Mastercard and Google’s new trust layer could reshape how AI buys for you

Mastercard yesterday launched Verifiable Intent, a brand new open, standards-based belief layer designed to handle some of the urgent questions in autonomous commerce: how does anybody know that an AI agent shopping for on a client’s behalf is definitely doing what it was informed? Co-developed with Google and endorsed by eight trade companions – IBM, Worldpay, Fiserv, Getnet, Checkout.com, Foundation Idea, and Adyen – the initiative creates cryptographic proof of client authorization for the time being an AI agent initiates a transaction.

The announcement, dated March 5, 2026, was authored by Pablo Fourez, Mastercard’s chief digital officer. It arrives lower than two months after Mastercard launched its Agent Pay infrastructure on the Nationwide Retail Federation’s annual convention on January 11, 2026. That preliminary launch established the broad structure for AI-executed funds; Verifiable Intent now provides the authorization and audit layer on high of it.

What the know-how really does

At its technical core, Verifiable Intent hyperlinks three components right into a single, privacy-preserving file: the id of the cardholder authorizing the AI agent, the buyer’s particular directions, and the interplay between the agent and the service provider that ends in a purchase order. In accordance with Mastercard, if a dispute arises, all events can depend on that audit path to resolve it shortly moderately than counting on conflicting accounts.

The system makes use of a way referred to as Selective Disclosure to handle what knowledge will get shared. Solely the minimal mandatory transaction data is launched throughout events, and solely for the time being it’s wanted – for fraud mitigation or dispute decision. Delicate particulars past that course of stay unexposed. In accordance with Mastercard, this method is designed in order that belief and privateness aren’t tradeoffs.

Technically, Verifiable Intent is constructed on broadly adopted specs from 4 requirements our bodies: the FIDO Alliance, EMVCo, the Web Engineering Activity Drive (IETF), and the World Extensive Net Consortium (W3C). The selection of those 4 organizations is deliberate. Every represents a special layer of the digital authentication and internet requirements ecosystem, and constructing on them means the specification doesn’t require proprietary infrastructure. In accordance with Mastercard, the system is designed to be protocol agnostic – able to working throughout agentic protocols, units, wallets, platforms, and different fee networks because the ecosystem continues to develop.

Aligned particularly with Google’s Agent Funds Protocol (AP2) and Common Commerce Protocol (UCP), Verifiable Intent creates what Mastercard describes as a tamper-resistant file of what a consumer approved when an AI agent acts on their behalf. The UCP was launched by Google on January 11, 2026, establishing open-source technical requirements for AI brokers to execute purchases throughout completely different retail platforms with out requiring customized integrations for every service provider.

Over time, Mastercard says Verifiable Intent will likely be strengthened by way of integration with Verifiable Credentials, a W3C normal that will make client authorization and delegation extra specific, moveable, and cryptographically verifiable throughout techniques.

Open-sourcing and developer entry

Mastercard at this time open-sourced the Verifiable Intent specification and an preliminary reference implementation. Each can be found on GitHub and at verifiableintent.dev. Agent platforms, fee enablers, retailers, and builders are invited to overview, contribute, and construct on the specification. In accordance with Mastercard, API specs and developer instruments for utilizing Verifiable Intent with Mastercard Agent Pay will observe on Mastercard Builders.

The choice to open-source the specification mirrors the method taken throughout the broader ecosystem. Google’s Common Commerce Protocol is equally accessible by way of GitHub, with technical specs defining REST and JSON-RPC transport layers. PPC Land’s analysis of UCP famous in January that open-source commerce requirements carry the potential to commoditize the interfaces that e-commerce platforms have beforehand used as aggressive moats – a structural dynamic that Verifiable Intent, as an authentication and authorization layer, sits immediately on high of.

The mixing roadmap

Within the coming months, in accordance with Mastercard, Verifiable Intent will likely be built-in immediately into Mastercard Agent Pay’s intent APIs. That integration is meant to drive real-world adoption with companions and assist scalable agent deployments throughout platforms. Mastercard additionally mentioned it would proceed working with trade our bodies to outline complementary requirements for conversational AI in commerce.

