AI agents and the future of agentic payments

Agentic payments are here. At least that’s the message of dozens of big announcements in the past few months.

I, for one, am excited about unleashing my personal AI bot on the internet for great deals on things I know I want. First it’s going to snipe plane tickets right when they hit the lowest price. Soon it will be buying those adjustable weights that I know are gathering dust in one of my neighbors’ houses and will show up one weekend on Facebook marketplace. My bot will also handle the negotiation and coordination with aplomb – it might even convince the seller to drop the goods off at my house. 

But to do any of this, my AI agent needs to be able to pay for things as if it’s me.

In the past two weeks, Visa, Mastercard, PayPal and Coinbase all made big announcements about enabling AI to make purchases online. In the months prior, Amazon, OpenAI, Perplexity and Google announced their AI shopping efforts, and Claude’s model context protocol means that it’s the preferred home of hacker demos proving what’s possible.  

At this moment, you have to hold two things in your head at the same time.

1. The actual number of agents buying things online is tiny, clunky and mostly for fun.
2. The most valuable companies in the world are all in on enabling AI agents to shop.  

What I realized as I was parsing through this last week is that the complexity of AI agents making payments is at least twice and maybe three times as complicated as making payments on the internet.

There’s lots to say about agentic payments by me and people who are smarter than me, but here I just want to walk through the question of how this is actually going to work. There are going to be lots of people making really complicated choices about how to authorize and accept these payments in an AI-agent world. 

If you’re not already a payments nerd, buckle up. Digital payments, like Milton Friedman's pencil, is one of the great wonders of the modern world.

The Four-Party Model

If you’re reading this, you’re probably familiar with the classic four-party merchant acquiring diagram. 

If that isn’t second nature to you, read this or watch Sophia Goldberg explain it, 'cause it’s about to get real complicated real fast. 

Astute observers will note that this “four-party” model actually has five parties in it. It is sometimes called the five-party model, but the networks are to merchant acquiring what water is to a fish, so they usually get eliminated from the count here. Visa and Mastercard are really communications platforms – they set the standards and provide the means for issuers and acquirers to communicate. Their core motivation is to increase trust in card transactions, so they also provide tools and standards for fraud, identity, chargebacks and data security, but they never touch the money so they’re often left out. 

The Six [Five]-Party Model

With the basics out of the way, let’s add an AI agent to help our consumers shop. Shopping assistants don’t complicate this picture – that’s just next gen search what we see already with Perplexity and OpenAI shopping. But when you put the agent in the flow, now you’re faced with a six-party framework:

Two things immediately jump out:

1. The good-bot/bad-bot problem, which has been well discussed, as a merchant side problem; but
2. More importantly, I want to highlight first that both consumers and merchants have to decide to trust an agent.

The introduction of an AI agent increases the risk to a merchant – should they join the future wave and welcome AI agent shoppers? Or will the consumers behind these AI agents have much higher return rates, complaints or chargebacks? (“I didn’t buy that, the agent did!”) In the early internet, this was one of the key values that PayPal provided – standing behind the transaction. Other players like QED portfolio company Signifyd did something similar, offering a risk score and a guarantee to merchants on when they should or shouldn’t accept a payment.  

Startups in this space have to conquer technical problems of accuracy, strong credential management, and conquer consumer brand building before this starts to take off.

But wait – there’s more!

In the flow above, the AI-agent will merely have to figure out how to compliantly hold and transfer payment credentials from the cardholder to the merchant. Both Visa's and Mastercard's announcements are squarely focused on this problem, though Visa’s product is gated and Mastercard’s product does not appear to be live. Even with these announcements, those who are building in this space are realizing that it's hard (and that controlling payments is a very good business model) so they are in fact taking the money from the cardholder into the AI agents wallet.  

