Cloudflare announced Private Access Control Tokens (PACT), a new protocol designed to let AI agents prove there is a human in the loop without CAPTCHAs, forced logins, or invasive tracking. Google Chrome, Microsoft Edge, Mozilla Firefox, and Shopify have all signed on to help develop the open standard.

How PACT Works

The protocol allows sites with verified knowledge of a user’s identity to issue anonymous tokens. A browser can then present these tokens to other sites to prove human oversight of an AI agent, without revealing who the user is or what they browsed. Cloudflare describes it as reducing “the need for annoying and clunky captchas or invasive tracking” while raising “the bar for trustworthiness and integrity online.”

The mechanism separates identity verification from browsing activity. A site that has already confirmed a user’s personhood issues tokens that travel with the browser but cannot be linked back to the issuing context. This means an AI agent shopping on behalf of a user could authenticate to a merchant without the merchant learning anything about the user beyond “a verified human authorized this.”

Shopify’s Commerce Angle

Ilya Grigorik, Distinguished Engineer and Technical Advisor at Shopify (formerly a Google engineer who led the Chrome User Experience Report launch), framed PACT as essential for ecommerce. “Every extra challenge, delay, or false positive can turn a purchase into an abandoned cart,” Grigorik said, according to Search Engine Journal. “Merchants need effective protections against automated abuse, but buyers shouldn’t have to pay for them with unnecessary friction or invasive tracking.”

Shopify processes transactions for millions of merchants. If PACT becomes the standard for distinguishing legitimate agent-driven purchases from bot abuse, it would directly affect conversion rates across its platform.

Cloudflare’s Strategic Position

Cloudflare already provides infrastructure on both sides of the agent equation. Its Cloudflare Agents framework lets developers deploy AI agents, while its bot management tools let websites block unwanted automated traffic. PACT sits between these two functions: it creates a protocol-layer trust mechanism that Cloudflare’s infrastructure can enforce.

The company’s announcement was explicit about this positioning: “Using PACT on Cloudflare’s network raises the bar for trustworthiness and integrity online without the traditional costs.”

No timeline has been announced for PACT’s rollout. Several important questions remain unanswered, including which entities will serve as “personhood” issuers and how the protocol will handle edge cases where agents operate without real-time human oversight.

The Post-CAPTCHA Web

PACT represents the clearest signal yet that the web’s trust infrastructure needs rebuilding for an agent-native era. CAPTCHAs, browser fingerprinting, and forced login walls were designed for a web where humans clicked links. When agents handle browsing, purchasing, and form submission on behalf of users, those mechanisms become friction rather than security.

The backing from all three major browser engines (Chrome, Edge, Firefox) gives PACT credibility that previous agent authentication proposals lacked. Whether it becomes the standard depends on adoption speed and whether the protocol can handle the complexity of multi-agent systems where trust chains span multiple services and providers.