How Visa and Mastercard Are Preparing for Agentic Commerce

The Card Network Imperative: Why Visa and Mastercard Must Adapt

Visa and Mastercard face an unprecedented challenge. For decades, these networks have operated within a predictable framework: a cardholder initiates a transaction, a merchant processes it, and the card network facilitates settlement. Agentic commerce disrupts this linear model entirely. When autonomous agents—software systems operating without human authorization for each transaction—conduct commerce on behalf of users or independently, the traditional liability and authentication structures collapse.

Both networks recognize that agentic commerce represents the next major evolution in payments, comparable in significance to the shift from cash to digital, or from card-present to e-commerce. Visa processes over 150 million transactions daily across 200+ countries, while Mastercard handles approximately 100 million daily transactions. As agentic commerce scales, these volumes will multiply exponentially. The networks must prepare their infrastructure now or risk irrelevance.

Tokenization as the Foundation for Agent Authorization

Tokenization stands at the center of both Visa and Mastercard’s agentic commerce strategies. Rather than agents accessing raw payment credentials, tokenization creates unique identifiers that represent payment accounts without exposing sensitive card data. This approach provides multiple strategic advantages for card networks preparing for autonomous transactions.

Visa’s Token Service Provider (TSP) Evolution

Visa operates its Token Service Provider infrastructure, which has processed over 8 billion tokenized transactions globally. For agentic commerce, Visa is expanding this framework to support agent-specific tokens with granular permission sets. These tokens can be restricted by:

• Transaction amount caps (e.g., agents cannot exceed $500 per transaction)
• Merchant category codes (agents can only transact with approved vendor types)
• Time-based windows (tokens active only during specified hours or date ranges)
• Frequency limits (maximum transactions per hour, day, or month)
• Geographic restrictions (transactions only in authorized regions)

Visa’s approach treats agent tokens as conditional payment instruments. Each token carries embedded business logic that the network validates at authorization time. This represents a fundamental shift from traditional tokens, which primarily served as static replacements for card numbers.

Mastercard’s Digital Enablement Service (DES)

Mastercard’s Digital Enablement Service provides similar functionality but emphasizes what Mastercard calls “consent-driven payments.” The DES framework allows cardholders to grant agents explicit authorization while maintaining audit trails of all agent-initiated transactions. Mastercard’s token architecture includes what they term “agent personas”—distinct digital identities that agents assume when conducting commerce.

Each agent persona maintains its own transaction history, spending patterns, and risk profile. This allows Mastercard’s fraud detection systems to establish baseline behavior for each agent and flag anomalies that might indicate compromise or misuse. A supply chain optimization agent, for example, would have vastly different transaction patterns than a personal shopping agent, and Mastercard’s systems learn and enforce these distinctions.

Authentication: From Cardholder Verification to Agent Verification

Traditional payment authentication revolves around cardholder verification—confirming that the person holding the card is the person initiating the transaction. Agentic commerce requires authentication of the agent itself and verification that the agent possesses valid authorization to conduct the transaction.

Visa’s Agent Authentication Framework

Visa is developing what it calls “Agent Identity Verification” (AIV), a multi-layered authentication system that operates before token authorization. AIV confirms:

• The agent’s cryptographic identity and digital signature
• The agent’s authorization delegation from the cardholder or account holder
• The agent’s compliance status with network rules and regulations
• Real-time risk scoring based on agent behavior and transaction context

Rather than relying on passwords or biometric data (which agents cannot provide), AIV uses public key infrastructure (PKI) and blockchain-based credential systems. Agents present digitally signed authorization documents that cryptographically prove they possess valid permission to conduct transactions. These documents reference the cardholder’s original authorization and include expiration dates, scope limitations, and revocation mechanisms.

Mastercard’s Agent Authorization Protocol (AAP)

Mastercard’s Agent Authorization Protocol operates similarly but emphasizes what Mastercard terms “progressive authentication.” Rather than a single authentication moment, AAP distributes authentication across multiple system touchpoints. The agent authenticates to:

• The merchant’s systems (proving it is an authorized purchasing entity)
• Mastercard’s network (proving it possesses valid payment authorization)
• The cardholder’s systems (confirming the transaction aligns with standing agent instructions)

This multi-party authentication creates redundancy and prevents scenarios where a compromised merchant system or network component could facilitate unauthorized agent transactions. Each authentication layer operates independently and can revoke agent privileges without requiring changes to other systems.

Liability Shifts: Redefining Risk in Autonomous Transactions

The most contentious aspect of agentic commerce preparation involves liability allocation. Historically, Visa and Mastercard operated under well-defined liability frameworks. Chargebacks typically fell to merchants or cardholders depending on transaction type and fraud indicators. Agentic commerce introduces new liability questions that the networks must resolve.

The Agent Operator Liability Question

When an agent conducts a transaction, who bears liability if the transaction proves unauthorized, fraudulent, or results in customer harm? Traditional frameworks allocate liability between cardholders and merchants. Agentic commerce introduces a third party: the agent operator (the organization that developed, deployed, and maintains the agent).

Visa’s liability framework, as currently evolving, proposes a three-tier model:

• Tier 1 (Agent Operator): Liability for agent malfunction, unauthorized agent actions, or agent compromise. If an agent acts outside its authorization scope or conducts transactions the cardholder did not authorize, the agent operator bears initial liability.
• Tier 2 (Card Network): Liability for network failures in authentication, authorization, or token validation. If Visa’s systems fail to properly validate an agent’s authorization or incorrectly process a transaction, Visa assumes liability.
• Tier 3 (Cardholder): Liability limited to scenarios where the cardholder negligently authorized an agent or failed to revoke authorization when required. This represents a significant reduction from traditional cardholder liability.

This framework incentivizes agent operators to implement robust security, proper authorization management, and transaction monitoring. It also protects cardholders from liability stemming from agent misbehavior, shifting risk to the parties best positioned to control agent behavior.

Mastercard’s Shared Responsibility Model

Mastercard proposes a “shared responsibility” liability model that distributes risk across all parties based on their ability to prevent harm. Rather than sequential liability tiers, Mastercard’s model allocates percentage-based liability:

• Agent operators assume 40-60% liability for agent-related fraud or malfunction
• Merchants assume 20-30% liability for merchant system compromise or negligent authorization acceptance
• Card networks assume 10-20% liability for authentication or authorization system failures
• Cardholders assume minimal liability (typically 0-5%) for properly authorized agent transactions

These percentages adjust based on transaction context, agent risk profile, and merchant risk history. A high-risk agent transacting with a low-risk merchant produces different liability allocation than a low-risk agent transacting with a high-risk merchant.

Real-World Implementation: Current Pilot Programs

Both networks have moved beyond theoretical frameworks into practical implementation. Visa’s pilot program with enterprise automation platforms includes supply chain agents that autonomously procure inventory from approved suppliers. Participating companies report 40-60% reduction in procurement cycle times while maintaining fraud rates below 0.02%.

Mastercard’s agentic commerce pilot, launched in partnership with leading fintech platforms, focuses on personal finance agents that autonomously execute bill payments, subscription management, and savings optimization. Early data shows 99.7% transaction accuracy rates with agent operators bearing less than 0.3% fraud liability.

Interoperability and Industry Standards

Neither Visa nor Mastercard operates in isolation. The Universal Commerce Protocol (UCP) represents an emerging standard for agentic commerce that both networks are engaging with, though cautiously. UCP aims to create network-agnostic frameworks for agent authorization and transaction execution. Visa and Mastercard participate in UCP development while maintaining proprietary extensions that differentiate their offerings.

The ISO 20022 standard, which both networks support for payment messaging, is being extended to accommodate agent transaction metadata. This includes agent identity information, authorization scope details, and transaction context that enables more sophisticated fraud detection and liability determination.

The Path Forward: Integration with Open Banking and APIs

Visa and Mastercard increasingly recognize that agentic commerce will operate through open banking APIs and real-time payment rails. Both networks are integrating their agentic commerce frameworks with Open Banking standards and real-time payment infrastructure like the Federal Reserve’s FedNow Service (in the US) and similar systems globally.

This integration allows agents to access multiple payment rails simultaneously, selecting optimal routes based on speed, cost, and settlement requirements. Agents can evaluate whether a transaction should route through Visa’s network, Mastercard’s network, or alternative rails like ACH, real-time payments, or blockchain-based systems.

FAQ

What happens if an agent makes an unauthorized transaction?

Authorization disputes in agentic commerce follow modified chargeback procedures. If a cardholder disputes an agent transaction, the agent operator must demonstrate that the cardholder authorized the agent and that the transaction fell within the agent’s authorization scope. If the agent operator cannot provide this evidence, they bear liability. The cardholder’s liability remains minimal, typically limited to scenarios where they negligently authorized the agent.

Can agents operate across both Visa and Mastercard networks simultaneously?

Yes. Agents can be authorized to transact on both networks. However, each network maintains separate token streams and authorization frameworks. A sophisticated agent might maintain distinct tokens for each network and select the optimal network for each transaction based on merchant acceptance, settlement speed, and cost factors. This requires agent operators to implement multi-network logic.

How do agents handle real-time transaction limits and fraud detection?

Both Visa and Mastercard implement real-time transaction monitoring that evaluates each agent transaction against established limits and behavioral baselines. If a transaction exceeds limits or exhibits anomalous patterns, the network can decline authorization, flag the transaction for review, or require additional authentication. Agents receive immediate feedback and can retry transactions or escalate to human operators as needed.

What compliance requirements do agent operators face?

Agent operators must comply with payment processor regulations, anti-money laundering (AML) requirements, and network-specific rules. Both Visa and Mastercard require agent operators to implement transaction monitoring, maintain audit trails, report suspicious activity, and implement Know Your Customer (KYC) procedures. Operators must also maintain errors and omissions insurance and comply with emerging agentic AI governance frameworks.