By Barnard Crespi, Co-CEO Datatel Inc/Datatel Communications Inc.
Over the last three decades, digital payments have evolved in waves.
- First, e-commerce introduced the online checkout experience.
- Then came mobile wallets, tokenization, and biometric authentication.
- Next came embedded payments and invisible commerce, where the transaction fades into the background.
Now a new shift is emerging.
Not a new checkout method.
Not a new interface.
But a new actor in the transaction itself.
Autonomous AI agents are beginning to make decisions and complete purchases on behalf of people and businesses. These agents will compare products, negotiate pricing, manage subscriptions, reorder supplies, and eventually execute transactions without the customer ever touching a device.
This phenomenon, widely referred to as Agentic Commerce, is already gaining momentum. Mastercard describes it as “a world where trusted AI agents act on behalf of individuals and businesses to discover, negotiate, and complete purchases.” McKinsey estimates these agents could influence more than 3 trillion dollars in global spending by 2030.
With that growth comes a fundamental question.
If machines start buying from machines, how do we secure trust, identity, and payments in a world where the “buyer” may not be human?
The Shift From Human-Driven to Autonomous Transactions
Today’s commerce ecosystem is built around one simple assumption: A human sees something, decides to buy it, and confirms the purchase.
Every fraud model and every dispute rule depend on this point of human interaction.
Passwords, device certificates, MFA challenges, and behavioural analytics are all anchored to human intent.
Agentic commerce upends this. Now the agent:
- searches
- compares
- selects
- builds the cart
- initiates the payment
The human may never see the transaction.
This creates new layers of business risk.
How do we verify that the agent is authorized to act?
How do we confirm that the agent understood the user’s intention correctly?
How do we assign responsibility when no one clicked “buy?”
Could malicious agents impersonate real ones?
These are not technical questions, they are questions of trust, liability, and regulatory readiness.
Each Evolution of Payments Expanded the Attack Surface
Every major transition in payments has reshaped the threat landscape:
- E-commerce expanded opportunities for account takeovers.
- Mobile payments introduced device-level vulnerabilities.
- Subscription commerce created challenges with recurring authorizations.
- Open banking introduced risks around third-party API access.
Agentic commerce introduces something new: Unauthorized delegation:
- A compromised or cloned agent acting as if it were the customer.
- A misinterpreted instruction leading to unintended purchases.
- An agent making decisions that no human directly verified.
And because agents operate continuously, at machine speed, errors or malicious actions could scale quickly.
This is why security must come first.
Before convenience.
Before automation.
Before commercial experimentation.
Without strong governance, identity controls, and verifiable authorization, agentic commerce risks creating blind spots that businesses cannot absorb.
Introducing AP2: A Framework for Verifiable Trust
To address these gaps, industry participants are developing a new foundation called the Agent Payments Protocol, or AP2. It does not change how payments move. Instead, it focuses on how authorization, intent, and accountability are captured when actions come from autonomous systems.
For business leaders, AP2 is important because it introduces structure in an environment where ambiguity would otherwise grow.
It focuses on three critical areas.
1. Authorization: “Did the user allow this?”
In agent-driven transactions, traditional signals of authorization disappear. It introduces a structured way of documenting what a user permitted an agent to do.
2. Intent: “Is this what the user meant?”
Large language models can misinterpret instructions. It creates mechanisms for capturing decisions in a way that removes guesswork.
3. Accountability: “Who is responsible?”
Without a human click, liability becomes unclear. It creates a consistent evidence trail that helps all parties understand what was authorized and what occurred.
These principles are supported by a set of Verifiable Digital Credentials that document the decision flow from user to agent to merchant.
Where Compliance Meets Automation: PCI, GDPR, and Beyond
Agentic commerce does not sit outside regulatory frameworks. It sits directly in the middle of them.
When an agent handles preferences, payment credentials, behavioural patterns, and personal data, it becomes a new category of data handler. That brings simultaneous obligations under:
- PCI DSS for payment data
- GDPR and other global privacy regulations for consent, profiling, and data usage
- Emerging AI governance frameworks for transparency and explainability
This creates new operational questions:
- Who owns agent-generated data?