If that’s the case, then we need to consider the AI agent as a merchant and merchants need merchant acquiring, so we’ve got at least two more friends at the party. In practice, this model isn’t quite an issuer-acquiring model, but more likely uses a digital wallet. These wallet providers are usually called “staged digital wallets” where the funding (analogous to acquiring) phase is separated from the payment (analogous to issuing) phase. Google Pay, Amazon Pay and PayPal are good examples. They also illustrate how the staging acts as a security barrier to enable a payment in a lower trust environment, like the early internet or peer- to- peer transactions.

Many wallet providers partner with others for payments in and out of their wallets, so at this point, it’s not totally obvious whether we’re dealing with a seven-, eight- or nine-party model and the complexity starts to multiply. But realistically, the companies in this space will try to play multiple roles so that the user experiences them seamlessly.

Payman and Nekuda are both building with this staged wallet framework, creating payment structures with explicit limits both in terms of total resources and transaction context and permissions. Payman is focused on ACH and stablecoin payments in AI-driven workflows while Nekuda is initially focused on card authorizations in e-commerce.  

What about stablecoins?!

I get it. If you use stablecoins to fill in the acquirer/issuer function, then you should replace the networks and address the questions of ‘money goodness.' Stablecoins are interesting, but they don't really reduce complexity.

Stablecoin wallets natively guarantee a good-funds model and settlement finality. So while they don’t offer much in the way of consumer protection against fraud, they have much lower risk for merchants who choose to accept this method of payment. Moreover, stablecoins are natively programmable with clear immutable audit trails for transactions. 

But there are lots of coordination challenges: First of all, the cardholder needs to find a way to move fiat into the stablecoin universe, which replicates the complexity of the four-party model again. Second, the cardholder needs to find a merchant who is willing to accept stablecoins. Third, the cardholder/merchant/AI agent group has to coordinate on what stablecoin to use as well as which blockchain to move it over. And/or they have to find liquidity between two stablecoins and the merchant needs to find liquidity for the off-ramp. 

In this account, the stablecoin acts as the acquirer/issuer and the blockchain acts as the network – but since neither of them is fully interoperable with banking rails,  decisions and risk frameworks multiply. 

It’s important to note that I’m not even negative on this use case – I think Crossmint is doing really interesting things and I love their commitment to putting all this complexity behind a simple SDK. In fact, Crossmint’s strength is a great crypto story – originally built to make it easy to buy NFTs with credit cards, they built the infrastructure to take up the full box in the diagram above.  

That said, the single "stablecoin infrastructure" box above may include five, six or more different parties – stablecoin issuer, blockchain, wallet provider, on-ramp provider, off-ramp provider and one or two different stablecoin market makers.  

Turn it up to 11…

Ok, let’s take it home with at least three more parties. One of the use cases I’m most excited about is when my AI agent and the merchant’s AI agent start negotiating with each other.  

One of the great features of internet culture is that it is a no-negotiation zone. Merchants know that any tiny injection of friction loses them money on conversion rate because the last thing you want your customer to do is stop and think.  

In an AI-driven future, who knows what possibilities re-emerge. After all, haggling is the oldest form of price discovery, and AI agents have much more processing power and unlimited attention spans. Crossmint and companies like Rye are working to make the world’s inventory API-accessible. But in this invisible store of electronic inventory, it won’t just be buyers who have AI agents.  

How will merchants use agents? The merchant might choose an agent who is good at advertising to other agents. Perhaps, the merchant’s agent might be focused on negotiation – is there a complex pricing framework that would be great but is too hard to explain to a human – let the AI agents work it out!  What about payment methods? What kind of discount would a merchant offer me if I agreed not to pay with my Chase Sapphire? 
‍
The fun thing for our purposes here is that once the merchant chooses an agent, we get a ninth additional party, and do you think that the merchant’s existing merchant acquirer is going to be comfortable with AI-agents? It would be fun to live in that future, but that’s unlikely. So now the merchant’s AI-agent will likely act as its own merchant, with its own merchant acquirer and its own issuer!  

‍
Are we having fun yet?