Ledger Unveils Security Roadmap for the Age of AI Agents

Ledger introduces AI Security Roadmap 2026 for user protection in AI-driven transactions.

Ledger has introduced the AI Security Roadmap 2026, a document outlining how the company plans to protect users in a world where AI agents independently conduct transactions, manage wallets, and access confidential data.

Today marks a major milestone for @Ledger.

Ledger’s Chief Experience Officer, @iancr, is stepping into a new role as Chief Human Agency Officer. At the same time, we’re unveiling our Strategic AI Roadmap.

This is more than a leadership change. It signals a fundamental shift.…

— Pascal Gauthier @Ledger (@_pgauthier) April 14, 2026

Simultaneously, the company has introduced a new position: former CEO Ian Rogers has become the industry’s first Chief Human Agency Officer. His role is to ensure that the proliferation of agents does not dilute users’ personal control over their assets. Rogers has been with Ledger since 2020 and previously led the transformation of the brand from a niche device manufacturer to a global digital asset security company.

The conceptual core of the entire strategy is the principle “Agents propose — humans sign.” AI can analyze the market, build swap routes, and prepare transactions, but execution always requires physical confirmation on a Ledger device. The private key never leaves the Secure Element — under any circumstances and in no agent’s software environment.

The main points of the roadmap include:

• Device Management Kit (DMK) — already available to developers. It allows for the integration of hardware confirmation (human-in-the-loop) into any agent products. The first example: MoonPay Agents — a CLI tool where each agent transaction must be physically approved on the device;
• Hardware-bound identity — agents will be tied to hardware. This eliminates the vulnerability of software credentials, which are easily forged. The release is planned for the second quarter;
• Hardware-enforced permissions — spending policies and contract access enforced at the hardware level, not through software logic (the solution is expected to be presented in the third quarter);
• Proof of Human — a mechanism for confirming the unique identity behind an agent. The goal: to combat bots and multi-accounting. Certification is tied to the Secure Element and does not disclose personal data (planned for the fourth quarter).

“The greatest threats arise when AI systems are given too broad access to credentials, wallets, and financial decisions — without human oversight. The number of agents is growing, and they operate incredibly fast. This is great until something goes wrong,” Rogers stated.

Earlier, scammers stole $9.5 million in cryptocurrencies through a phishing Ledger app in the App Store.