I started Notarize in 2015 because a ski accident forced me to confront something I'd known but never truly grappled with. For everything the internet had transformed, it still couldn't be trusted with life's most important moments, like buying a home, updating a will, transferring retirement savings, or in my case selling a company, a deal a botched notarization nearly cost me.

Notarization, at its core, has always been identity proofing: a legal process for answering with certainty. Is this the person they claim to be? And can I trust his record? What seems simple is incredibly complex. Every state has its own rules, every relying party has different requirements, and the whole system hinges on legal frameworks largely written before the internet existed. To digitize notarization, we had to become experts in all of it. There was no shortcut.

That work paid off: the first fully digital home closing happened on our platform. We solved the complexities of the eNote, the online notarization, the underwriter acceptance, and the county recording, across fifty states of requirements, at internet scale.

People told us it couldn't be done. But that's the kind of company we are: not a passive identity verification provider, but one committed to building the infrastructure that solves the biggest challenges facing the internet.

The next chapter

If we could scale online notarization, we could solve bigger identity authorization challenges. And our customers were already pulling us there. The same businesses we'd solved notarization for asked us to secure other high-value moments, all of them turning on the same questions: is this really the person they claim to be? And can I trust this record?

We realized we'd always been more than a notarization company. We were in the business of trust, and notarization was just one of the harder, more legally complex iterations of that. So we built the platform those other challenges demanded, an identity authorization network spanning identity verification, fraud prevention, and transaction authentication, with every transaction bound to a verified person. Notarize remains the largest network of online notaries and always will be, but when we became Proof we committed to building the trust layer for every transaction that matters.

What's next

Within a few short years, advancements in AI have fundamentally rewired how we think about trust on the internet. The naked eye can no longer tell whether an email is from your bank, whether it's your colleague on the video call, or whether a document signed in your name was signed by you. The fraud numbers are brutal and accelerating, but impersonation is only one half of the problem.

AI agents are now displacing humans on the internet, booking travel, buying goods, signing documents, and moving money. This past month, machine-generated traffic finally surpassed human traffic.

I built a career on the promise of the internet, but I'm worried that if we don't get this next generation of the web right, we may lose it altogether. That promise has always rested on a quiet assumption: that there was a person on the other end, someone you could find and hold accountable.

AI agents are erasing that assumption. What happens when an agent does something its owner never authorized, or completes a transaction they later dispute? The systems we've relied on can't answer these questions. They were made for a world where humans took actions. That world is ending.

The internet needs an identity layer that cryptographically proves who you are, what you've done, and which agents are operating in your name.

To solve these challenges, we're releasing x401, an open, issuer-neutral protocol for the identity and authorization challenges created by agents, along with Proof digital ID, the first live implementation on x401, to bring a verified human identity and authorization to every agent action.

Proof digital ID is a portable, verifiable, cryptographic identity that a person claims once and uses everywhere. When you create a Proof digital ID, we verify your identity following one of the federal government's highest levels of identity assurance (NIST IAL2) and deliver a verifiable credential controlled by you and unlocked with your biometrics. Proof digital IDs are cryptographically bound to you using the same class of cryptography that secures the web.

And you decide what to share. Selective disclosure and zero-knowledge proofs make a Proof digital ID privacy-preserving by design: you can prove you're old enough, a citizen, or authorized to act on behalf of your company without exposing all of your personal data.

Most identity companies are scanners that check your ID and return a score. Proof is a WebTrust-audited Certificate Authority. We issue the credential, cryptographically binding your verified identity to everything you authorize, all living end-to-end in a secure infrastructure. That's what matters most when you hand an agent the authority to act in your name.

x401 extends HTTP to require a cryptographic identity assertion on any protected resource. The protocol defines why and how an AI agent transacting on your behalf needs to carry a verifiable credential proving it's you. It also outlines how agents authorize a specific action, within a scope you define and can revoke.

We created x401 and have been collaborating on the protocol with identity leaders across OpenAI, Visa, Okta, Circle, Lightspark, MATTR, and many others across payments, cloud services, and more. We're releasing it as open protocol because the problem it solves is bigger than any one company. We’ll be submitting it to the FIDO Alliance and will continue its advancement with the industry at large.

AI is eroding trust everywhere. Deepfakes are industrializing impersonation. Agentic commerce is creating accountability gaps that existing systems were never designed to fill. We can build the best identity infrastructure in the world, but without a standard for how agents present that infrastructure to the services they're interacting with, everything stays fragmented. x401 is the standard. And we're inviting every major AI lab, agentic infrastructure company, payments provider, or identity provider to build on it.

What this unlocks

Every high-value interaction on the internet has an identity infrastructure problem. The answer isn't a better ID scanner or fraud detection software. We can't solve an infrastructure problem with point solutions. We solve it with real infrastructure.

Consider what happens when every transaction can carry a verifiable assertion of who authorized it:

• A pharmacist filling a prescription for a controlled substance can verify that the patient who authorized the refill is the patient on file.
• A 401k provider processing a withdrawal can verify that the account holder, not an agent gone rogue, initiated the transfer.
• A hiring manager onboarding a remote employee can verify that the person showing up to their first day is the person who interviewed on video.
• Real estate wire fraud disappears because the identity of every party is cryptographically bound to every document.

These are not niche use cases. They represent the most important and valuable aspects of commerce and human life. And they all require the same thing: the ability to know, with cryptographic certainty, that a specific verified human is behind a specific action.

Proof now supports x401, but we didn't build x401 to lock people into our products.

We created it because the future of the internet needs an open standard to ask for and verify the identity behind agents. We are going to compete hard on the quality of our infrastructure, on our certificate authority, on our developer experience, on the breadth of what our platform covers. That's where competition belongs. x401 belongs to everyone.

If you're an AI company and believe (like us) that agents can only go mainstream if the humans behind them can be verified, come build with us. Join the x401 community, follow @x401id , and help build what the internet was always missing.

- Pat (and team)