For decades, the payments industry has built trust through rules, networks, and institutions. Every transaction that flows through a card network carries with it layers of authentication, authorisation, and accountability developed over decades of collaboration between banks, card schemes, merchants, and regulators. That foundation is now being tested by a fundamentally new actor: the AI agent. On 5 March 2026, Mastercard and Google jointly launched Verifiable Intent, an open-source, cryptographic trust framework designed to answer one of the most consequential questions in modern commerce, when an AI agent makes a payment on your behalf, how does anyone know you actually authorised it?
The launch is not a minor product update. It represents the payments industry’s most significant structural response yet to the rise of agentic commerce, a world in which AI systems move beyond assisting consumers to independently planning, deciding, and executing purchases on their behalf. As that world arrives faster than most payment businesses anticipated, Verifiable Intent establishes the trust infrastructure that makes it workable, safe, and scalable.
The Problem Verifiable Intent Was Built to Solve
Agentic commerce has moved from science fiction to commercial infrastructure with remarkable speed. AI systems are now capable of receiving high-level instruction, find me the best flight, reorder my monthly supplies, pay this invoice and execute the full sequence of steps required to complete it, including initiating a payment, without returning to the consumer for approval at each stage. This capability is genuinely transformative. It is also, from a payments security perspective, deeply problematic.
The core issue is one of identity and intent. When a human initiates a payment, there is an established chain of signals device fingerprint, behavioural pattern, biometric authentication, card credentials that fraud systems use to assess legitimacy. When an AI agent initiates a payment, it behaves, technically speaking, like a bot. It operates at speed, it follows programmatic patterns, and it does not produce the human behavioural signals that modern fraud detection relies upon. As Gr4vy’s analysis of agentic payments for merchants makes clear, most agent-initiated transactions would, under current systems, be declined because there is no reliable, standardised way to distinguish a legitimate AI agent acting with a consumer’s permission from a malicious automated attack.
Beyond fraud detection, there is a deeper accountability gap. When a payment goes wrong when an agent overspends, transacts with a fraudulent merchant, or executes a purchase the consumer did not intend who is responsible?
The agent platform?
The payment provider?
The merchant?
Without a verifiable record linking the consumer’s identity, their specific instructions, and the resulting transaction into a single tamper-resistant audit trail, dispute resolution becomes nearly impossible. Verifiable Intent was built precisely to close that gap.
What Verifiable Intent Is and How It Works
The Cryptographic Trust Layer Explained
Verifiable Intent is not a new payment protocol. It is a trust layer, a standardised mechanism for creating and preserving cryptographic proof that a consumer authorised a specific action by a specific AI agent, resulting in a specific transaction.
As Mastercard’s official Verifiable Intent documentation explains, the framework creates a tamper-resistant record linking three elements into a single verifiable unit: the consumer’s verified identity, their specific instructions to the AI agent, and the outcome of the transaction.
This record travels with the transaction through the payment ecosystem, providing every participant the issuing bank, the acquiring bank, the merchant, the payment network with cryptographic proof of what was authorised and by whom. Critically, this proof is verifiable after the fact, meaning it can be used to resolve disputes, investigate fraud, and establish accountability in a way that is simply not possible with existing payment infrastructure.
The framework is built on open standards developed by some of the most established bodies in digital security and internet architecture the FIDO Alliance, EMVCo, the Internet Engineering Task Force, and the World Wide Web Consortium. This deliberate grounding in existing, widely adopted standards means Verifiable Intent is designed to work across different agent platforms, wallets, payment networks, and devices, not just within Mastercard’s own ecosystem.
Selective Disclosure and Privacy Protection
One of the most carefully considered aspects of Verifiable Intent’s design is its approach to privacy. Trust and transparency in payments must be balanced against the legitimate right of consumers not to have their transaction data shared beyond what each stage of the process requires. The framework addresses this through Selective Disclosure, a privacy technique that ensures only the minimum necessary information about a transaction is shared with each party, and only when that party genuinely needs it.
As Mastercard’s framework documentation sets out, transaction details can be shared for fraud mitigation or dispute resolution without exposing sensitive consumer information beyond those specific processes. An issuer checking for fraud gets what it needs to make a risk decision. A merchant resolving a dispute gets what it needs to verify authorisation. No party receives more than its role in the transaction requires. This approach ensures that the accountability Verifiable Intent creates does not come at the cost of consumer privacy.
