, jurisdictional eligibility, the brand designates the source, and the architecture enforces freshness: if the brand's chosen source goes stale beyond its applicable time-to-live, a fresher source can be elevated automatically and the override is recorded to the audit log. The brand has agency. The system has guardrails. Every signed claim is timestamped, cryptographically chained, and historically auditable, so a false declaration is permanently recorded and self-destructive to the brand's authority over time. The VBR makes that hierarchy machine-readable, cryptographically anchored, and auditable. It does not flatten authority into the brand's voice. It organizes authority around the brand's domain.
That is the structure. There is nothing in it that requires permission from any AI platform. There is nothing in it that requires a vendor relationship. The standard is the standard whether one brand publishes it or one million do. The infrastructure is the same.
Why this cannot be owned by a platform.
The most natural objection is: why doesn't ChatGPT just build this? Or Google? Or Anthropic?
They could. They will not.
DKIM was not built by Google. Schema.org was not built by Microsoft. TLS was not built by Cisco. The reason is structural: a verification layer can only function if the parties who depend on it trust the source. ChatGPT cannot establish a verification system that Google's Gemini will rely on. Gemini cannot establish one Anthropic's Claude will rely on. Each platform has a commercial incentive to define the layer in a way that advantages its own ecosystem and disadvantages competitors.
The pattern that has worked, three times now, is bottom-up open standards. The Internet Engineering Task Force standardized DKIM. The W3C standardized URLs and HTML. The OpenID Foundation governed OAuth. Schema.org was originated by Google but immediately formalized as a multi-stakeholder project. None of these standards belong to any single company. All of them exist because the infrastructure problem could not be solved by one platform that the others would have to trust.
Verified brand identity is in the same architectural position. It must be neutral or it cannot be infrastructure. We have published our specification on GitHub under the Apache 2.0 license. The schema is open. The signing protocol is open. The reference implementation is open. Any brand can publish a Verified Brand Record without any commercial relationship with us. Any AI platform can verify Verified Brand Records without any commercial relationship with us. The commercial layer that supports the standard, including registry operations, governance corpus services, and runtime brand authority infrastructure, is a separate commercial question from the standard itself. The standard belongs to the category.
This is the line our company sits on top of, not behind. We are betting that the right thing, neutral infrastructure that is brand-controlled, cryptographically verifiable, and openly specified, will become the standard because it is structurally how internet trust layers have always become standards. We are not betting on anything more clever than that.
Why now.
The window to establish a verification standard for an interface is the period between the interface becoming dominant and the interface developing entrenched, ad-hoc patterns that resist standardization. The window for email closed; we got DKIM. The window for the web closed; we got TLS. The window for AI agents is open right now and will not be open in three years.
Three things are converging. A fourth is recent enough that the implications are still unfolding.
The agent interoperability protocols I named earlier (ACP, UCP, MCP, A2A, AP2) are shipping production transactions today. Each of them creates a moment in the agent's flow where the agent has to evaluate a brand and act. Today that evaluation happens with the substandard sources I described. Tomorrow it will need to happen with something better, because the gap between "AI got my brand wrong" and "an AI agent acted on a wrong characterization of my brand and now there is a transactional consequence" is short, and the legal and commercial pressure to fill that gap is rising fast.
Regulators are moving. The EU AI Act is moving through staggered implementation, with transparency and high-risk obligations coming into force over time. The United Kingdom's Competition and Markets Authority is consulting on AI in commerce. The Federal Trade Commission's enforcement guidance on automated decision systems continues to expand. None of these has specifically named verified brand identity as a requirement, but all of them are moving in directions that will, within a few years, require either a verification primitive or extensive case-by-case enforcement. A primitive is cheaper. A primitive is what infrastructure problems get solved with.
Liability is moving in the same direction. As agent-mediated transactions scale, the question of who is responsible when a recommendation goes wrong will be asked in court, in arbitration, and in regulatory proceedings. The party that can produce a cryptographically verifiable, time-stamped record of what was declared and what was relied upon at the moment of the decision will be the party in the defensible position. The pressure for that record to exist is structural, not optional.
And, most recent, AI memory is becoming persistent. ChatGPT now references saved memories and chat history across sessions; OpenAI's May 2026 update added Memory Sources, exposing what an AI consulted to personalize a response. Today this memory is mostly about the user. Tomorrow it will accumulate about brands: pricing, certifications, positions, controversies, retractions. The moment AI systems begin remembering brand facts long-term rather than re-deriving them on each query, the cost of an unverified claim multiplies. An AI that forgets a wrong answer is annoying. An AI that remembers a wrong answer for eight months is a liability. Persistent memory without verification is not a feature; it is a structural failure mode that will be unwound by exactly the verification primitive we are building.
The window for the verification standard to emerge before regulatory or platform-specific patterns lock in their own ad-hoc versions is the next eighteen to thirty-six months. After that, we will have something. The question is whether what we have is open, neutral, and brand-controlled, or whether it is fragmented, platform-specific, and brand-hostage. That is the question this category will answer.
An open call.
Today the open specification for Verified Brand Records is published on GitHub under Apache 2.0. The schema, the signing protocol, the reference implementation, and the conformance criteria are all open. Any brand can publish a Verified Brand Record now, without any commercial relationship with us. Any AI platform can verify a Verified Brand Record now, without any commercial relationship with us. The standard is real and it is not ours. The standard may evolve substantially from here. That is the point of open infrastructure.
Laiyr™ operates the canonical registry that indexes and time-stamps published Verified Brand Records. We operate the runtime services that deliver Verified Brand Identity to AI agents at low latency during agentic transactions. We operate the governance services that brands use to maintain their records over time. These are commercial offerings. The underlying standard is not.
If you run a brand: declare yourself. The longer a verified record exists, the stronger its timestamped provenance becomes. The timestamp cannot be backdated. The companies that publish first will compound first.
If you build for AI: read the specification. Implement the verifier. Honor signed records when you find them. The infrastructure of internet trust has always been built bottom-up by the practitioners who chose to honor it. AI is no different.
If you advise brands: this is not a marketing trend. This may become one of the new identity layers of the AI internet. The brands that treat it that way will be ahead of the brands that wait.
The interface is changing. The trust layer is being built. Brand truth belongs to the brand.