Visa and Mastercard have both launched frameworks for AI agents to make purchases autonomously. Here is what UK merchants need to understand before this reaches their checkout.
Somewhere right now, a piece of software is browsing the internet, comparing prices, selecting a product, and completing a purchase. No human clicked anything. No card was physically presented. No one typed a password.
This is not a future scenario. It is happening in 2025, and the two largest card networks in the world have both launched formal frameworks to govern it.
Visa calls theirs the Intelligent Commerce initiative, anchored by a protocol named TAP (Token-based Agent Payments). Mastercard's equivalent is Agent Pay, announced in April 2025 as part of its broader Agentic Payments Programme. Between them, these two frameworks represent the most significant structural change to how card payments are authorised since the introduction of contactless technology.
If you run a business in the UK that accepts card payments online, this will touch you. The question is whether you will be ready when it does.
An AI agent is a software system that can pursue goals autonomously. Unlike a chatbot that answers questions, an agent takes actions. It can browse websites, fill forms, make decisions based on preferences it has been given, and interact with external services, all without a human directing each step.
The practical uses are already emerging. A consumer might instruct an AI assistant to book the cheapest available train to Edinburgh next Friday and arrange accommodation under £120 per night. The agent searches, compares, selects, and books. The human simply receives a confirmation.
For this to work commercially, the agent needs payment capability. And that is where the existing payment infrastructure hits an immediate problem.
Card payments were designed around human behaviour. The authorisation flow assumes a cardholder who can respond to a 3D Secure challenge, read a one-time passcode, and confirm a transaction in real time. An AI agent cannot do any of those things. It operates asynchronously, often running in the background while the human is doing something else entirely.
Visa and Mastercard have both recognised that forcing AI agents through the existing human authentication stack would either break the agent's functionality or, more dangerously, encourage workarounds that bypass security entirely. Both frameworks are attempts to build a proper, secure, and auditable payment layer for the agentic era before those workarounds become normalised.
Visa's TAP protocol, introduced under its Intelligent Commerce initiative in early 2025, works by issuing tokenised payment credentials directly to AI agents. These are not simply stored card numbers. They are purpose-built digital identities tied to specific agents and governed by programmable spending parameters set in advance by the human account holder.
Think of it as a highly intelligent, scoped authority. A consumer might configure their AI agent with a monthly grocery budget of £400, permission to shop from a defined list of approved merchants, and a single-transaction limit of £80. The agent can operate freely within those constraints. Any transaction that falls outside them triggers a human review or is declined automatically.
The tokenisation approach is deliberate. Rather than exposing a consumer's actual card credentials to an AI system, which would create significant liability and fraud risk, Visa creates a separate, revocable token. If the agent is compromised or the consumer changes their mind, the token is cancelled without affecting the underlying account.
Visa has partnered with a number of AI platform developers to pilot TAP, including integrations with major AI assistant frameworks. The company has described TAP as designed to be interoperable, meaning it can function across different AI systems and merchant environments rather than being locked to any single technology stack.
Mastercard's Agent Pay, announced in April 2025, shares the same fundamental problem it is trying to solve but approaches it with a distinct emphasis on identity verification for the agent itself.
The Mastercard framework introduces what it describes as a verification layer for AI agents before any payment is authorised. The core question Agent Pay asks at the point of transaction is not just whether the payment credentials are valid, but whether the agent initiating the transaction is a known, trusted, and appropriately scoped entity.
Mastercard has partnered with Microsoft for an early integration, connecting Agent Pay with Microsoft's Copilot and broader agentic infrastructure. The company has also engaged with a range of fintech and digital commerce platforms to develop the merchant-side implementation.
A key component is what Mastercard describes as agent authentication, a process by which the AI agent presents verifiable information about its identity, the human principal who authorised it, and the scope of its mandate. This information travels alongside the payment authorisation request, giving the merchant and the issuing bank additional signals to assess the legitimacy of the transaction.
For fraud prevention, this matters enormously. One of the most significant risks in agentic payments is what security researchers call agent hijacking, where a malicious third party intercepts or manipulates an AI agent's instructions mid-task. If an agent can be persuaded by a compromised website to redirect a payment to a fraudulent account, the consequences scale fast. Mastercard's identity-first approach is designed to make those interception attacks detectable.
Both frameworks are genuine steps forward. But merchants and payment professionals should not read the announcements from Visa and Mastercard as solved problems. They are the beginning of a response, not the conclusion.
