Agentic Commerce: Who Pays?

The rise of autonomous AI agents capable of transacting on behalf of users represents a fundamental paradigm shift in digital commerce. This paradigm shift invalidates the core assumption of human presence underpinning the digital payments infrastructure, creating a crisis of trust that demands a new architectural foundation. When an autonomous agent initiates a payment, it raises critical challenges to the existing system, creating an urgent need to answer three foundational questions: 

• Authorization (how to verify user-delegated authority)
• Authenticity (how to ensure the agent's request reflects true user intent)
• Accountability (who is responsible for an incorrect or fraudulent transaction).

Without clear standards, the ecosystem risks fragmentation and a crisis of confidence that could stifle adoption.

In this article I'll provide a comparison of four prominent protocols designed to address these challenges: the Agent Payments Protocol (AP2), the Agentic Commerce Protocol (ACP), the Trusted Agentic Commerce Protocol (TACP), and the x.402 protocol. Each offers a distinct philosophy and technical approach to enabling the future of AI-driven commerce.

Protocol Deep Dive: Agent Payments Protocol (AP2)

The Agent Payments Protocol (AP2) is an open protocol initiated by Google and a broad consortium of over 60 industry leaders. It represents an ambitious effort to establish a universal, payment-agnostic framework that ensures security, interoperability, and trust across the entire emerging agent economy. Its strategic importance lies in its ambition to prevent a fragmented ecosystem of proprietary solutions by establishing a universal, payment-agnostic language for any compliant agent to transact securely with any compliant merchant globally.

Core Principles and Strategic Goals

AP2 is founded on five core principles that directly address the foundational questions of agentic commerce:

• Openness and Interoperability: As a non-proprietary, open extension for the Agent2Agent (A2A) and Model Context Protocol (MCP) frameworks, AP2 is designed to foster a competitive and innovative ecosystem, ensuring broad merchant reach and user choice rather than locking participants into a single proprietary solution.
• User Control and Privacy: This principle directly addresses Authorization by ensuring the user is always in control. The protocol is architected with privacy at its core, using a role-based structure to protect sensitive payment details and confirm the user's ultimate authority over the agent's actions.
• Verifiable Intent, Not Inferred Action: This principle directly tackles the challenge of Authenticity. AP2 anchors trust in deterministic, non-repudiable cryptographic proof of the user's intent, mitigating the risks of agent error or AI "hallucinations."
• Clear Transaction Accountability: To solve for Accountability, AP2 provides a non-repudiable, cryptographic audit trail for every transaction. This chain of evidence is designed to aid in dispute resolution and build confidence among all participants, from users and merchants to payment issuers.
• Global and Future-Proof: AP2 is designed as a global foundation to support not only common "pull" payments like credit cards but also the "push" payments (e.g., UPI, PIX) and digital currencies that are critical in international markets. This forward-looking scope positions it as a durable, long-term standard.

Technical Architecture and Key Concepts

AP2's core technical mechanism for engineering trust is the use of Verifiable Digital Credentials (VDCs). These are defined as tamper-evident, cryptographically signed digital objects that serve as the data payloads agents create and exchange. The protocol specifies three primary VDCs that map to a transaction's lifecycle:

• Intent Mandate: In a "human-present" flow, this captures the initial request (e.g., "Find me running shoes"). In a "human-not-present" flow, it serves as a more detailed, pre-authorized contract, capturing user-defined constraints (price limits, timing, etc.) that empower the agent to act autonomously later.
• Cart Mandate: In "human-present" scenarios, this VDC secures the user's explicit, final authorization for a specific cart, including the exact items and price. In "human-not-present" scenarios, the agent can automatically generate this mandate on the user's behalf once the conditions specified in the Intent Mandate are met.
• Payment Mandate: This is a separate VDC shared with the payment network to signal that an AI agent was involved in the transaction and whether the user was present, providing crucial context for risk assessment.

The protocol is designed as an extension for the open-source Agent2Agent (A2A) and Model Context Protocol (MCP) frameworks, allowing it to function within a larger ecosystem of agent communication and collaboration standards.