The highway from announcement to integration is just not trivial. Agent Pay itself launched solely in January 2026. Target and Walmart brought checkout directly into Google’s AI assistant on the identical day as Agent Pay’s debut, representing the primary main retail implementations of UCP. These implementations use current authentication flows. Including Verifiable Intent’s cryptographic authorization layer on high of dwell transactions is the following step.

Two situations: human within the loop and absolutely autonomous

Mastercard distinguishes between two operational modes in its announcement. In agent-assisted, human-in-the-looppurchases, Verifiable Intent confirms the buyer was current, accredited the buying cart, and approved the transaction. Retailers can fulfill these orders with out including friction, in accordance with Mastercard, as a result of the authorization file is already established.

In extra autonomous situations – the place the agent acts independently inside pre-set parameters – Verifiable Intent offers what Mastercard calls transparency and company that permits retailers to evaluate whether or not further affirmation is required earlier than finishing a transaction. That is the place the dispute-resolution worth turns into most obvious. If an agent books a flight outdoors a said price range, or purchases the incorrect product variant, the query of what was really approved strikes from being a matter of reminiscence to considered one of cryptographic file.

These challenges prolong past client purchases. In machine-to-machine commerce and programmable cash implementations – enterprise procurement, cross-border funds, AI brokers managing provider relationships – a client or enterprise is at all times delegating spending authority to a system. In accordance with Mastercard, these techniques should make choices at velocity and scale whereas remaining trustworthy to the intent of the consumer.

What trade companions say

The record of endorsing corporations spans fee processors, service provider acquirers, and infrastructure suppliers. Their statements replicate each the chance and the underlying concern.

“As AI brokers start to behave extra independently, it is important that consumer intent stays clear, provable, and guarded,” mentioned Stavan Parikh, vp and normal supervisor, Funds, at Google. “Robust, interoperable belief infrastructure like Verifiable Intent that’s appropriate with Agent Funds Protocol is a pure accelerator for scaling agentic commerce, and we’re proud to have collaborated with Mastercard on this initiative.”

“During the last couple of months we have seen adoption of AI brokers skyrocket,” mentioned James Armstead, chief know-how officer at Foundation Idea. “As these brokers begin taking part immediately in commerce – making purchases and finishing transactions on behalf of shoppers and companies – crucial query turns into belief. How have you learnt the intent behind a transaction is actual? Mastercard’s Verifiable Intent API is a vital step towards fixing that. By combining Mastercard’s community with Foundation Idea’s tokenization and safe knowledge infrastructure, we might help allow a brand new mannequin of commerce the place brokers can provoke and full funds safely and transparently.”

Fiserv framed the mixing by way of service provider outcomes. “Verifiable Intent marks a significant step ahead in how intent, authentication, and accountability are established in agentic commerce,” mentioned Sanjay Saraf, chief product officer, Service provider Options, Fiserv. “By integrating with Mastercard Agent Pay, Fiserv is delivering a brand new belief layer that helps retailers safe agent-initiated transactions. As brokers tackle larger accountability, Verifiable Intent allows retailers to proactively scale back fraud, strengthen dispute outcomes, and keep buyer belief.”

Adyen’s chief know-how officer Tom Adams linked the initiative to the broader service provider relationship with shoppers. “Retailers have constructed their companies on the belief of their clients,” Adams mentioned. “As shoppers more and more transact by way of AI brokers, having a verifiable, privacy-preserving solution to affirm buyer intent turns into foundational. Approaches like Verifiable Intent might help retailers anchor agent-initiated transactions in specific authorization, whereas retaining management over id, knowledge, and the client expertise.”

IBM’s Kirstin Kirtley Silva emphasised enterprise deployment at scale. “As agent-driven funds mature, we’re targeted on making them prepared for the true world – with robust orchestration, clear insurance policies, and built-in transparency. Verifiable Intent makes consumer authorization easy and safe, so brokers can act safely throughout platforms,” she mentioned. “For retailers, meaning each transaction is traceable, and disputes are simpler to resolve. We’re thrilled to align this with IBM’s orchestration layer to assist companions transfer from early prototypes to large-scale adoption.”

