From Card-Present to Human-Not-Present: Agent Payments Protocol AP2 [Pay with AI]

Drasko
Pay with AI: Agent Payments Protocol - AP2

Remember card-present and card-not-present transactions?

Yeah, those classifications that shaped payment processing for decades.

Looks like they're becoming relics of the past.

Welcome to the age of "human-present" and "human-not-present" transactions.

Because here's what's happening right now: AI agents are starting to buy things on your behalf. And the entire payments infrastructure? It wasn't ready for that.

Until now.

Today, I'm going to walk you through Google's Agent Payments Protocol (AP2) — an open protocol that's rewriting the rules for how AI agents can securely initiate and complete purchases across platforms.

Not just in theory. This is already happening.

And if you're a merchant, payment service provider, or processor, this isn't something to "keep an eye on." It's something you need to understand now.

Let's dive in.

What Is AP2? (And Why Does It Exist)

The Agent Payments Protocol (AP2) is an open, payment-agnostic framework developed by Google with over 60 industry partners — including Nexi, Adyen, American Express, Coinbase, Etsy, Mastercard, PayPal, Shopify, Worldpay and more.

AP2 partners
Image Credit: https://cloud.google.com/blog/products/ai-machine-learning/announcing-agents-to-payments-ap2-protocol

It's designed to do one critical thing: establish a common foundation for secure, compliant transactions between AI agents, users, and merchants.

Think of it as the missing infrastructure layer for agentic commerce.

Here's the problem it solves:

Traditional payment systems assume a human is directly clicking "buy" on a trusted surface. That's been the bedrock assumption for decades.

But AI agents break that model completely.

When an AI agent initiates a purchase on your behalf — maybe while you're asleep, or while you're in a meeting — three critical questions emerge:

  • Authorization: Did the user actually give the agent permission to make this specific purchase?
  • Authenticity: Is the agent's request an accurate reflection of what the user intended?
  • Accountability: If something goes wrong, who's responsible?

AP2 answers all three.

It creates a cryptographically-signed, tamper-proof audit trail that documents every step of the transaction — from initial intent to final payment — so everyone involved (users, merchants, banks, platforms) can transact with confidence.

How AP2 Actually Works: Mandates and Verifiable Credentials

The core innovation in AP2 is something called Mandates.

These are digital contracts — cryptographically signed and tamper-proof — that serve as verifiable proof of what a user instructed their AI agent to do.

Think of them as the blockchain for shopping intent.

AP2 uses two types of mandates to handle the two primary ways people will shop with agents:

1. Real-Time Purchases (Human Present)

Let's say you tell your AI agent: "Find me new white running shoes under $150."

That request gets captured in an Intent Mandate. This creates an auditable record of what you asked for — the context that kicks off the entire interaction.

Your agent then searches across multiple retailers, compares prices, checks availability, and presents you with a shopping cart: "Here are the Nike Pegasus 41 in white, size 10.5, for $139 from three different merchants."

When you approve the cart, you're signing a Cart Mandate. This is the critical step — it creates a secure, unchangeable record of exactly what you're buying and how much you're paying.

What you see is what you get. No bait-and-switch. No surprises.

Then, your payment method gets securely linked to that verified Cart Mandate, and the transaction completes.

2. Delegated Tasks (Human Not Present)

This is where things get really interesting.

Let's say you want concert tickets the moment they go on sale — but the drop is happening at 10 AM on a Wednesday when you're in back-to-back meetings.

So you tell your agent: "Buy two tickets to the Taylor Swift concert in Los Angeles the second they're available, maximum $500 per ticket, section 100-110 only."

You sign a detailed Intent Mandate upfront. This mandate specifies all your rules: price limits, seat preferences, timing conditions.

It's pre-authorized proof that you gave your agent permission to act autonomously within those boundaries.

When the tickets drop and your conditions are met, the agent can automatically generate a Cart Mandate on your behalf and complete the purchase — no further input needed.

You wake up to a confirmation email. Tickets secured.

The entire chain of evidence — from intent, to cart, to payment — creates a non-repudiable audit trail that protects everyone involved.

