When was the last time you bought something using AI?
Last week? Yesterday? This morning?
Now imagine you didn’t do any of it. Your AI assistant found the product, compared the prices, checked the reviews, and completed the purchase. All while you were drinking your morning coffee.
That world isn’t coming. It’s already here. And it raises a question that very few people are asking, but everyone should be: who controls the agent?
When an AI is shopping on your behalf — spending your money, handing over your data — who’s making sure it’s safe? Who’s making sure it’s even really you?
That’s the question I put to Andrew Dunbar in the very first episode of The Control Layer.
Andrew is the Chief Information Security Officer at Shopify. He joined as their first security hire in 2012 and has spent 14 years building the trust infrastructure behind a platform that now powers commerce for over 875 million buyers a year — roughly one in six people on the internet.
What We Cover
The new perimeter. The browser used to be the security boundary. The padlock icon, the HTTPS warning, the cookie consent pop-up — all of it was designed to keep humans in the loop. In the agentic world, the browser is gone. So what replaces it?
The Universal Commerce Protocol. In January 2026, Shopify and Google co-launched UCP — an open protocol that defines how AI agents, merchants, credential providers, and payment processors should interact. Andrew walks through the four roles, why it’s open rather than proprietary, and how cryptographic signing means a compromised agent can’t complete a fraudulent transaction even if the platform or the merchant has been breached.
The mobile OS analogy. Andrew makes a point that stuck with me: mobile operating systems got to learn from every mistake desktop ever made. Containerisation, permissioning, isolation — all built in from day one. Agentic AI is that same generational leap. We have a chance to build trust in from the start rather than bolting it on later.
The 15x signal. Shopify has seen a 15x year-over-year increase in agentic shopping leading to actual purchases. This isn’t theoretical. The shift is happening now, and the security architecture needs to move just as fast.
What every CISO should be doing today. Andrew’s advice is direct: deploy phishing-resistant MFA everywhere, audit how your vendors are using AI, and start instrumenting decisions — not just infrastructure. Chain-of-thought logging gives you something you’ve never had before: the ability to ask an agent what were you thinking when you did that?
This was a conversation I’ve wanted to have for months, and Andrew delivered. Whether you’re a founder, a security professional, a product builder, or someone who’s just started letting AI do your shopping — this episode is worth your time.
Listen Elsewhere
🎧 Apple Podcasts —
🎧 Spotify —
📺 YouTube —
If this is the kind of conversation you want more of — AI, cybersecurity, trust, and the people building the systems that sit between you and the machine — subscribe to The Control Layer. New episodes dropping regularly.
— Amer Altaf, Founder & CEO, Arkava