Worldpay’s Reshmi Suresh, head of agentic commerce, famous the open-standard dimension: “Having an open normal that permits them to confirm intent, whereas additionally giving them the selection to protect their privateness, is essential to rising adoption. We’re excited to associate with Mastercard to evolve this framework of Verifiable Intent, on behalf of our retailers and their shoppers.”

Why this issues for digital advertising and marketing and promoting professionals

The promoting and advertising and marketing know-how group has been monitoring agentic commerce intently since 2025. The shift from human-initiated to agent-initiated transactions carries elementary implications for the way promoting works. If an AI agent completes a purchase order based mostly on pre-set parameters, the position of the advert – the impression, the clicking, the second of persuasion – might happen at delegation, not at transaction. That adjustments attribution fashions, bidding methods, and your entire idea of the acquisition funnel.

Google’s introduction of shopping ads in AI Mode on February 11, 2026 represented the primary main promoting format designed for agentic discovery. AI Mode at that time had reached over 75 million every day lively customers, in accordance with Google-commissioned analysis cited on the time. These advertisements seem clearly labeled as sponsored inside AI-generated conversations throughout product discovery moments – a structural acknowledgment that the invention section, not the transaction section, is the place promoting now must function.

Verifiable Intent doesn’t immediately tackle promoting. However it issues for entrepreneurs for a special purpose: it determines whether or not the underlying agentic commerce infrastructure turns into trusted sufficient to realize scale. With out a credible mechanism for proving that AI brokers acted inside approved parameters, client hesitancy and service provider legal responsibility issues will sluggish adoption. PPC Land’s coverage of AI shopping adoption famous in November 2025 that McKinsey projected the worldwide agentic commerce alternative may attain $3 trillion to $5 trillion by 2030, with US B2C retail alone accounting for $900 billion to $1 trillion. That scale relies upon totally on whether or not the belief infrastructure retains tempo with the technical functionality.

The surveillance pricing controversy that followed Google’s UCP launch in January 2026 illustrated exactly the form of client concern that belief infrastructure wants to handle. Critics characterised the system as enabling customized upselling by way of evaluation of chat knowledge. Google denied the claims, citing service provider insurance policies. However the controversy underscored a broader dynamic: as AI techniques purchase extra buying authority, the general public scrutiny of that authority intensifies.

Verifiable Intent positions Mastercard – and by extension Google – as infrastructure suppliers who take that scrutiny critically. The cryptographic file it creates isn’t just a fraud-prevention mechanism. It’s also a claims mechanism: proof that the authorization existed, proof that the directions have been captured, proof that the transaction matched the mandate. In a world the place regulatory our bodies are more and more analyzing automated decision-making, that form of audit path has worth past the quick transaction.

The aggressive context

Mastercard and Google aren’t the one events constructing agentic commerce infrastructure. OpenAI launched on the spot checkout capabilities with Stripe on September 29, 2025, introducing the Agentic Commerce Protocol for AI-mediated transactions. Microsoft and OpenAI’s positioning for retail AI was documented in April 2025, protecting the Copilot Service provider Program and OpenAI’s integration of Shopify checkout. Visa has pursued its personal agentic fee protocols, and Visa’s infrastructure for AI agents was documented intimately in January 2026.

What distinguishes Verifiable Intent is its specific concentrate on the authorization file moderately than the fee circulate itself. AP2, UCP, and the Agentic Commerce Protocol all tackle how transactions are executed. Verifiable Intent addresses whether or not these transactions have been approved in the way in which the buyer supposed. That may be a narrower however arguably extra legally important query.

Cloudflare, notably, had already begun working with each Visa and Mastercard in October 2025 on safety protocols for AI brokers, suggesting that the authentication and verification layer of agentic commerce has been acknowledged as a definite engineering downside for a while.

