AP2: engineering trust into autonomous agent transactions. How payment protocols must evolve for agentic commerce and machine customers..
| Dimension | Traditional UX | Agentic Experience Design (AXD) |
|---|---|---|
| Primary material | Attention and affordance | Trust and delegation |
| User state | Present, navigating | Absent, delegating |
| Design output | Screens and interfaces | Outcomes and constraints |
| Temporal model | Session-based | Relationship-based |
| Success metric | Task completion | Trust calibration |
Agent payments in agentic commerce involve autonomous AI systems executing financial transactions on behalf of humans. This requires new payment infrastructure including agent identity verification, delegated spending authority, transaction limits, and real-time authorisation protocols. The agent must prove it has authority to spend, and the payment system must verify this authority.
The Agent Payments Protocol (AP2) is a conceptual framework for enabling autonomous AI agents to conduct financial transactions. It addresses identity verification (proving the agent is authorised), scope enforcement (spending limits and merchant restrictions), auditability (transaction logging), and dispute resolution (handling errors when agents transact incorrectly).
Agent payments in agentic commerce involve autonomous AI systems executing financial transactions on behalf of humans. This requires new payment infrastructure including agent identity verification, delegated spending authority, transaction limits, and real-time authorisation protocols. The agent must prove it has authority to spend, and the payment system must verify this authority.
The Agent Payments Protocol (AP2) is a conceptual framework for enabling autonomous AI agents to conduct financial transactions. It addresses identity verification (proving the agent is authorised), scope enforcement (spending limits and merchant restrictions), auditability (transaction logging), and dispute resolution (handling errors when agents transact incorrectly).
Introduction: When Agents Reach for the Wallet Every protocol we have examined so far in this series - This is not a minor gap. It is the gap. The entire promise of Today's payment systems are built on a foundational assumption: a human is clicking "buy" on a trusted website. Authentication, authorisation, fraud detection, liability assignment - every layer of the payments stack presupposes direct human involvement. When an autonomous agent initiates a purchase, this assumption collapses. The card networks do not know whether the agent is acting on genuine instructions or hallucinating a purchase. The merchant cannot verify that the agent has authority to spend. The issuing bank has no framework for assessing the risk of a transaction initiated by software rather than a person. The implications for The AP2 specification opens with a clear statement of the problem: "Today's payment systems assume a human is directly clicking 'buy' on a trusted website. When an autonomous agent initiates a payment, this core assumption is broken." This is not hyperbole. It is a precise description of a structural vulnerability that affects every participant in the payments ecosystem. The trust gap manifests in three critical questions that current systems cannot answer. First, Without a protocol to address these questions, the AP2 specification warns, the industry faces "a patchwork of proprietary, closed-loop solutions" - large retailers building bespoke integrations, payment providers creating siloed ecosystems, and small merchants locked out entirely. This fragmentation would be devastating for users (inconsistent experiences), merchants (high integration costs), and the payments ecosystem (inability to assess fraud consistently). AP2 exists to prevent this outcome by providing a common, open standard. AP2 solves the trust gap through a role-based architecture that separates concerns with surgical precision. Rather than treating an agent-initiated transaction as a single opaque eve