Real Use Cases: What AP2 Unlocks

AP2 isn't about incremental improvements to checkout flows.

It's about enabling entirely new commerce behaviors that were impossible before.

Here are three examples that show where this is heading:

Smarter Shopping with Standing Orders

You see a winter jacket you love, but it's sold out in green.

Instead of checking back manually every day, you tell your agent: "I want this jacket in green. I'm willing to pay up to 20% more for it. Buy it the moment it's available."

Your agent monitors inventory across multiple retailers. The second that specific color variant appears, it executes the purchase automatically.

The merchant captures a high-intent sale that would have otherwise been lost. You get exactly what you wanted without the manual work.

Personalized, Dynamic Offers

A shopper tells their agent they want a new bicycle for an upcoming trip from a specific merchant.

The agent communicates this information — including the trip date — to the merchant's own AI agent.

The merchant's agent responds by creating a custom, time-sensitive bundle offer: the bike, a helmet, and a travel rack at 15% off, valid for the next 48 hours.

One simple query turns into a more valuable, personalized sale.

Coordinated Multi-Agent Bookings

You're planning a weekend getaway and tell your agent: "Book me a round-trip flight and a hotel in Palm Springs for the first weekend of November, total budget $700."

Your agent interacts with both airline and hotel agents, as well as online travel agencies. Once it finds a combination that fits your budget, it executes both bookings simultaneously, using cryptographically-signed mandates to ensure consistency across providers.

You get a coordinated trip. The agents get paid. Everyone has an auditable record.

Why This Matters for Merchants, PSPs, and Payment Processors

If you're in the payments ecosystem, AP2 isn't optional. It's foundational.

Here's why:

1. The Shift from Human Checkout to Agent Checkout

Right now, when someone checks out on your site, you're optimizing for:

  • Reducing friction in the cart
  • Clear CTAs
  • Trust signals like security badges
  • Mobile-friendly forms

With agentic commerce, all of that goes away.

There's no human staring at a checkout page. There's an agent evaluating structured data, comparing offers across platforms, and executing purchases based on mandates.

If you're not set up to communicate with agents — to provide product data, pricing, availability, and payment options in a machine-readable format — you're invisible.

2. Risk Management Gets More Complex

Fraud prevention has always relied on behavioral signals: device fingerprinting, session analysis, IP reputation, velocity checks.

But when an agent is making purchases on behalf of a user, those signals disappear.

AP2 solves this by providing cryptographic proof of user intent. Mandates give you verifiable evidence that the user authorized the transaction, reducing chargeback risk and making disputes more straightforward.

For PSPs and processors, supporting AP2 means you can confidently underwrite agent-initiated transactions without blowing up your fraud models.

3. Competitive Differentiation

The merchants who adopt AP2 early will capture a disproportionate share of agent-driven commerce.

Why? Because agents will prioritize platforms that support structured, secure transactions.

If your competitor supports AP2 and you don't, the agent won't even surface your products in the comparison. You're out of the running before the user even knows you exist.

4. It's Multi-Platform, Multi-Payment by Design

AP2 isn't tied to a specific payment method. It works with credit cards, debit cards, digital wallets, stablecoins, real-time bank transfers — whatever the user prefers.

It's also built as an extension of the open-source Agent2Agent (A2A) protocol and Model Context Protocol (MCP), meaning it's designed for interoperability across AI platforms.

If you build for AP2, you're not just supporting Google's agents. You're supporting the entire agentic ecosystem.

How Merchants and PSPs Can Support AP2

Here's the breakdown:

For Large Merchants and Enterprise Platforms

If you operate your own payment infrastructure, you'll want to integrate AP2 directly.

Google has published the full technical specification, documentation, and reference implementations on GitHub: github.com/google-agentic-commerce/AP2

You'll need to:

  • Implement mandate signing and verification
  • Expose your product catalog and pricing in a structured, agent-readable format
  • Integrate AP2 with your existing payment gateway
  • Update your fraud and risk models to validate mandates

The good news? Many of the major PSPs — Adyen, PayPal, Worldpay, Checkout.com, and others — are already building AP2 support. If you work with one of them, they'll likely handle much of the heavy lifting.