The Ecosystem Behind the Launch
The strategic significance of Verifiable Intent extends well beyond the technical framework itself. What Mastercard and Google have launched is not a proprietary standard but an open-source specification, published on GitHub and at verifiableintent.dev, inviting agent platforms, payment enablers, merchants, and developers across the industry to review, contribute, and build on it.
The framework is aligned with Google’s Agent Payments Protocol (AP2) and Universal Commerce Protocol (UCP), as confirmed by FinTech News Singapore’s coverage of the launch. These protocols govern how AI agents interact with merchants and payment systems, and Verifiable Intent provides the trust layer that makes those interactions verifiable and disputable.
The fact that it is designed to be protocol-agnostic meaning it is not locked to AP2 or UCP but can work across different agentic protocols is a deliberate signal that Mastercard intends Verifiable Intent to become an industry-wide standard rather than a bilateral arrangement.
The partner ecosystem already assembled around Mastercard Agent Pay underscores this ambition. As Mastercard’s agentic commerce strategy overview confirms, the company is actively working with Microsoft to bring Agent Pay to Copilot Checkout, and continues to collaborate with OpenAI, PayPal, and Cloudflare to advance secure, intent-driven agentic commerce solutions. Fiserv has confirmed integration with Mastercard Agent Pay, with its Chief Product Officer for Merchant Solutions describing Verifiable Intent as delivering “a new trust layer that helps merchants secure agent-initiated transactions.” The speed and breadth of this ecosystem assembly reflects an industry recognising that the trust infrastructure for agentic commerce must be settled quickly, before the volume of agent-initiated transactions makes the absence of standards genuinely dangerous.
Europe’s First Live AI Agent Payment Santander and Mastercard
Three days before the Verifiable Intent announcement, a milestone of equal significance was completed quietly in Madrid and London. On 2 March 2026, Banco Santander and Mastercard announced the successful completion of what they described as Europe’s first live end-to-end payment executed by an AI agent within a regulated banking framework.
As confirmed in the official joint press release from Santander and Mastercard, the transaction was carried out in a controlled environment using Mastercard Agent Pay, processed through Santander’s live payments infrastructure to validate the end-to-end operational and control framework under real conditions. The solution enables AI agents to initiate and execute payments on behalf of customers within predefined limits and permissions allowing an AI system to complete a purchase using existing payment networks while maintaining strict standards of security, privacy, and consumer protection. PayOS supported the end-to-end orchestration of the transaction.
The significance of this milestone is not simply that a payment was made by an AI agent. It is that the payment was made by an AI agent within a regulated banking framework meaning it met the compliance, security, and consumer protection standards that regulators require of conventional transactions. Kelly Devine, President of Europe at Mastercard, described the achievement as applying “the same principles that have defined our network for decades security, trust, interoperability and global scale to a new era of AI-enabled commerce.” Santander has confirmed it will now move into extended testing and scaling, exploring additional use cases and partnerships while maintaining strong controls and regulatory alignment.
What This Means for Merchants, Issuers, and Consumers
The launch of Verifiable Intent and the Santander milestone have different but equally important implications for each of the three principal stakeholders in any payment transaction.
For merchants, the most immediate concern is fraud and chargeback liability. As Gr4vy’s merchant guidance on agentic payments makes clear, agentic commerce introduces fraud vectors that existing detection systems were not built to handle. Malicious agents can exploit pricing errors, abuse promotional codes, and attempt unauthorised transactions and traditional fraud models trained on human behavioural signals are poorly equipped to distinguish these from legitimate agent activity. Verifiable Intent provides merchants with the cryptographic proof of authorisation they need to approve agent-initiated transactions with confidence, and the audit trail required to defend against fraudulent chargeback claims.
For issuers, the framework delivers clarity on authentication and dispute resolution. When an agent-initiated payment is disputed, the issuer can now access a verifiable, tamper-resistant record of what the consumer authorised, what the agent was instructed to do, and what transaction resulted. This transforms dispute resolution from a process dependent on partial, contested records into one grounded in cryptographic evidence.
For consumers, Verifiable Intent delivers something that may matter more than any technical feature: confidence. As Mastercard’s framework documentation articulates, consumers in an agentic commerce world want more than efficiency they want accountability and reassurance that they have recourse when an AI agent acts on their behalf. Verifiable Intent is built to deliver exactly that, ensuring that the delegation of purchasing power to an AI agent does not mean surrendering the consumer protections that two decades of digital payment infrastructure have established.
