The next generation of AI assistants are being developed by Apple’s ecosystem and chipmakers such as Qualcomm, but early reports suggest they are being designed with limitations.
Tom’s Guide explains that early versions of these assistants will be able to interact with apps, make reservations, and manage tasks within the service. For example, a private beta agent system completes tasks such as booking a service or posting content to the app. In one test, it went through the app’s workflow and reached the payment screen before asking the user for confirmation.
AI agents are built with authorization checkpoints. Sensitive actions, especially those related to payments or account changes, require user confirmation before they can be completed. In a “human-involved” model, the system can prepare the action, but approval is left to the user. Research related to Apple’s AI research looks at how to ensure that the system pauses before taking actions that the user has not explicitly requested.
Bank apps already require confirmation of transfers. The same idea is now being applied to AI-driven actions across multiple services.
limits and controls
The control layer comes from restricting what the AI can access. Rather than giving systems full access to apps and data, companies are putting limits on things like which apps AI can interact with and when it can trigger actions.
In practice, this means that the AI can draft a purchase or prepare a reservation, but cannot finalize it without approval. This also means that the system cannot move freely across all services unless permission is granted.
According to Tom’s guide, this facility is meant to provide privacy. When your data remains on your device, there is no need to send sensitive information to external servers.
In areas such as payments, AI systems are expected to work with partners who already have strict rules in place. In reported instances, payment provider services have been integrated to provide secure authentication before transactions are completed, although such safeguards are still under development. Existing systems serve as an additional layer of monitoring. You can set transaction limits or require additional validation.
Much of the discussion around AI governance focuses on enterprise use. This includes areas such as cybersecurity and large-scale automation. Another challenge arises on the consumer side, where businesses must design controls that work for everyday users. This means clear authorization steps and built-in privacy protections.
Bounded autonomy
As AI gains the ability to perform actions, the risks increase as errors can lead to financial losses and data breaches.
Companies are trying to manage those risks by putting controls in place at multiple points, including authorizations and infrastructure.
This approach could shape how agentic AI is developed in the near term. Rather than aiming for complete independence, companies seem to be focusing on a controlled environment where they can manage risk.
(Photo provided by Lee Jun-sung)
See also: Agentic AI governance challenges under the EU AI Act 2026
Want to learn more about AI and big data from industry leaders? Check out the AI & Big Data Expos in Amsterdam, California, and London. This comprehensive event is part of TechEx and co-located with other major technology events. Click here for more information.
AI News is brought to you by TechForge Media. Learn about other upcoming enterprise technology events and webinars.