For Small and Mid-Sized Merchants

If you're a smaller merchant, the path forward is simpler: move to a platform that supports AP2.

Etsy and Shopify are both part of the AP2 ecosystem. Adobe Commerce (formerly Magento) is also involved.

These platforms will abstract away the complexity. You won't need to implement cryptographic signing or build agent APIs. You'll just need to ensure your product listings are complete, accurate, and structured properly.

Think of it like the shift from building your own payment processing to using Stripe or Square. The infrastructure gets handled for you, and you focus on what you do best: selling great products.

For PSPs and Payment Processors

If you're a payment service provider, this is your moment to lead.

Your merchants are going to start asking about AP2. If you're ready with a solution, you become the strategic partner. If you're not, you're the legacy system holding them back.

What you need to build:

  • Native support for AP2 mandates in your transaction flow
  • APIs that allow agents to initiate payments securely
  • Fraud models that can validate cryptographic proof instead of relying solely on behavioral signals
  • Clear documentation and SDKs for merchants integrating your platform

The companies building this now — Adyen, Stripe (if they're smart), PayPal, Airwallex, and others — will own the agent commerce layer for the next decade.

Support for Crypto and Stablecoins

One of the most forward-looking aspects of AP2 is its native support for cryptocurrency payments.

In collaboration with Coinbase, Ethereum Foundation, MetaMask, and other web3 organizations, Google has launched the A2A x402 extension — a production-ready solution for agent-based crypto payments.

Why does this matter?

Because stablecoins solve a lot of the latency and settlement issues that make traditional payment rails clunky for agent-driven commerce.

When an agent needs to execute a purchase instantly — maybe coordinating transactions across multiple providers in different countries — stablecoins can settle in seconds, not days.

And with AP2, those transactions have the same cryptographic proof of intent as traditional card payments.

This is the first time we're seeing a payment protocol treat crypto as a first-class citizen, not an afterthought.

What Happens Next: The Ecosystem is Growing

AP2 is open-source. Google is committed to evolving it through standards bodies and inviting the entire payments and technology community to contribute.

Many of the partners building A2A agents have already extended their support to AP2. That ecosystem is available in Google's AI Agent Marketplace, including new transactable experiences powered by AP2.

For example, enterprise companies can use AP2 for B2B applications — like enabling autonomous procurement of partner-built solutions via Google Cloud Marketplace or automatically scaling software licenses based on real-time usage.

This isn't just about consumers buying sneakers.

It's about creating a secure, auditable foundation for autonomous economic activity at every level.

Your Move

AP2 is happening now.

Google, PayPal, Mastercard, Visa, Adyen, Shopify, Etsy, Salesforce, Intuit, and 50+ other organizations are building the infrastructure.

The merchants who integrate early will capture agent-driven commerce.

The PSPs who build support now will own the next layer of the payments stack.

And the ones who wait? They'll be playing catch-up while their competitors are already embedded in the agent economy.

Now,

If you're a large merchant or enterprise, start reviewing the AP2 technical docs on GitHub. Talk to your payment processor about their roadmap. Build a pilot.

If you're a small or mid-sized merchant, ask your platform provider when they're launching AP2 support. If they're not planning to, start evaluating alternatives.

If you're a PSP or processor, make AP2 integration a top-three priority for 2026. Your merchants are going to need it sooner than you think.

Because the future of payments isn't about making checkout faster.

It's about making it autonomous.

And AP2 is the protocol that makes that possible.

Further reading:

This article was updated on October 8, 2025

Hey there, I'm Drasko! I've spent last 20 years getting my hands dirty in the financial technology, working for big names like Société Generale, FirstData, and a bunch more. Right now, I'm a product manager at Nexi - Europe's foremost innovator in payments and one of the top paytech companies today.
I'm also passionate about blogging, and from time to time, I'm sharing some useful tips and news from the industry. 

So don't forget to share my posts and subscribe to my mailing list.

And do let me know what you think via email drashco [at] paytechzone.com I read every email. Talk Soon,

You should also read: