Google’s Agent Payments Protocol (AP2): A New Chapter in Agentic Commerce | Blog

Google’s announcement of the Agent Payments Protocol (AP2) marks one of the first serious attempts to standardize how Artificial Intelligence (AI) agents can securely transact on behalf of humans and organizations. AP2 positions itself as an open, payment-agnostic protocol that could reshape how commerce is executed in an agent-driven future. It is backed by over 60 global partners from multiple cohorts:  

• Payments-centric financial institutions (Mastercard, American Express, PayPal)  

• Payment providers (Adyen, Worldpay, UnionPay) 

• Technology companies (Salesforce, ServiceNow, Intuit) 

• Crypto ecosystem players (Coinbase, MetaMask, Ethereum Foundation) 

This move reflects a recognition that the current payments infrastructure assumes a human user at the checkout. As AI agents become more capable of searching, negotiating, and purchasing autonomously, that assumption no longer holds. AP2 attempts to provide the missing connective tissue: a shared rulebook that balances flexibility for new forms of commerce with security, trust, and compliance. 

Reach out to discuss this topic in depth.  

How the protocol will function 

At the heart of AP2 are Mandates, that are cryptographically signed, tamper-proof digital contracts that record user instructions and approvals: 

• Intent Mandate: This is the user’s initial instruction to the agent (e.g., “find me running shoes under $120” or “buy tickets the moment they go on sale”). It defines the scope and rules of engagement 

• Cart Mandate: Once the agent finds a specific product or bundle, the user provides final approval. This creates a verifiable, unchangeable record of what is being purchased, at what price 

In both real-time purchases (human present) and delegated tasks (human absent), this sequence creates a non-repudiable audit trail, ensuring alignment between user intent, agent action, and merchant execution. 

Importantly, AP2 is payment-agnostic. It supports traditional cards, bank transfers, and alternative methods, as well as stablecoins and crypto via its x402 extension. This universality is key to avoiding fragmentation across payment types. 

Representative use cases 

AP2 in the context of Systems of Execution: 

At Everest Group, we often discuss how enterprises rely on Systems of Engagement (SoE) (interfaces with users), Systems of Record (SoR) (databases of truth), and Systems Of Execution (automated systems that carry out tasks). 

• AP2 fits squarely into Systems of Execution. It enables humans + AI agents to initiate, authorize, and complete financial transactions 

• Just as Application Programming Interfaces (APIs) revolutionized integration between applications, AP2 could become the standard execution orchestration platform for financial transactions initiated by autonomous systems 

• Over time, enterprises may treat AP2 as a middleware standard, the equivalent of Transmission Control Protocol (TCP) / Internet Protocol (IP) for payments in an agent-driven ecosystem 

Balancing the benefits and barriers to AP2 adoption:  

The promise of AP2 lies in its ability to unify agent-driven payments under a secure, interoperable framework, but realizing that promise will require enterprises and providers to carefully weigh the advantages against the integration and compliance challenges. 

Benefits of adoption: 

1. Security and auditability: The mandate model ensures that every transaction is backed by verifiable cryptographic proof of user intent and approval. This directly addresses enterprise concerns around fraud and regulatory compliance 

2. Interoperability: With backing from major card networks, fintechs, and crypto providers, AP2 reduces the risk of fragmented agent-to-agent ecosystems. Merchants and enterprises benefit from a single common standard rather than piecemeal integrations 

3. Flexibility across payment types: Support for cards, bank transfers, stablecoins, and crypto ensures AP2 can evolve with consumer behavior and financial innovation 

4. Enterprise-scale potential: Beyond retail, AP2 could power autonomous procurement, license scaling, and supply chain transactions, creating opportunities for efficiency in Business to Business (B2B) contexts 

Challenges and concerns with adoption: 

1. Integration complexity: Enterprises have deeply entrenched payment workflows tied to Enterprise Resource Planning (ERP), procurement, and supply chain systems. Connecting AP2 mandates into these environments will require middleware, orchestration layers, and governance changes 

2. Regulatory alignment: While AP2 improves traceability, it must still be reconciled with Payment Card Industry Data Security Standard (PCI-DSS) requirements, data residency laws, and financial crime monitoring obligations. Without clear alignment, adoption in regulated industries could stall 

3. Dispute resolution and liability: AP2 provides audit trails but does not yet solve who is liable if an agent executes a mistaken or fraudulent transaction, the user, the merchant, the platform, or the protocol itself 

4. Adversarial risks: Malicious or manipulative agents could exploit AP2 to push unwanted offers, make overpayments, or trigger unintended purchases. Guardrails against dark patterns and collusive agent behavior will be critical 

For the payment ecosystem participants, the adoption of AP2 will have varied consequences, as represented in the exhibit below: 

Sourcing implications for enterprises and providers 

The introduction of AP2 framework will lead to the following sourcing strategy implications for enterprises: 

• Vendor strategy: Enterprises should ask PSPs (Payment Service Providers) and cloud platforms about AP2 roadmaps when making sourcing decisions. Further, a richer contractual logic is required in Service Level Agreements (SLAs), vendor risk scoring, and tiered pricing 

• Industry–focused payments offering: Enterprises should evaluate how AP2 can be tailored to industry-specific transaction models. For example, healthcare requires Health Insurance Profitability and Accountability Act (HIPAA)-aligned audit trails for patient billing, while retail can use AP2 to enable personalized bundles and real-time inventory-triggered purchases. Sourcing leaders should develop an AP2 adoption playbook that maps protocol features to the unique compliance and transaction workflows of their industry 

• Identity & governance extensions: Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) would require extending identity and access management frameworks to AI agents, ensuring AP2 transactions respect corporate role-based controls 

• Tighter fraud investigation guardrails: While AP2 provides auditability through cryptographically signed mandates, enterprises must still connect these transactions to existing compliance frameworks such as real-time identity verification, sanctions screening, and anomaly detection. This creates the need for tighter integration between AP2 workflows, fraud detection platforms, and enterprise case management systems to ensure that agent-led payments do not expose organizations to regulatory or reputational risks 

• Phased pilot programs: Enterprises would experiment with AP2 in controlled domains, such as software license scaling or marketplace procurement, before scaling customer-facing transactions 

For service and technology providers, AP2-led agentic workflow has the following early implications: 

• Integration opportunity: There is a significant opportunity to build connectors linking AP2 with ERP, procurement, and supply chain systems. Providers who can offer “AP2 integration-as-a-service” will find early demand 

• Payments operations expansion: The adoption of AP2 would drive the demand for managed services to handle agent-led payments operations, including reconciliation of mandate-based transactions, fraud monitoring across new agent workflows, and exception handling for disputes. Service providers can position themselves as operations partners to bridge early adoption gaps 

• Compliance advisory: Firms with expertise in PCI-DSS, financial crime compliance, and cross-border payments can position themselves as trusted advisors for AP2 readiness 

• Platform and product engineering demand: AP2 and A2A will spur a wave of payments innovation, driving demand for engineering talent to build connectors, APIs, and orchestration layers that link the protocol with ERP, procurement, and industry-specific systems. Providers that can offer platform modernization, low-latency transaction handling, and secure AI-agent integration will see a sharp uptick in project work 

• Platform differentiation: Payment providers not yet in the AP2 ecosystem may risk losing relevance if enterprises pivot toward agentic commerce built on open standards 

Final thoughts 

Google’s AP2 is a bid to create the execution backbone for AI-led commerce. With 60+ partners already involved, AP2 has momentum, but its success will depend on how quickly enterprises, merchants, and platforms embed it into real-world systems. 

If you found this blog interesting, check out our recent blog focusing on Banking On Autonomous Agents: Embracing Agentic AI In Financial Services | Blog – Everest Group, which delves deeper into a similar topic relating to autonomous agents. 

Just as earlier protocols standardized the internet and digital communication, AP2 could become the defining standard for payments in an AI-first world, provided the ecosystem aligns on adoption and execution. To discuss more on the implications of the AP2 protocol within the payments landscape, reach out to [email protected] or [email protected].