Follow ZDNET: Add us as a preferred source<!–> on Google.
ZDNET’s key takeaways
- Google announces Agent Payments Protocol (AP2).
- AP2 helps companies carry out agent-led payments securely.
- The protocol is launched with the support of more than 60 organizations.
The next level of AI assistance in e-commerce is agent-led AI transactions, where your agent can place orders on your behalf, saving you time as a consumer and connecting your product to buyers if you’re a merchant.
Also: Gartner says add AI agents ASAP – or else. Oh, and they’re also overhyped
While the technology is promising, there are also security concerns because an agent has access to your payment details. To address those concerns, Google has launched its new Agent Payments Protocol (AP2), which the company describes as an “open protocol developed with leading payments and technology companies to securely initiate and transact agent-led payments across platforms.”
What is AP2?
AP2 can be used as an extension of the Agent2Agent (A2A) protocol and the Model Context Protocol (MCP). Similar to how MCP allows users to connect AI tools to their databases with confidence, the AP2 standard lets users, merchants, and payment providers transact with AI agents securely.
Also: How Cisco plans to stop rogue AI agent attacks inside your network
For example, Google said AP2, which helps verify that a user authorized an agent to act, validates to the merchant that the agent is performing the way the user requested, and, most importantly, helps identify accountability should the action not go according to plan, which is one of the biggest concerns when it comes to agents.
Also: 5 ways to be a great AI agent manager, according to business leaders
AP2 supports various payment types, including credit cards, stablecoins, and real-time bank transfers, which serve as a single standard that agents and merchants can rely on for all transactions.
How does AP2 work?
AP2 uses Mandates, which are tamper-proof, cryptographically signed digital contracts that contain proof of a user’s intentions. Specifically, there is an Intent Mandate, where the user requests that the agent either find a product for them or purchase it on their behalf, and then a Cart Mandate, which allows the agent to carry out the transaction.
Also: A whopping 30% of business leaders are comfortable taking orders from AI agents – are you?
In real-time purchases with a user present, after issuing an Intent Mandate to look for the product, the approval of the purchase is signed as a Cart Mandate.
Also: Your next job interviewer could be an AI agent – here’s why that’s a good thing
In delegated tasks, where a human isn’t present, the human signs a detailed Intent Mandate upfront, with the specific rules of the engagement, such as price limits, which pre-authorize the agent to generate a Cart Mandate when the conditions are met. In either case, the Cart Mandate involves the user securely linking their payment details.
Looking forward
The AP2 launched with 60 organizations, including Accenture, Adobe, American Express, Coinbase, Confluent, Mastercard, Okta, PayPal, Salesforce, 1Password, and many more.
Also: What are AI agents? How to access a team of personalized assistants
For other organizations that want to get started, Google has made the technical specifications, documentation, and reference implementations available on its public GitHub repository, which will be updated regularly with additional reference implementations from the tech company.
