Ledger has introduced its AI Security Roadmap 2026, outlining how the company plans to protect users in a world where AI agents autonomously conduct transactions, manage wallets, and access sensitive data.

Today marks a major milestone for @Ledger.

Ledger’s Chief Experience Officer, @iancr, is stepping into a new role as Chief Human Agency Officer. At the same time, we’re unveiling our Strategic AI Roadmap.

This is more than a leadership change. It signals a fundamental shift.…

— Pascal Gauthier @Ledger (@_pgauthier) April 14, 2026

Additionally, the company has created a new position: former CEO Ian Rogers has become the industry's first Chief Human Agency Officer. His role is to ensure that the rise of agents does not dilute users' personal control over their assets. Rogers has been with Ledger since 2020 and previously led the brand's transformation from a niche device manufacturer to a global digital asset security company.

The core concept of the strategy is the principle "Agents propose — humans approve." AI can analyze the market, create swap routes, and prepare transactions, but execution always requires physical confirmation on a Ledger device. The private key never leaves the Secure Element — under no circumstances and in no agent's software environment.

Key points of the roadmap include:

  • Device Management Kit (DMK) — already available to developers. It allows for hardware confirmation (human-in-the-loop) to be integrated into any agent products. The first example: MoonPay Agents — a CLI tool where each agent transaction must be physically approved on the device;
  • Hardware-bound identity — agents will be tied to hardware, eliminating the vulnerability of software credentials that are easy to forge. Release is planned for the second quarter;
  • Hardware-enforced permissions — spending and contract access policies enforced at the hardware level, rather than through software logic (expected to be introduced in the third quarter);
  • Proof of Human — a mechanism for confirming the unique identity behind an agent. The goal is to combat bots and multi-accounting. Certification is tied to the Secure Element and does not disclose personal data (planned for the fourth quarter).

"The biggest threats arise when AI systems are given too broad access to account data, wallets, and financial decisions — without human oversight. The number of agents is growing, and they operate incredibly quickly. This is great until something goes wrong," said Rogers.

It is worth noting that in April, fraudsters stole $9.5 million in cryptocurrencies through a phishing app posing as Ledger in the App Store.