Start here
What are agentic payments?
Agentic payments are transactions that an AI agent prepares, authorizes, initiates, or completes on behalf of a person or organization under explicit constraints. The agent may discover a product, negotiate a choice, assemble a cart, select a rail, present a scoped credential, and record the result. Financial authority remains bounded by policy rather than inferred from the model’s confidence.
The useful definition is broader than autonomous checkout and narrower than ordinary payment automation. A recurring card charge is automated but not necessarily agentic. An AI assistant recommending a product is agentic but not a payment. The category begins where adaptive software participates in a transaction while carrying or invoking delegated authority.
An agentic payment is not an AI clicking “Pay.” It is a verifiable chain from intent to authority to transaction to outcome.
The six-layer operating model
Most confusion comes from treating agentic payments as one protocol. In practice, a complete system spans discovery, identity, authority, execution, settlement, and assurance. Different standards solve different slices, and those slices have to be joined by durable identifiers and evidence.
| Layer | Question | Representative mechanisms |
|---|---|---|
| Discovery | What can be bought, from whom, and on what terms? | Catalogs, UCP, ACP, merchant APIs, MCP tools |
| Identity | Which agent and principal are involved? | Agent registries, HTTP signatures, wallet addresses, network credentials |
| Authority | What did the principal permit? | Mandates, scoped tokens, spend rules, step-up approval |
| Execution | How is the payment presented? | Cards, bank APIs, stablecoins, x402, MPP |
| Settlement | When and where does value become final? | Processor capture, bank settlement, onchain confirmation, batching |
| Assurance | Can the result be explained and remediated? | Receipts, fulfillment events, refunds, disputes, audit logs |
Where AP2, x402, MCP, and card networks fit
Google’s AP2 centers on cryptographically signed mandates that preserve user intent and transaction authorization across agents and merchants. Coinbase x402 centers on an HTTP-native payment challenge and stablecoin settlement flow. MCP exposes tools and resources but is not itself a payment rail. Visa and Mastercard are developing recognition, tokenization, and network controls for trusted agents using existing commerce infrastructure.
These approaches are complementary more often than they are substitutes. An MCP tool can be payment-gated with x402. An AP2 mandate can authorize a card or stablecoin payment. A recognized agent can still be denied by merchant policy. A settled transaction can still require fulfillment, a refund, or a dispute process.
| System | Primary job | Does not replace |
|---|---|---|
| AP2 | Intent, mandate, authorization evidence | Discovery, payment rail, full post-purchase operations |
| x402 | HTTP payment challenge, verification, settlement | User-intent evidence, universal refund and dispute handling |
| MCP | Tool and resource interoperability | Authorization policy or settlement |
| Visa / Mastercard approaches | Agent recognition, tokenized credentials, network controls | The agent’s planning and commerce workflow |
| ACP / UCP | Catalog, cart, checkout, and order state | Independent proof of financial authority |
The production test
A system is not production-ready because a demo completed one payment. It is ready when operators can answer the hard questions after the happy path disappears: Which principal authorized this? What exact data did the agent see? Which policy version allowed it? Was the request replayed? Did the rail settle? Was the item fulfilled? Can the user obtain a refund? What happens if the agent, seller, or facilitator is unavailable?
The minimum control plane combines policy evaluation, isolated credentials, idempotency, replay protection, transaction simulation where available, durable receipts, reconciliation, anomaly detection, and a clear recovery path. Observability must follow business identifiers across systems instead of ending at a model trace or blockchain hash.
Payment success is a state transition, not the end of the transaction.
Where to go next
Start with the architecture if you are designing a platform, authorization if you own policy, x402 or AP2 if you are evaluating protocols, and merchant readiness if you operate the acceptance side. The landscape report tracks how the pieces are converging without pretending the market has already standardized.
- Architecture: map system boundaries and identifiers.
- Authorization: design mandates, budgets, and step-up rules.
- Protocols: compare responsibility, maturity, rails, and evidence.
- Build guide: move from demo to an auditable implementation.
- Glossary: align teams on terms before choosing vendors or standards.
Source discipline
Primary sources
Product status and protocol behavior are checked against maintainer documentation. Company sources establish what their organizations publish; they do not independently prove adoption or performance.
- Announcing Agent Payments Protocol (AP2)Google Cloud ↗
- Agent Payments Protocol repositoryGoogle Agentic Commerce ↗
- Developer’s guide to AI agent protocolsGoogle Developers Blog ↗
- Welcome to x402Coinbase Developer Platform ↗
- Agentic payments in the Agents SDKCloudflare Developers ↗
- Trusted Agent Protocol overviewVisa Developer Center ↗
- Mastercard unveils Agent PayMastercard Newsroom ↗
- Agentic commerceStripe Documentation ↗