Sponsorship and Ecosystem

Google is the primary sponsor and developer of the AP2 protocol. It has launched with a diverse and extensive ecosystem of over 60 partners, demonstrating a strategy focused on building broad industry consensus. This coalition includes representatives from across the commerce landscape:

• Payment Networks & Providers: Adyen, American Express, Mastercard, PayPal, Stripe, Worldpay
• Technology & Enterprise Platforms: Salesforce, ServiceNow, Adobe, Intuit
• Web3 & Crypto: Coinbase, Mysten Labs, MetaMask
• Merchants & Commerce: Etsy

AP2's focus on creating verifiable, cryptographic proof of user intent provides a comprehensive security framework.

Protocol Deep Dive: Agentic Commerce Protocol (ACP)

The Agentic Commerce Protocol (ACP) is a joint initiative developed and maintained by Stripe and OpenAI. Its strategic importance stems from a pragmatic focus on making existing business checkouts "agent-ready." By providing a standard for programmatic commerce flows, ACP aims to enable seamless transactions directly within AI agent applications, allowing merchants to tap into a new channel of high-intent buyers without overhauling their current infrastructure.

Core Principles and Strategic Goals

ACP's design is guided by principles that prioritize ease of adoption and merchant control:

• Open Source: The protocol is developed under an Apache 2.0 license, allowing any business, AI platform, or payment processor to implement the specification and participate in the ecosystem.
• Built for Businesses: A core goal is to ensure merchants maintain their customer relationships and remain the merchant of record. ACP gives businesses control over which products can be sold and how orders are fulfilled, integrating with their existing commerce backend.
• Supports Complex Flows: The protocol is designed to be flexible, supporting various commerce types including physical goods, digital products, subscriptions, and asynchronous purchases.

These principles combine to support the primary strategic goal of allowing merchants to reach customers on emerging AI platforms like ChatGPT while leveraging their existing technology and maintaining control over the customer experience.

Technical Architecture and Key Concepts

ACP's technical approach is centered on businesses implementing an open specification that configures their checkout for agent interaction. This design emphasizes compatibility with existing technology stacks, including traditional REST APIs and the Model Context Protocol (MCP).

The protocol's security model is built on the use of secure payment tokens. Rather than exposing underlying payment credentials, a secure token is passed from the buyer to the business through the AI agent. This allows for PCI-compliant transactions while protecting sensitive financial data. Crucially, this model provides merchants with ultimate control; businesses can choose to accept or decline transactions on a per-agent, per-transaction, or custom logic basis.

Sponsorship and Ecosystem

Stripe and OpenAI are the primary developers and maintainers of the protocol. Its ecosystem strategy is anchored by the powerful synergy of these two launch partners, designed to create a production-ready solution from day one.

• OpenAI is the first AI platform to implement ACP, enabling Instant Checkout in ChatGPT.
• Stripe is the first compatible Payment Service Provider (PSP), offering its Shared Payment Token as a ready-made solution for businesses on its platform.

ACP's goal is to streamline agent-based transactions by adapting to existing merchant systems.

Protocol Deep Dive: Trusted Agentic Commerce Protocol (TACP)

The Trusted Agentic Commerce Protocol (TACP) is an open standard proposed by Forter, a company specializing in digital commerce trust. Its strategic importance lies in its security-first design, which is specifically engineered to solve the critical challenges of agent authentication, fraud prevention, and merchant data loss that currently hinder the widespread adoption of agentic commerce.

Core Principles and Strategic Goals

TACP's stated goals are explicitly focused on establishing a foundation of trust for all participants:

• Allowing participants to authenticate each other to verify an agent's identity and its relationship to the user.
• Enabling merchants to maintain rich customer data, preventing the data disintermediation that can occur when agents mediate transactions.
• Helping to prevent fraud by providing verifiable identity signals that allow merchants to differentiate legitimate agent activity from malicious bots.
• Creating a better, more personalized, and secure user experience.

The protocol's core mission is to provide merchants with the signals they need to trust agent-driven transactions, thereby avoiding the need to block potentially valuable agent traffic and preventing the loss of crucial customer data.

Technical Architecture and Key Concepts

TACP's security foundation relies on robust, web-native cryptographic standards. Its most powerful features are its bi-directionality and rich data schema, designed to preserve the full context of a transaction.

