Visa is introducing a brand new safety framework designed to unravel one of many thorniest issues rising in synthetic intelligence-powered commerce: how retailers can inform the distinction between authentic AI procuring assistants and the malicious bots that plague their web sites.
The funds large unveiled its Trusted Agent Protocol on Tuesday, establishing what it describes as foundational infrastructure for “agentic commerce” — a time period for the quickly rising observe of customers delegating procuring duties to AI brokers that may search merchandise, evaluate costs, and full purchases autonomously.
The protocol allows retailers to cryptographically confirm that an AI agent shopping their web site is permitted and reliable, moderately than a bot designed to scrape pricing information, check stolen bank cards, or perform different fraudulent actions.
The launch comes as AI-driven visitors to U.S. retail web sites has exploded by greater than 4,700% over the previous 12 months, in accordance with information from Adobe cited by Visa. That dramatic surge has created an acute problem for retailers whose present bot detection methods — designed to dam automated visitors — now threat by chance blocking authentic AI buyers together with unhealthy actors.
“Retailers want extra instruments that present them with higher perception and transparency into agentic commerce actions to make sure they’ll take part safely,” mentioned Rubail Birwadker, Visa’s International Head of Progress, in an unique interview with VentureBeat. “With out frequent requirements, potential dangers embrace ecosystem fragmentation and the proliferation of closed loop fashions.”
The stakes are substantial. Whereas 85% of buyers who’ve used AI to buy report improved experiences, retailers face the prospect of both turning away authentic AI-powered clients or exposing themselves to stylish bot assaults. Visa’s personal information reveals the corporate prevented $40 billion in fraudulent exercise between October 2022 and September 2023, almost double the earlier 12 months, a lot of it involving AI-powered enumeration assaults the place bots systematically check mixtures of card numbers till discovering legitimate credentials.
Contained in the cryptographic handshake: How Visa verifies AI procuring brokers
Visa’s Trusted Agent Protocol operates by way of what Birwadker describes as a “cryptographic belief handshake” between retailers and permitted AI brokers. The system works in three steps:
First, AI brokers have to be permitted and onboarded by way of Visa’s Clever Commerce program, the place they bear vetting to fulfill belief and reliability requirements. Every permitted agent receives a novel digital signature key — primarily a cryptographic credential that proves its id.
When an permitted agent visits a product owner’s web site, it creates a digital signature utilizing its key and transmits three classes of knowledge: Agent Intent (indicating the agent is trusted and intends to retrieve product particulars or make a purchase order), Shopper Recognition (information exhibiting whether or not the underlying client has an present account with the service provider), and Fee Info (non-obligatory fee information to assist checkout).
Retailers or their infrastructure suppliers, akin to content material supply networks, then validate these digital signatures in opposition to Visa’s registry of permitted brokers. “Upon correct validation of those fields, the service provider can verify the signature is a trusted agent,” Birwadker defined.
Crucially, Visa designed the protocol to require minimal modifications to present service provider infrastructure. Constructed on the HTTP Message Signature normal and aligned with Internet Each Auth, the protocol works with present net infrastructure with out requiring retailers to overtake their checkout pages. “That is no-code performance,” Birwadker emphasised, although retailers might have to combine with Visa’s Developer Heart to entry the verification system.
The race for AI commerce requirements: Visa faces competitors from Google, OpenAI, and Stripe
Visa developed the protocol in collaboration with Cloudflare, the online infrastructure and safety firm that already supplies bot administration providers to hundreds of thousands of internet sites. The partnership displays Visa’s recognition that fixing bot verification requires cooperation throughout your entire net stack, not simply the funds layer.
“Trusted Agent Protocol dietary supplements conventional bot administration by offering retailers insights that allow agentic commerce,” Birwadker mentioned. “Brokers are offering extra context they in any other case wouldn’t, together with what it intends to do, who the underlying client is, and fee data.”