Agentic payments introduce fraud vectors that the Payment Systems Regulator and the Financial Conduct Authority have not yet formally addressed in guidance. The current Authorised Push Payment fraud reimbursement rules, which came into force under the PSR's mandatory scheme in October 2024, were written with human decision-making in mind. What happens to liability allocation when an AI agent authorises a payment that turns out to be fraudulent? The consumer did not click approve. The agent did. The rulebook does not yet have a clear answer.
There is also the question of merchant liability under 3D Secure and the existing Strong Customer Authentication requirements under PSD2, which the UK retained post-Brexit in its own regulatory framework. SCA was built to verify that a human cardholder is present and consenting. Agentic payments structurally challenge that assumption. The FCA will need to provide clarity, and UK merchants should expect a period of regulatory ambiguity before that clarity arrives.
This is not a reason to panic. It is a reason to pay close attention.
Agentic payments are not yet widespread in the UK consumer market. They are currently most active in the United States, where both Visa and Mastercard are running pilots with select partners. UK rollout timelines have not been formally published by either network.
However, the trajectory is clear. AI assistants with shopping capability, including Google's Gemini integrations, Amazon's Rufus agent, and Apple Intelligence features, are already in the hands of tens of millions of consumers. The payment layer will follow demand. UK merchants who sell online should expect to see agentic-initiated transactions within their checkout flows within the next 12 to 24 months, possibly sooner for those in travel, subscription services, and consumer electronics.
Here is what you should be doing now:
Audit your checkout friction. Agentic payment systems will struggle with checkouts that require human-specific inputs: captchas, SMS one-time passcodes sent to a consumer's phone, or multi-step authentication flows that assume a person is actively present. If your checkout is already difficult for humans, it will be invisible to agents.
Talk to your payment provider about tokenisation support. Both Visa TAP and Mastercard Agent Pay are built on tokenisation infrastructure. If your current payment stack does not support network tokens, that is a conversation to have now rather than when agent-initiated transactions start hitting your authorisation rate.
Review your fraud rules for non-human behaviour patterns. Many fraud detection systems flag unusual behaviour based on speed, navigation patterns, and device signals. An AI agent shopping on behalf of a customer may trigger those rules incorrectly. Working with your payments partner to create appropriate exceptions, without creating exploitable gaps, is a nuanced but necessary piece of work.
Watch the PSR and FCA closely. Both bodies are active in monitoring payment innovation. The PSR's work on APP fraud liability and the FCA's ongoing engagement with the fintech sandbox mean that regulatory guidance on agentic payments is coming. Subscribe to PSR consultation publications and FCA policy statements if you do not already.
The shift to agentic commerce is not a marginal development. It is a structural change in who, or what, is the customer at the point of purchase.
For decades, payment networks have optimised for the human experience: the tap, the chip, the biometric unlock, the one-click checkout. All of that infrastructure assumed a conscious human being at the moment of transaction. Visa TAP and Mastercard Agent Pay are the first formal acknowledgement from the networks themselves that this assumption no longer holds universally.
The merchants who will benefit are those who treat this as an infrastructure question, not a marketing curiosity. Getting your tokenisation right, your checkout flow clean, and your fraud rules calibrated is unglamorous work. But it is exactly the kind of work that separates businesses that capture the next wave of commerce from those that find themselves unable to accept the customers, or the agents, who come looking.
The checkout is being rewritten. The question for UK merchants is simple: will your systems be ready to meet it?
Klipy UK publishes analysis of payment industry developments every Wednesday. If you found this useful, subscribe to the weekly digest for merchants who want to stay ahead of what is coming.
Sources
Disclaimer
The views and information shared in this post are for educational and informational purposes only and do not constitute financial, legal, or professional advice. While every effort is made to ensure accuracy, Klipy UK Limited accepts no liability for decisions made based on this content. Payment processing rates, regulations, and product features referenced are subject to change. Klipy UK is an authorised seller of Teya payment solutions. Where third-party sources are cited, links are provided for reference; Klipy UK does not endorse or guarantee the accuracy of external content. For personalised guidance on your business payment needs, please contact us directly at editor@klipy.uk.
Found this helpful? Share with your network:
This content is published by Klipy UK, a Teya-authorised reseller of payment solutions. The views expressed are for informational purposes only and do not constitute financial advice. All content is the intellectual property of Klipy UK. Reproduction without permission is prohibited.
See exactly how much you could save. Upload your statement or enter your monthly turnover-instant results, no obligation.
Try Calculator