• Its core mechanism is JWS+JWE, which combines JWT signatures (JSON Web Signatures) for authentication with JSON Web Encryption for confidentiality. This ensures that transmitted data is both verifiable and private.
• Public key distribution is handled via the standard mechanism of JSON Web Key Sets (JWKS), which are published at a well-known endpoint (.well-known/jwks.json) for easy discovery.
• The protocol is bi-directional, allowing both sending and receiving of encrypted data. This enables advanced use cases like agents requesting reverse auctions for best pricing or merchants pushing order, dispute, and shipping updates back to the agent or user.
• It provides a rich suggested schema to preserve the critical data merchants fear losing. This includes detailed information across the transaction lifecycle, such as session.id, intent.goal, user.email (with verification status), and consent.permission to buy. This structured data allows for high-fidelity risk assessment and personalization.

Sponsorship and Ecosystem

Forter is the primary sponsor and author of the protocol. The company is pursuing a collaborative approach, issuing a call for merchants, developers, and partners to contribute to the evolution of the open standard. Notably, Forter is also listed as a collaborator on Google's AP2 initiative, indicating a cooperative stance within the broader ecosystem.

TACP's deep focus on verifiable identity and security provides a robust solution for fraud prevention and data preservation.

Protocol Deep Dive: x.402 Protocol

The x.402 protocol is an open standard developed by Coinbase, positioned as an internet-native payment rail built directly on top of the Hypertext Transfer Protocol (HTTP). Its strategic importance lies in its mission to fix what it views as a fundamentally flawed system of internet payments. By activating a dormant part of the internet's core infrastructure, x.402 aims to create a payment rail that is "amazing for both humans and AI agents," enabling frictionless, low-cost, and programmatic payments as a fundamental alternative to high-friction credit cards and ad-based models, particularly for the emerging micropayment economy.

Core Principles and Strategic Goals

The x.402 protocol is guided by a philosophy of simplicity, openness, and utility for developers:

• Open Standard: The protocol is not tied to any centralized provider and encourages broad community participation and extension.
• HTTP Native: x.402 is designed to seamlessly complement existing web services by working with standard HTTP headers and status codes, avoiding the need for additional requests.
• Chain and Token Agnostic: It is a neutral standard that is not tied to a specific blockchain or token, welcoming contributions to add support for new chains.
• Trust Minimizing: The design ensures that neither a facilitator nor a resource server can move funds outside of the client's stated intentions.
• Easy to Use: A primary goal is to abstract the complexities of crypto away from developers, enabling them to accept digital payments with as little as one line of code.

The protocol's main objective is to power new forms of digital commerce, particularly micropayments for API calls, data access, and content consumption.

Technical Architecture and Key Concepts

The protocol's novel technical foundation is its use of the dormant HTTP 402 Payment Required status code. This existing but rarely used code is repurposed to signal that a resource requires payment.

The payment flow is straightforward:

1. A server responds to a request with a 402 Payment Required status and a PaymentRequirements object detailing the cost and accepted payment methods.
2. The client then resubmits the request, including a payment payload in a new standard header, X-PAYMENT.
3. A facilitator server can be used by the resource server to verify the payment and settle the on-chain transaction, abstracting away the complexity of interacting directly with a blockchain.

Sponsorship and Ecosystem

Coinbase is the primary sponsor of the x.402 protocol. While it is a powerful standalone standard for developers, it has also demonstrated its utility as a component technology within the broader agentic commerce ecosystem. It has been integrated into Google's AP2 as the A2A x402 extension, a production-ready solution for agent-based crypto payments. This extension is designed specifically to power stablecoin payments for agents, showcasing both x.402's utility and AP2's modularity.

x.402's unique position as a lightweight, HTTP-native payment rail for micropayments sets it apart from the more comprehensive transaction frameworks offered by the other protocols.

Comparative Analysis: A Strategic Overview

While all four protocols aim to facilitate AI-driven commerce, they approach the problem from different angles and solve for different core challenges. Strategically, merchants should not view these protocols as mutually exclusive choices but as layers of a potential agentic commerce stack. A retailer might implement ACP for rapid checkout integration into ChatGPT, while simultaneously using TACP to verify agent identity and pass rich data to their fraud-prevention systems, all while ensuring their payment provider is compliant with the broader AP2 framework.

Feature and Philosophy Matrix

The following table provides a high-level comparison of the four protocols across key strategic and technical dimensions.

Ecosystem and Adoption Strategy

Each protocol is pursuing a distinct go-to-market and ecosystem-building strategy that reflects its core philosophy.