- How is consent demonstrated when the human did not participate in the final transaction?
- How should businesses structure their APIs so third-party agents can interact safely?
Without clear evidence of intent and authorization, auditors, regulators, and networks will face challenges determining whether requirements were met.
The Phased Development of AP2
The phased approach in its entity is published in AP2 Roadmap. The complete protocol specifications can be found at https://ap2-protocol.org/
AP2 is being designed as an evolving protocol developed through open collaboration. Each wave expands capabilities while allowing the industry to adopt and test incrementally.
V0.1 (September 2025)
The initial phase focuses on foundational use cases where a human is present in the flow and uses “pull” payment methods such as credit and debit cards.
It includes:
- Defined data payloads built on Verifiable Digital Credentials
- Support for user or merchant initiated step-up challenges
- Reference implementations
- SDKs and extensions for early adopters
Other artifacts will cover AP2 A2A extension v0.1, AP2 MCP server v0.1 AP2 Python SDK v0.1, AP2 Android SDK v0.1
V1.x and Beyond
Future versions may include support for:
- push payments and real-time bank transfers
- wallets and alternative payment methods
- subscription and recurring flows
- human-not-present transaction models
- additional MCP-based implementation patterns
Longer term, the protocol may support more advanced capabilities such as:
- multi-merchant transaction flows
- real-time negotiations between buyer and seller agents
The development model relies on open participation, feedback, and critique through the public repository.
Security as the New Strategic Differentiator
BCG notes that companies unable to build trusted, compliant interfaces risk becoming “invisible utilities” in the agentic ecosystem. AI agents will choose where to transact based on stability, transparency, and trust.
That means security is no longer only a risk function.
It is a competitive dimension.
It affects discoverability, preferred-merchant status, and future revenue flow.
In the same way browsers once prioritized HTTPS websites, AI agents will prioritize merchants and platforms built on verifiable trust.
Takeaways
Agentic Commerce is not simply automation. It is delegated decision-making. The customer of tomorrow may never visit your website or speak to your staff. Their AI agent will evaluate, buy, and manage the relationship.
In that world:
- Trust becomes infrastructure
- Identity becomes a transaction requirement
- Security becomes brand currency
AP2 offers an early framework for how authorization, intent, and accountability can be documented when systems transact on behalf of people.
Agentic Commerce is still in development, still evolving, and still expanding in phases. But its direction points to a clear truth. As commerce moves toward autonomous decision-making, security must lead the transformation.
Because in a world where machines buy from machines, the ability to verify trust will determine who gets to participate in the next decade of digital commerce.
We’re Here to Help.
Call 1 800 831 6660 or
What our clients are saying about us
“Never any issues with you guys! Things just work.”
“Customer service is a really big deal to us, and I am glad to do business with a company that obviously takes it as seriously as we do.”
“We’re happy with the IVR Payment system and it has been working well for us. Recently we also setup your newest SMS (text) receipts and found it to work great.”
“I want to command you and your team at Datatel on the job just completed for Tele-Response Center. The attention to detail and professionalism with which you approached the project was exemplary and greatly appreciated especially considering the several applications that needed to be implemented on short notice. Thanks again for your assistance getting this project off the ground so smoothly.”
“My team and I would like to commend Datatel on creating an IVR application that adds great value to our new Travel product. Your knowledge, input and expertise in IVR scripting, call flow management and overall IVR logistics made the development and implementation stages extremely easy to manage. Thank you for a well executed campaign that was launched on time and on budget.”
“Great team to work with. I look forward to utilizing some additional capabilities in the future.”
“We are very grateful for many years of mutually beneficial business relationship with Datatel and for impeccable customer service we have received during these years.”
“We, Standard Life, very much appreciated Datatel’s expertise, knowledge and support as we worked through the development and implementation stages. Our Clients appreciate the simplicity of the capability, while gathering very valuable feedback. Thanks for making this a very positive experience.”
“This was one of the best implementations I have been a part of. The communication was excellent and everything was responded to and dealt with swiftly. A real pleasure. We are looking forward to the impact this will have on our patient payments! Thank you!”