The protocol arrives as a number of expertise giants race to determine competing requirements for AI commerce. Google just lately launched its Agent Protocol for Funds (AP2), whereas OpenAI and Stripe have mentioned their very own approaches to enabling AI brokers to make purchases. Microsoft, Shopify, Adyen, Ant Worldwide, Checkout.com, Cybersource, Elavon, Fiserv, Nuvei, and Worldpay supplied suggestions throughout Trusted Agent Protocol’s improvement, in accordance with Visa.
When requested how Visa’s protocol pertains to these competing efforts, Birwadker struck a collaborative tone. “Each Google’s AP2 and Visa’s Trusted Agent Protocol are working towards the identical objective of constructing belief in agent-initiated funds,” he mentioned. “We’re engaged with Google, OpenAI, and Stripe and need to create compatibility throughout the ecosystem.”
Visa says it’s working with world requirements our bodies together with the Web Engineering Activity Drive (IETF), OpenID Basis, and EMVCo to make sure the protocol can finally turn into interoperable with different rising requirements. “Whereas these specs apply to the Visa community on this preliminary section, enabling brokers to soundly and securely act on a client’s behalf requires an open, ecosystem-wide method,” Birwadker famous.
Who pays when AI brokers go rogue? Unanswered questions on legal responsibility and authorization
The protocol raises essential questions on authorization and legal responsibility when AI brokers make purchases on behalf of customers. If an agent completes an unauthorized transaction — maybe misunderstanding a consumer’s intent or exceeding its delegated authority — who bears accountability?
Birwadker emphasised that the protocol helps retailers “leverage this data to allow experiences tied to present client relationships and safer checkout,” however he didn’t present particular particulars about how disputes can be dealt with when brokers make unauthorized purchases. Visa’s present fraud safety and chargeback methods would presumably apply, although the corporate has not but revealed detailed steering on agent-initiated transaction disputes.
The protocol additionally locations Visa within the place of gatekeeper for the rising agentic commerce ecosystem. As a result of Visa determines which AI brokers get permitted for the Clever Commerce program and obtain cryptographic credentials, the corporate successfully controls which brokers retailers can simply belief. “Brokers are permitted and onboarded by way of the Visa Clever Commerce program, making certain they meet our requirements for belief and reliability,” Birwadker mentioned, although he didn’t element the particular standards brokers should meet or whether or not Visa fees charges for approval.
This gatekeeping function might show contentious, notably if Visa’s approval course of favors massive expertise firms over startups, or if the corporate faces strain to dam brokers from rivals or politically controversial entities. Visa declined to supply particulars about what number of brokers it has permitted to this point or how lengthy the vetting course of sometimes takes.
Visa’s authorized battles and the lengthy street to service provider adoption
The protocol launch comes at a posh second for Visa, which continues to navigate vital authorized and regulatory challenges whilst its core enterprise stays sturdy. The corporate’s newest earnings report for the third quarter of fiscal 12 months 2025 confirmed a ten% enhance in web revenues to $9.2 billion, pushed by resilient client spending and powerful development in cross-border transaction quantity. For the complete fiscal 12 months ending September 30, 2024, Visa processed 289 billion transactions, with a complete funds quantity of $15.2 trillion.
Nevertheless, the corporate’s authorized headwinds have intensified. In July 2025, a federal choose rejected a landmark $30 billion settlement that Visa and Mastercard had reached with retailers over long-disputed bank card swipe charges, sending the events again to the negotiating desk and increasing the long-running authorized battle.
Concurrently, Visa stays underneath investigation by the Division of Justice over its guidelines for routing debit card transactions, with regulators scrutinizing whether or not the corporate’s practices unlawfully restrict service provider alternative and stifle competitors. These home challenges are mirrored overseas, the place European regulators have continued their very own antitrust investigations into the charge buildings of each Visa and its main competitor, Mastercard.
In opposition to this backdrop of regulatory strain, Birwadker acknowledged that adoption of the Trusted Agent Protocol will take time. “As agentic commerce continues to rise, we acknowledge that client belief remains to be in its early levels,” he mentioned. “That is why our focus by way of 2025 is on constructing foundational credibility and demonstrating real-world worth.”