• AP2 (Broad Consortium): AP2's strategy is to build a wide, open coalition of over 60 diverse partners across payments, technology, and retail. This approach aims to establish a universal standard through broad industry consensus and collaboration, positioning AP2 as a foundational layer for the entire agent economy.
• ACP (Focused Partnership): ACP launched with a powerful, tightly integrated partnership between a leading payments provider (Stripe) and a leading AI platform (OpenAI). This strategy is designed to create immediate, production-ready value for merchants and developers, driving adoption through a compelling, out-of-the-box solution.
• TACP (Expert-Driven Proposal): TACP's strategy is that of an open standard proposed by a domain expert (Forter) to solve a specific, critical industry problem: trust and fraud. It seeks to build a community of merchants, developers, and partners around this targeted solution, leveraging its deep expertise to gain credibility and traction.
• x.402 (Developer-Centric Adoption): x.402 is pursuing a grassroots adoption model by targeting developers with an easy-to-use, open-source tool for a specific need (micropayments). Its simplicity is designed to encourage experimentation and bottom-up adoption, with the potential to be integrated into larger systems, as demonstrated by its inclusion in AP2.

Strategic Implications for Retailers and Brands

For retailers and brands, the emergence of these protocols is not merely a technical development but a critical strategic consideration for the future of customer engagement and sales. Understanding their distinct approaches is essential for making informed decisions about how to participate in the agentic commerce ecosystem.

Addressing Core Merchant Concerns

The protocols provide different answers to the most pressing questions merchants face in the agentic era.

• Customer Disintermediation and Data Loss: This is a primary concern for merchants who have invested heavily in understanding their customers. TACP is explicitly designed to solve this by providing a bi-directional mechanism to maintain rich, verifiable customer data throughout the transaction. Similarly, ACP ensures that businesses remain the merchant of record and maintain their customer relationships. AP2 approaches this by creating a trusted framework where this data can be securely and verifiably exchanged between authenticated parties.
• Fraud and Accountability: As agents begin to transact, the risk of sophisticated fraud increases. AP2 addresses this by creating a non-repudiable, cryptographic audit trail through its Mandate system, providing clear proof of user authorization. TACP tackles this with a deep focus on identity verification, leveraging rich data signals to help merchants differentiate legitimate agents from fraudulent bots with high precision.
• Integration Complexity and Control: ACP offers a low-friction, rapid path to market by adapting to existing REST APIs, making it ideal for merchants prioritizing speed and minimal disruption. Conversely, AP2's VDC-based architecture demands a deeper integration effort but provides a more robust, cryptographically non-repudiable foundation for high-stakes or complex delegated tasks. ACP's model also explicitly allows merchants to accept or decline transactions based on their own internal logic, preserving their sovereignty.

Unlocking New Commerce Models

Beyond mitigating risks, these protocols enable entirely new commercial opportunities for brands.

• The vision for AP2 includes "smarter shopping" and "personalized offers." For example, a user's agent could be authorized to automatically purchase an out-of-stock item the moment it becomes available, capturing a sale that might otherwise be lost. A merchant's own agent could create a custom, time-sensitive bundle for a customer based on their stated intent (e.g., a bicycle and accessories for an upcoming trip), turning a simple query into a more valuable sale.
• By integrating with a protocol like ACP, brands can capture high-intent sales directly within AI interfaces. A conversational query in a platform like ChatGPT can be converted into a direct transaction, transforming conversational AI from a research tool into a powerful new point of sale.

The choice of which protocol or combination of protocols to adopt will depend on a brand's strategic priorities, whether they are focused on immediate channel expansion, long-term security infrastructure, or fraud prevention.

Conclusion and Future Outlook

The protocols for agentic commerce are not merely competitors but represent a developing ecosystem of solutions that address different layers of a complex challenge. This analysis shows they are largely complementary: AP2 is building a universal framework for payment security and interoperability; ACP is focused on streamlined checkout integration for existing merchants; TACP provides a deep layer of identity and trust to combat fraud and data loss; and x.402 enables a new paradigm of programmatic micropayments.

The future of this market will likely involve a combination of collaboration, integration, and competition. The partnership between AP2 and x.402 to enable crypto payments already demonstrates a model where protocols can interoperate to provide more comprehensive solutions. As the agentic economy matures, we can expect to see further convergence as standards are refined and best practices emerge from real-world implementation.

For enterprises standing at the edge of this new commercial landscape, inaction is not an option. Understanding this protocol landscape is the immediate, critical prerequisite for designing a competitive commerce strategy in the age of autonomous agents.