The Trust Problem at the Heart of Agentic Commerce — and How Mastercard Just Addressed It

When AI agents spend your money, proof of permission is no longer optional. A new open-source standard from Mastercard and Google marks a structural shift in how autonomous transactions will be governed.

George Kakouras  •  March 2026

Every major payments era has been defined by a single trust question. The magnetic stripe answered: is this card real? Tokenisation answered: can we protect credentials online? The industry is now working through the next iteration of that question — and it is considerably more complex: did this AI agent actually have permission to spend that money?

On 5 March 2026, Mastercard and Google released Verifiable Intent, an open-source cryptographic framework built to answer that question. The announcement is both technically significant and strategically revealing. Understanding why requires looking at where agentic commerce has arrived — and how quickly it got there.

The Agentic Commerce Landscape in Early 2026

The infrastructure for AI-driven commerce moved faster than most anticipated. OpenAI’s Agentic Commerce Protocol (ACP) Instant Checkout went live in September 2025. Google’s Universal Commerce Protocol (UCP) launched with twenty partners in January 2026. PayPal integrated with Mastercard’s own Agent Pay platform in October 2025. By early 2026, the plumbing for agentic transactions was broadly in place.

What was not in place was the accountability layer. When a human taps a card, intent is visible at the point of interaction. When an AI agent executes a booking or reorder based on instructions given twelve hours earlier, that clarity evaporates entirely. The consumer, the merchant, the issuing bank, and any intermediary each have a different vantage point — and no shared ground truth.

This is not a theoretical concern. As PYMNTS Intelligence data indicates, 43% of CFOs expect a high impact from AI agents managing dynamic budget allocation and B2B supply chain payments. At enterprise scale, autonomous agent transactions are not a future state; they are already happening. The dispute and fraud infrastructure, however, remains designed for a world in which a human was present at every transaction.

What Verifiable Intent Actually Does

Verifiable Intent creates a cryptographic record that links three elements: the consumer’s identity, their original instructions to the agent, and the transaction outcome. This record is tamper-resistant and serves as a shared source of truth for all parties. Importantly, the framework uses Selective Disclosure — a privacy mechanism that gives each participant only the minimum information required to verify authorisation or resolve a dispute, without exposing the full chain of data.

In practical terms, the delegation chain operates in three layers:

•         A credential provider (bank or wallet) binds the consumer’s identity to the authorisation.

•         The consumer issues a scoped mandate to their agent — defining parameters such as spend caps, permitted merchant categories, or budget periods.

•         When the agent transacts, it signs cryptographic proof of compliance against that mandate. The audit trail is immutable and immediately accessible.

The framework is protocol-agnostic by design. It aligns with Google’s Agent Payments Protocol (AP2) and Universal Commerce Protocol (UCP), and is built on open standards from the FIDO Alliance, EMVCo, the Internet Engineering Task Force, and the World Wide Web Consortium. Mastercard has open-sourced both the specification and an initial reference implementation, available on GitHub and at verifiableintent.dev under an Apache 2.0 licence.

Industry endorsements arrived quickly. Adyen, Fiserv, Checkout.com, Worldpay, IBM, Basis Theory, and Getnet have all signalled support. Google’s VP and General Manager for Payments, Stavan Parikh, described the framework as “a natural accelerator for scaling agentic commerce.” Fiserv noted that it enables merchants to reduce fraud proactively and strengthen dispute outcomes. IBM indicated plans to integrate it with their enterprise orchestration layer.

The Strategic Logic

Mastercard’s approach here is worth examining on its own terms. They have chosen to open-source the standard rather than build a proprietary product. The playbook is familiar: create the infrastructure layer, let broad adoption follow, then occupy the centre of the verification network.

It is the same logic that made EMV chip ubiquitous while keeping card networks indispensable. The specification becomes a commodity; the network position does not.

Visa’s Intelligent Commerce sandbox has a head start on live agent transaction volume but has not released an equivalent open intent specification. That asymmetry is instructive. Visa is building a product; Mastercard is seeding infrastructure. The distinction matters because infrastructure tends to expand with the market it enables, whereas products compete within it.

Mastercard’s Chief Digital Officer, Pablo Fourez, articulated the framing clearly: “As autonomy increases, trust cannot be implied. It must be proven.” That is not a product pitch. It is a positioning statement for an infrastructure standard.

What This Means for Fintechs and Enterprise Operators

For fintechs building AI-native interfaces — whether LLM-embedded banking assistants, AI procurement tools, or autonomous expense management platforms — Verifiable Intent changes the compliance calculus. It provides a formal, auditable boundary for the liability surface associated with autonomous agent spending. That is exactly what legal and compliance functions in financial institutions have been waiting for.

The fastest adoption, however, is unlikely to come from consumer-facing shopping agents. It

will come from B2B procurement, where the value proposition is immediate and the ROI case is already built: an AI agent reordering supplies within cryptographically enforced corporate spending policies is a CFO’s ideal control environment. Enterprise card programmes quietly converting to scoped agent mandates is not a distant scenario — it is an 18-to-24-month transition already in motion.

For regulated fintech operators specifically, the framework’s alignment with W3C Verifiable Credentials, FIDO Alliance standards, and EMVCo means it maps cleanly onto existing compliance architecture. Integrating Verifiable Intent is not a re-platforming exercise; it is an additive trust layer onto infrastructure that MGA-regulated, PCI DSS-compliant, and MiCA-licensed operators are already running.

The Broader Implication

The agentic economy will require trust primitives at every layer: discovery, execution, and now — with Verifiable Intent — authorisation proof. The question facing every player in this space is no longer whether to build for autonomous agents but how quickly they can make those agents operate within a verifiable boundary.

The race is not to build the best AI shopping agent or procurement bot. It is to become the default trust layer that all agents rely on. Mastercard has positioned themselves to be that layer — and the decision to open-source the specification suggests they understand that ubiquity, not exclusivity, is the winning strategy.

Whether a single company’s framework becomes the industry standard is always an open question. But the combination of strong technical foundations, immediate endorsement from Google and major acquirers, and a deliberate open-source release strategy gives Verifiable Intent a credible path to becoming the EMV of agentic commerce. That is worth watching closely.

References

1. Mastercard. (2026, March 5). How Verifiable Intent Builds Trust in Agentic AI Commerce. mastercard.com

2. PYMNTS Intelligence. (2026, March 5). Mastercard Unveils Open Standard to Verify AI Agent Transactions. pymnts.com

3. Fintech News Singapore. (2026, March 6). Mastercard, Google Introduce Verifiable Intent as AI Agents Begin Making Payments. fintechnews.sg

4. The Paypers. (2026, March). Mastercard and Google Launch Verifiable Intent. thepaypers.com

5. AgenticPlug.ai. (2026, March 7). Mastercard Verifiable Intent for Agentic Commerce: Full Breakdown. agenticplug.ai

6. verifiableintent.dev — Open-source specification and reference implementation (Apache 2.0).

7. PYMNTS Intelligence. (2026). CFO Survey on AI Agents and B2B Payments. pymnts.com

8. Dbbnwa.com. (2026, March). Mastercard Unveils Open Standard to Secure Autonomous AI Agent Payments. dbbnwa.com