Agentic payments · Jun 14, 2026 · 3 min read

Agentic Payments, Explained: How AI Agents Actually Pay

Delegated tokens, payment mandates, agent-ready card credentials, and machine-native rails like x402 — the four building blocks that let an AI agent spend money safely, and what any of it requires from a merchant.

Every agentic commerce demo ends the same way: 'and then the agent completes the purchase.' That sentence hides the hardest problem in the space. Payments infrastructure spent fifty years learning to detect exactly the behavior an agent exhibits — a non-human, acting at a distance, using someone else's credentials.

So the industry is rebuilding authorization for delegation. Four building blocks matter, and they're complementary rather than competing. Here's the map, merchant-eye view.

Block 1: Delegated payment tokens

The pattern live at the largest scale today, via Stripe's shared payment tokens under ChatGPT's Instant Checkout (the ACP stack): the shopper's stored payment method never touches the agent. Instead the assistant receives a single-use, transaction-scoped credential — this order, this amount, this merchant. The human confirms; the token authorizes; existing card rails settle. Familiar money movement, new authorization wrapper.

Block 2: Payment mandates

Google's AP2 generalizes the question from 'can this agent pay?' to 'what exactly did the human authorize?' The answer is a mandate — a cryptographically signed record of intent ('running shoes, under $150, this week') and of the final cart the user approved. Mandates create an evidence chain that survives disputes: when a charge is questioned, there's signed proof of what was delegated. It's payment-method agnostic by design — cards, bank transfers, and stablecoin rails all fit under the same authorization grammar.

Block 3: Network-level agent credentials

The card networks are building agent recognition into the rails themselves — Visa's Intelligent Commerce and Mastercard's Agent Pay tokenize 'this is a registered agent acting for this cardholder' so that agent transactions can be identified, permissioned, and risk-scored as a first-class category instead of looking like fraud. For merchants this is the quiet one: it arrives inside your existing acquiring stack.

Block 4: Machine-native rails

Everything above adapts human payment instruments for delegation. x402 starts over: an open protocol (originating at Coinbase, now stewarded with ecosystem partners) that revives HTTP's 402 'Payment Required' status so software can pay software per-request in stablecoins — no account, no checkout form, no card. Today it lives mostly in API metering, paid data access, and pay-per-crawl experiments rather than retail checkout; it matters because agent-to-agent commerce won't always have a human to show a confirm button to.

What a merchant should actually do

Almost nothing custom — and that's the point. Authorization is being solved a layer below you, by your platform, PSP, and the networks. The work that lands on you is the same catalog-truth work every agent surface needs: accurate availability and pricing (an agent transacting against stale data is now a signed dispute), canonical policies (the mandate records what terms the buyer saw), and labeled reporting for agent-originated orders.

Kinect's lane in this: not payments — we make sure the agent picks you, describes you correctly, and that the shopper who lands converts. The protocols move money; legibility decides whose products the money moves toward.

Frequently asked questions

Are agent payments safe for merchants to accept?

The emerging designs are conservative: transaction-scoped credentials, human confirmation, signed mandates, and disputes on existing card-network rails. Arguably better evidence than a normal card-not-present order carries today.

Who's liable when an AI buys the wrong thing?

The mandate/token designs exist precisely to answer this: signed records establish what the user authorized, and network rules are being extended to allocate liability around them. Watch your PSP's terms updates rather than writing policy yourself.

Do I need new payment infrastructure this year?

If you're on a major platform and mainstream PSP stack: no. Prepare the data layer, decide how you'll label agent-originated orders, and let the authorization plumbing arrive through providers you already have.

Related reading

See Kinect on your store

An AI sales rep on your storefront and an agent-ready store behind it — trained on your catalog and policies, live the same day, measured against your own baseline.