Google’s UCP checkout help page, printed on March 2, 2026 – simply three days earlier than at this time’s announcement – specified that retailers should use the native_commerce product attribute to show a Purchase button on eligible listings, and that funds use full major account numbers (FPANs) saved in Google Pockets through Google Pay. That merchant-facing documentation offers the implementation context into which Verifiable Intent’s authorization layer will ultimately slot.

Timeline

• September 2025 – Google launches Agent Funds Protocol (AP2), a payment-agnostic protocol utilizing cryptographically signed mandates to hyperlink intent, cart, and fee throughout customers, retailers, and fee networks
• September 29, 2025 – OpenAI and Stripe launch the Agentic Commerce Protocol, enabling transactions from Etsy and Shopify retailers immediately by way of ChatGPT conversations
• October 24, 2025 – Cloudflare broadcasts partnerships with Visa and Mastercard to develop safety protocols for AI brokers
• November 2025 – McKinsey releases report projecting $3-5 trillion international agentic commerce alternative by 2030; PSE Consulting analysis reveals 49% of UK adults use AI regularly and 22% planned AI-assisted holiday shopping
• January 11, 2026 – Google launches the Universal Commerce Protocol with main retailers together with Shopify, Etsy, Wayfair, Goal, and Walmart; Mastercard launches Agent Pay on the Nationwide Retail Federation convention; Target and Walmart enable checkout directly in Google’s AI assistant
• January 13, 2026 – Google’s UCP triggers surveillance pricing debate; platform failures hit publishers throughout the identical week
• February 11, 2026 – Google introduces shopping ads in AI Mode, with AI Mode reaching over 75 million every day lively customers
• March 2, 2026 – Google publishes the official Merchant Center help page for UCP, detailing the native_commerceattribute, FPAN fee credentials, and PSP compatibility
• March 5, 2026 – Mastercard and Google introduce Verifiable Intent, open-sourcing the specification at verifiableintent.dev and on GitHub, with eight trade endorsers together with IBM, Adyen, Fiserv, Worldpay, Foundation Idea, Checkout.com, and Getnet

Abstract

Who: Mastercard, led by chief digital officer Pablo Fourez, in collaboration with Google and eight trade companions – IBM, Worldpay, Fiserv, Getnet, Checkout.com, Foundation Idea, and Adyen.

What: The introduction of Verifiable Intent, an open, standards-based cryptographic belief layer for agentic commerce. The specification creates a tamper-resistant file linking client id, particular buy directions, and service provider transaction knowledge right into a single privacy-preserving authorization file. It’s constructed on specs from FIDO Alliance, EMVCo, IETF, and W3C, aligned with Google’s Agent Funds Protocol and Common Commerce Protocol, and makes use of Selective Disclosure to restrict knowledge sharing to the minimal mandatory. The specification and an preliminary reference implementation have been open-sourced at this time at verifiableintent.dev and GitHub.

When: Introduced on March 5, 2026. Integration into Mastercard Agent Pay’s intent APIs is deliberate for the approaching months. The announcement follows Mastercard’s Agent Pay infrastructure launch on January 11, 2026, and Google’s simultaneous launch of the Common Commerce Protocol.

The place: The specification is publicly accessible at verifiableintent.dev and on GitHub. Integration with Mastercard Agent Pay will likely be documented on Mastercard Builders. Actual-world deployment will happen throughout platforms and companions utilizing Mastercard’s fee community.

Why: As AI brokers purchase the flexibility to execute monetary transactions autonomously on behalf of shoppers, the present mannequin of fee authorization – a human tapping a card or clicking “purchase” – now not applies. With out a mechanism for proving what a client really approved, retailers can not confidently fulfil agent-initiated orders, issuers can not distinguish reliable exercise from fraud, and shoppers don’t have any recourse if an agent acts outdoors its mandate. Verifiable Intent is designed to fill that hole, offering a cryptographic audit path that survives dispute decision whereas preserving client privateness by way of selective knowledge disclosure.