The protocol is offered instantly in Visa’s Developer Heart and on GitHub, with agent onboarding already energetic and service provider integration sources obtainable. However Birwadker declined to supply particular targets for what number of retailers would possibly undertake the protocol by the top of 2026. “Adoption is aligned with the momentum we’re already seeing,” he mentioned. “The launch of our protocol marks one other huge step — it isn’t only a technical milestone, however a sign that the business is starting to unify.”
Business analysts say service provider adoption will seemingly rely upon how rapidly agentic commerce grows as a proportion of general e-commerce. Whereas AI-driven visitors has surged dramatically, a lot of that consists of brokers shopping and researching moderately than finishing purchases. If AI brokers start accounting for a major share of accomplished transactions, retailers will face stronger incentives to undertake verification methods like Visa’s protocol.
From fraud detection to AI gatekeeping: Visa’s $10 billion wager on synthetic intelligence
Visa’s transfer displays broader strategic bets on AI throughout the monetary providers business. The corporate has invested $10 billion in expertise over the previous 5 years to cut back fraud and enhance community safety, with AI and machine studying central to these efforts. Visa’s fraud detection system analyzes over 500 totally different attributes for every transaction, utilizing AI fashions to assign real-time threat scores to the 300 billion annual transactions flowing by way of its community.
“Each single a kind of transactions has been processed by AI,” James Mirfin, Visa’s world head of threat and id options, mentioned in a July 2024 CNBC interview discussing the corporate’s fraud prevention efforts. “Should you see a brand new sort of fraud occurring, our mannequin will see that, it should catch it, it should rating these transactions as excessive threat after which our clients can determine to not approve these transactions.”
The corporate has additionally moved aggressively into new fee territories past its core card enterprise. In January 2025, Visa partnered with Elon Musk’s X (previously Twitter) to supply the infrastructure for a digital pockets and peer-to-peer fee service known as the X Cash Account, competing with providers like Venmo and Zelle. That deal marked Visa’s first main partnership within the social media funds house and mirrored the corporate’s recognition that fee flows are more and more occurring exterior conventional e-commerce channels.
The agentic commerce protocol represents an extension of this technique — an try to make sure Visa stays central to fee flows even because the mechanics of procuring shift from direct human interplay to AI intermediation. Jack Forestell, Visa’s Chief Product & Technique Officer, framed the protocol in expansive phrases: “We imagine your entire funds ecosystem has a accountability to make sure sellers belief AI brokers with the identical confidence they place of their most valued clients and networks.”
The approaching battle for management of AI procuring
The actual check for Visa’s protocol will not be technical — it is going to be political. As AI brokers turn into a bigger drive in retail, whoever controls the verification infrastructure controls entry to tons of of billions of {dollars} in commerce. Visa’s place as gatekeeper provides it huge leverage, but in addition makes it a goal.
Retailers chafing underneath Visa’s present charge construction and going through a number of antitrust investigations might resist ceding much more energy to the funds large. Opponents like Google and OpenAI, every with their very own ambitions in commerce, have little incentive to let Visa dictate requirements. Regulators already scrutinizing Visa’s market dominance will certainly look at whether or not its agent approval course of unfairly benefits sure gamers.
And there is a deeper query lurking beneath the technical specs and company partnerships: In an financial system more and more mediated by AI, who decides which algorithms get to spend our cash? Visa is making an aggressive bid to be that arbiter, wrapping its reply within the language of safety and interoperability. Whether or not retailers, customers, and regulators settle for that proposition will decide not simply the destiny of the Trusted Agent Protocol, however the construction of AI-powered commerce itself.
For now, Visa is transferring ahead with the arrogance of an organization that has weathered disruption earlier than. However within the rising world of agentic commerce, being too trusted would possibly show simply as harmful as not being trusted sufficient.
