AI Agents for Security in Mobile Ecosystems: Building Interoperability for the EU Market
Jun 18, 2026Artificial Intelligence / Digital Trust / Digital Trust StoriesA new generation of Artificial Intelligence (AI) assistants has moved beyond the cloud and the single application. These systems now operate directly on the device and act on the user's behalf. The European Commission is reshaping that access from two directions at once. The Digital Markets Act is compelling dominant platforms to open their systems to competing AI services, while the Cyber Resilience Act is making security a legal condition for placing any connected product on the EU market.
For organizations that develop connected or AI-enabled products, this creates a single, pressing question: how can they embrace that openness without weakening the security that the same market now requires?
The Two Regulations Behind the Shift
The Digital Markets Act (DMA) regulates the largest digital platforms, the gatekeepers through which most products and services must pass. Its objective is competition: it requires these gatekeepers to allow third parties to interoperate with the capabilities their platforms control, enabling competitors to compete on equal terms. In the mobile context, this increasingly entails opening system-level features to external AI agents, with binding interoperability measures being specified through 2026.
The Cyber Resilience Act (CRA) addresses the same products from the perspective of security. It establishes cybersecurity as a legal precondition for placing any product with digital elements on the EU market: such products must be secure by design, minimize their attack surface, manage vulnerabilities responsibly, and demonstrate conformity before they may bear the CE marking. The CRA's obligations take effect in phases through 2027, and the supporting technical detail is currently being defined in harmonized standards.
Considered individually, each regulation is coherent. The difficulty arises when both apply to the AI agents security simultaneously, specifically, the situation created by an AI agent operating on a mobile device.
What an AI Agent Really Is
To understand why, it is worth being precise about what today's assistants have become. A conventional application waits for input and responds within a fixed boundary. An agentic assistant goes considerably further: it observes its environment, reasons about it, and performs actions on the user's behalf - for example, reading the screen, processing voice commands, drafting responses, completing purchases, and even authorizing payments. To do so, it must reach into areas of the device that ordinary applications never access:
This breadth of access is what makes an agent valuable. It is also why an agent represents a fundamentally different security proposition from a conventional application: rather than operating within a fixed perimeter, it pursues objectives and the margin between achieving an objective and exceeding it can be very narrow.
Where the Problem Lies: Core Challenges Facing AI Agents for Security
This is where the two regulations come into direct conflict in the context of AI agents for security. The DMA seeks to open these powerful capabilities to third-party agents, whereas the CRA seeks to keep the device's exposure to a minimum. An agent sits precisely at this contradiction, and the potential consequences are tangible. An assistant that has been compromised, or simply built without adequate security measures, could initiate transactions, alter settings, or exfiltrate data with no visible indication to the user.
What differentiates a trustworthy agent from a harmful one is not its feature set, but the restrictions placed on the actions it may take autonomously, together with the ability to demonstrate that those constraints hold.
The essential task, therefore, is not to choose between competition and security for AI agents, but to sequence them appropriately: define the safeguards for a given capability, verify them independently, and only then enable access. Opening capabilities first and adding protection later is how this risk becomes incidents; establishing the limits in advance is how interoperability and security come to reinforce one another rather than work against each other.
What Secure Interoperability for AI Agents for Mobile Looks Like
Achieving access without undue exposure rests largely on six design choices. None are new to security engineering; what is new is the need to apply them deliberately to an autonomous agent operating on a mobile device. Each one addresses a specific failure mode:
How to Get Ready
Preparing AI agents for security and specially for these requirements is more manageable than it may appear. It rests on a single principle: security must be demonstrated, not merely claimed, and confirmed by an independent party. In practice, three steps put your organization on solid ground:
- Map your sensitive touchpoints: list every capability your product opens or relies on, including screen content, audio, sensors, automation, and shared data.
- Assess the gap: compare your product against the CRA's requirements and the emerging harmonized standards, while there is still time to act on the findings.
- Build in auditability: add the logging, isolation, and limits on autonomous actions that an external assessor can verify.
This is where DEKRA steps in. As an independent testing, inspection, and certification company, we work alongside manufacturers at each of these steps and through to certification. For a century, DEKRA has supported organizations in bringing new technology to market safely. As your independent partner for Digital Trust, we turn the complexity of the upcoming regulations like into a clear path to compliance - so you can bring safe, secure and compliant agentic AI to the European market with confidence.