The rising wave of AI agents is reaching e-commerce and payments. Major players such as Stripe, Shopify, Visa, Mastercard, Google, as well as new entrants, are trying to answer a simple question: how will online purchases look in the age of AI agents?

Let’s imagine how this could work. Instead of going to a seller’s website or a marketplace, you interact with your preferred AI agent and tell it what you want to buy. The agent then browses known shopping catalogues using an MCP server or contacts seller agents to negotiate deals via the A2A protocol. Once it finds suitable offers, the agent presents them to you in its native UI and asks you to confirm your choice. After confirmation, it reaches into your wallet—like Apple Pay or Google Pay—extracts secure payment credentials, and uses them to pay through an AI-enabled gateway. All of this happens via the ACP or AP2 protocols.

This scenario isn’t far-fetched, and it changes not only the user experience but also the underlying technology that powers it.

Key Technologies Powering Agentic Commerce

I’ve already mentioned several key protocols that can support such a scenario. Let’s review them in more detail.

Model Context Protocol (MCP)

MCP is a standard that allows LLMs to interact with data sources, tools, or services. It’s one of the more mature protocols in this space. Your LLM can use it to query SQL databases, interact with third-party services (calendars, email, booking APIs), or connect to internal systems. An MCP server exposes a service as either a resource (read access) or a tool (execution). LLMs understand how to use them via provided annotations. MCP is transport-agnostic and can run over HTTP, local files, WebSockets, and more. Security is fully controlled on the server side and must be done correctly.

Agent2Agent Protocol (A2A)

A2A provides a standard way for agents to collaborate with other agents, “uniting” agents from different vendors into a single network. Originally developed by Google and now donated to the Linux Foundation, A2A allows client agents to discover remote agents and their capabilities. Like MCP, it’s transport-agnostic and supports long-running asynchronous tasks. A2A is an effective way to split your agents once your system grows.

Agent Commerce Protocol (ACP)

ACP was developed by OpenAI and Stripe to enable quick and simple shopping via ChatGPT and payments through Stripe. ACP supports browsing catalogues, handling orders and checkouts, and processing payments via the Delegated Payment Spec. Currently, ACP only supports card payments and Stripe is the only PSP implementing it. Still, its simplicity makes it a strong candidate for a fast go-to-market approach.

Agent Payments Protocol (AP2)

AP2, developed by Google with several payment and tech companies, uses cryptography to enable agents to transact on a user’s behalf. Payments are delegated using “mandates”—cryptographically signed digital contracts—and verifiable credentials authenticate the transaction. The protocol supports real-time purchases (human-present) and delegated purchases (human-not-present). It’s payment-method-agnostic and aims to support cards, account-to-account payments, and crypto.

Other Interesting Initiatives

These protocols matter because they offer an open platform that lets many vendors integrate seamlessly. But proprietary initiatives are also emerging:

  • Visa is developing AI-ready cards that replace card numbers with tokenised digital credentials. Users will be able to share them with agents and control spending limits, while Visa promises advanced monitoring for security and disputes.
  • Mastercard Agent Pay was announced as another initiative to enable agentic payments within the Mastercard network.
  • Smaller players are joining as well. PayOS offers a gateway with agent-first support from discovery to checkout and fraud fighting. Skyfire provides similar services with a focus on KYA—agent identity verification—to distinguish trustworthy agents from unreliable ones.

New Challenges

These shifts bring new opportunities, but they also introduce new risks.

Consumer Trust. How will consumers react to delegating purchases to a machine? Given their experience with AI tools, many will worry about mistakes caused by unclear prompts or hallucinations. Early UX needs to keep users firmly in control.

Adoption Timeline. These technologies are new, and the speed of adoption across vendors and consumers remains unclear. Major players are moving, but not everyone is onboard. Just like early e-commerce adoption, agentic commerce may take time to reach mass-market comfort.

Security Risks. AI introduces new security risks: data leakage, prompt injection, hallucinations, and payment fraud, among others. The “lethal trifecta” for AI agents is a good starting point for evaluating this threat landscape.

Brand Visibility. How do you build a brand when your service is hidden behind a generic AI agent? Google and Amazon already reduce merchant visibility by exposing services through their platforms; AI agents will shrink that visibility even further.

Compliance. How do you remain compliant with KYC/AML rules—and future regulations built to address this paradigm shift?

New Opportunities

The change also brings meaningful upside.

Reduce Payment Friction. Merchants who monitor conversion know every extra step risks losing a customer. Sign-ups, email confirmations, form-filling, card entry, 3DS—agents can automate most of this and bring the user in only at key moments.

New Revenue Streams. Agentic payments unlock new revenue opportunities: automated replenishment, negotiating special deals, or selling data/API services directly to agents.

Customisable Deals. Advanced agents can negotiate personalised or limited-edition offers. Customer and merchant agents can close complex deals—like full travel itineraries involving hotels, cars, and bookings.

Riding the AI Wave

To avoid falling behind, companies must invest in the technical capabilities required to adopt these changes. Even if the future of agentic payments is still unclear, teams should build AI expertise across both technical and business functions. Despite the many managed AI services available, this paradigm differs significantly from traditional software development, so engineering teams need hands-on experience building, testing, and supporting agentic applications. Business teams must understand which use cases fit AI, where it excels, and where it fails.

Every company should start working on:

  1. Building an AI ready data platform with a high-quality semantic layer to make their data accessible to AI applications
  2. Re-evaluating and potentially adjusting it to run business processes from AI applications
  3. Educating both technical and business staff to work with AI
  4. Paying special attention to AI when it comes to security and many perils that come with it
  5. Assessing if your vendors are ready for an AI revolution and if it’s even in their roadmap.

There’s a lot to consider—but companies that invest in AI-ready tools, architecture, and mindset will be the ones that thrive as the industry transforms.