The merchant recognition problem
Merchants and edge providers have historically treated automated traffic as bots to challenge or block. Agentic commerce needs a way to distinguish a registered commerce agent from scraping, credential abuse, or malicious automation before checkout begins.
Recognition is not authorization. A signed request can identify an approved agent and bind message context, while separate evidence still needs to show that the consumer authorized the exact purchase.
Visa Trusted Agent Protocol
Visa’s Trusted Agent Protocol uses HTTP Message Signatures and registered public keys so merchants can verify approved agent requests. The specification describes browsing and payment interactions, message freshness, agent and consumer recognition signals, and ways to carry payment information.
Merchants retrieve the relevant public key, reconstruct and verify the signature, validate time windows and context, and then apply their own policy. Adoption can occur at merchant or infrastructure layers, but merchants remain responsible for deciding what verified signals permit.
Mastercard Agent Pay and agentic tokens
Mastercard Agent Pay extends network tokenization to agent-led transactions. Agentic tokens are intended to identify approved agents and carry constrained payment authority without exposing a reusable primary account credential to the agent.
Mastercard’s later Agent Pay for Machines announcement targets always-on, high-frequency and low-value system transactions, with credentialing, permissioning, and multi-rail settlement concepts. Treat announced capabilities and partner participation as an evolving program rather than universal production availability.
Why existing rails remain relevant
Cards bring broad merchant acceptance, issuer risk controls, authorization and capture semantics, refunds, and dispute processes. Agentic tokens and signed agent traffic can add context without asking every merchant to accept a new asset or operate a wallet.
The tradeoff is dependence on network enrollment, token provisioning, issuer and acquirer support, established fee structures, and regional availability. Machine-scale micropayments may require different economics or batching than ordinary card transactions.
What merchants should evaluate
Ask how agent identity reaches your edge, whether consumer and transaction intent are separately represented, how tokens are scoped, which checkout fields change, what fraud and chargeback signals are available, and which markets and partners are actually live.
- Verify signed requests against current keys and reject stale or replayed messages.
- Preserve agent indicators in order, fraud, payment, and support systems.
- Do not reduce fraud controls solely because the agent is registered.
- Bind the presented token or credential to the approved transaction context.
- Test refunds, disputes, partial fulfillment, and customer support—not only authorization.
Source discipline
Primary sources
Product status and protocol behavior are checked against maintainer documentation. Company sources establish what their organizations publish; they do not independently prove adoption or performance.