Agentic Payments β€” A Research Report (April 2026)

A multi-file, citation-heavy research report on agentic payments as of 2026-04-21.

Total length: ~69,200 words across 14 sections. Unique URLs cited: 230 (496 total references; 55 URLs cross-referenced across β‰₯2 sections).

This report was produced by GitHub Copilot CLI (Claude Opus 4.7) orchestrating 14 specialised writer sub-agents in parallel, each responsible for one section and each required to verify its citations against primary sources.

How to read this report

Pick your entry point based on role:

Audience Recommended path
Technical / engineers Start with 01 β†’ 03 β†’ 04 β†’ 05 β†’ 09
Payments / merchants 00 β†’ 06 β†’ 07 β†’ 08 β†’ 11
Policy / legal / regulatory 00 β†’ 01 β†’ 10 β†’ 09 β†’ 11
Investor / strategist 00 β†’ 11 β†’ 12 β†’ 13
Academic researcher 02 β†’ 09 β†’ 12 β†’ references.md

If you only have 20 minutes: read the executive summary (00) and the conclusion (13).

Table of contents

# File Topic Words
00 Executive Summary TL;DR, 2025 timeline, landscape map, market sizing, pain points 2,956
01 Introduction & Taxonomy Definitions, history, actor model, flow taxonomy, rails, trust primitives 5,656
02 Academic Literature Pre-LLM foundations, standards, contemporary arXiv papers, research gaps 4,666
03 Deep Dive: Google AP2 Mandates, VCs, cryptography, A2A+MCP integration, adoption 7,066
04 Deep Dive: OpenAI/Stripe ACP SharedPaymentToken, Checkout Session, MoR retention, governance 4,818
05 Deep Dive: x402 & Crypto x402, ERC-8004, Crossmint, Catena, Skyfire, Nekuda, MCP payment servers 5,827
06 Card Networks Visa Trusted Agent Protocol, Mastercard Agent Pay, Amex, Cloudflare Web Bot Auth 4,853
07 Wallets & Platforms PayPal, Stripe Issuing, Block/Cash App, Google Pay, Apple, Alipay/Antom, Klarna 4,792
08 Merchants & Retail Walmart/ChatGPT, Shopify+Google UCP, Etsy, Perplexity, Amazon holdout, travel, B2B 4,979
09 Security & Trust Threat model, prompt injection, mandate attacks, KYA, crypto primitives, defensive patterns 5,907
10 Regulation & Compliance CFPB/Reg E/Z, FCA/PSR, EU AI Act, PSD3, MiCA, FATF Travel Rule, liability matrix 7,078
11 Pain Points & Open Problems 14 structural pain points, severityΓ—tractability matrix 4,851
12 Future Directions Three scenarios, protocol convergence, micropayments, black swans 4,028
13 Conclusion Ten findings, audience recommendations, honest close 1,709
References Consolidated 230-URL bibliography, grouped by domain and cross-reference frequency β€”
Total 69,186

Methodology & verification

  • Source brief. A master source brief (research/source_brief.md) was compiled from ~16 targeted web searches and handed to every writer sub-agent. Writers were instructed to verify each URL themselves and were explicitly told that the brief could contain errors.
  • Sub-agent discipline. 14 parallel general-purpose sub-agents (Claude Sonnet) each wrote one section. Each sub-agent had its own research budget, its own fact-verification duty, and its own footnote list. At least one sub-agent (section 06) independently caught and corrected an error in the master brief (Nekuda was mis-listed as a Trusted Agent Protocol signatory; it is in fact a Visa Ventures/Amex Ventures portfolio company and VIC integrator).
  • Triangulation. 55 URLs appear in β‰₯2 sections (23.9% of unique URLs), forming a factual spine multiple independent writer passes converged on.
  • Primary-source priority. For every major protocol (AP2, ACP, x402, Trusted Agent Protocol, ERC-8004) writers read the GitHub repo, spec files, and EIP text directly, not secondary commentary.
  • Explicit uncertainty. Claims are tagged as announced, shipped, pilot, vendor marketing, analyst forecast, or author's inference throughout. Where no evidence exists, the report says so (e.g., "no PSR guidance yet addresses agent-initiated APP fraud").
  • No invented arXiv IDs. Every cited arXiv paper was fetched and its abstract matched against the claim. Unverifiable candidates were dropped; this is documented in 02-academic-literature.md.

Known limitations of this report

  1. Cutoff date 2026-04-21. Anything after will need refresh.
  2. Coverage of Chinese and emerging-market agentic payment initiatives is thin relative to US/EU β€” primary sources in English.
  3. Court decisions and regulator enforcement actions specific to agentic payments remain sparse; inferences are labelled accordingly.
  4. We did not have access to non-public vendor documentation (e.g., Mastercard's full MDES Agentic Tokens schema); descriptions rely on public releases.
  5. One sub-agent (section 10) noted that some vendor-published "reach" numbers (e.g., Crossmint's MoneyGram country count) could not be re-verified; those are flagged in situ.

Directory layout

agentic-payment-report/
β”œβ”€β”€ README.md                 (this file)
β”œβ”€β”€ references.md             (consolidated 230-URL bibliography)
β”œβ”€β”€ research/
β”‚   β”œβ”€β”€ plan.md               (original multi-section plan)
β”‚   └── source_brief.md       (primary source brief given to sub-agents)
└── sections/
    β”œβ”€β”€ 00-executive-summary.md
    β”œβ”€β”€ 01-introduction-and-taxonomy.md
    β”œβ”€β”€ 02-academic-literature.md
    β”œβ”€β”€ 03-protocol-deep-dive-ap2.md
    β”œβ”€β”€ 04-protocol-deep-dive-acp.md
    β”œβ”€β”€ 05-protocol-deep-dive-x402-and-crypto.md
    β”œβ”€β”€ 06-card-networks.md
    β”œβ”€β”€ 07-wallets-platforms.md
    β”œβ”€β”€ 08-merchant-and-retail.md
    β”œβ”€β”€ 09-security-and-trust.md
    β”œβ”€β”€ 10-regulation-and-compliance.md
    β”œβ”€β”€ 11-pain-points-and-open-problems.md
    β”œβ”€β”€ 12-future-directions.md
    └── 13-conclusion.md

At-a-glance: the 2026 agentic-payments stack

                     β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
 Intent layer        β”‚  AP2 Mandates (Google + 125+ co.)  β”‚
                     β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                                      β”‚
                     β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
 Checkout layer      β”‚  ACP (OpenAI+Stripe) Β· UCP (Google+Shopify)
                     β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                                      β”‚
                     β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
 Agent-trust layer   β”‚  Visa Trusted Agent Protocol Β· Web Bot Auth (IETF)
                     β”‚  ERC-8004 (on-chain identity/reputation)
                     β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                                      β”‚
                     β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
 Rails               β”‚  Cards (VTS/MDES) Β· Stablecoins (x402) Β· Wallets (PayPal/Alipay) Β· A2A/ACH
                     β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

See 00-executive-summary.md for the full landscape map with 16 players Γ— protocol Γ— status Γ— primary rail.

License

This report is authored by the user. The report text may be used under terms they set. Cited source URLs point to their respective copyright holders.