What Payment Businesses Should Do Right Now
For payment businesses at every level of the ecosystem issuers, acquirers, payment service providers, merchants, and platforms the Verifiable Intent launch represents both an opportunity and an obligation to act. The open-source specification is available immediately at verifiableintent.dev and on GitHub, and Mastercard has invited the entire industry to review, contribute, and build on it.
API specifications and developer tools for using Verifiable Intent with Mastercard Agent Pay will be available shortly on Mastercard Developers.
The practical priorities are clear. Payment businesses should begin reviewing the open specification now to understand how Verifiable Intent integrates with their existing infrastructure. Fraud systems should be assessed for their ability to handle agent-initiated transactions as a distinct transaction type applying appropriate risk models rather than defaulting to the human-behavioural baselines that will produce excessive false positives. Permissioning and authentication frameworks need to be evaluated for agentic readiness, ensuring that the chain of authorisation consumer to agent to payment provider to merchant can be established and verified end to end.
More broadly, the launch of Verifiable Intent signals that the standards race for agentic commerce trust infrastructure has begun in earnest. Mastercard and Google have made the first significant move. Other networks, protocols, and platforms will follow. Payment businesses that engage with these standards now contributing to their development, testing their implementation, and building compatible infrastructure will be positioned to shape the outcome. Those that wait will inherit a standard they had no part in defining.
Conclusion
The launch of Verifiable Intent on 5 March 2026 marks a pivotal moment in the history of digital payments. It is the industry’s clearest signal yet that agentic commerce AI agents autonomously initiating and executing transactions on behalf of consumers is no longer a future scenario to be planned for but a present reality to be governed. Mastercard and Google have not simply built a useful tool; they have opened a standards process that will determine who controls the trust layer of the next era of commerce. For payment professionals, the message is unambiguous: the time to engage with agentic payment infrastructure is now, not when the volume of agent-initiated transactions makes the absence of preparation impossible to ignore.
FAQs
1. What is Verifiable Intent in payments?
Verifiable Intent is an open-source, standards-based cryptographic trust framework co-developed by Mastercard and Google, launched on 5 March 2026. It creates a tamper-resistant record linking a consumer’s verified identity, their specific instructions to an AI agent, and the resulting transaction outcome providing cryptographic proof of authorisation that consumers, merchants, and issuers can rely on when AI agents make payments autonomously on a consumer’s behalf.
2. Why was Verifiable Intent needed?
As AI agents begin initiating and executing payments autonomously, a critical trust gap emerged. Existing fraud systems were built around human behavioural signals and cannot reliably distinguish a legitimate AI agent acting with a consumer’s permission from a malicious automated attack. There was also no standardised way to establish accountability or resolve disputes when an agent-initiated payment went wrong. Verifiable Intent was built to close both of these gaps simultaneously.
3. How does Verifiable Intent work technically?
The framework creates a cryptographic audit trail that links three elements into a single tamper-resistant record: the consumer’s verified identity, their specific instructions to the AI agent, and the transaction outcome. This record travels with the transaction through the payment ecosystem, giving every participant issuer, acquirer, merchant, and payment network verifiable proof of what was authorised and by whom. It is built on open standards from the FIDO Alliance, EMVCo, the Internet Engineering Task Force, and the World Wide Web Consortium.
4. What is Selective Disclosure and how does it protect consumer privacy?
Selective Disclosure is a privacy technique used within Verifiable Intent that ensures only the minimum necessary transaction information is shared with each party, and only when that party genuinely requires it. For example, an issuer assessing fraud risk receives the information it needs to make a risk decision, while a merchant resolving a dispute receives proof of authorisation but neither party receives sensitive consumer data beyond what their specific role in the transaction requires.
5. What is Mastercard Agent Pay?
Mastercard Agent Pay is Mastercard’s dedicated infrastructure for enabling secure, scalable, and trusted payments in agentic commerce. It integrates AI agents into the payment flow as visible, governed participants meaning agents are registered, traceable, and governed by network tokens. Verifiable Intent will be integrated directly into Mastercard Agent Pay’s intent APIs in the coming months to support real-world adoption with partners across the ecosystem.
6. What is Google’s role in Verifiable Intent?
Google co-developed Verifiable Intent alongside Mastercard. The framework is aligned with Google’s Agent Payments Protocol (AP2) and Universal Commerce Protocol (UCP), which govern how AI agents interact with merchants and payment systems. Stavan Parikh, Vice President and General Manager of Payments at Google, confirmed that Verifiable Intent is a “natural accelerator for scaling agentic commerce” and is fully compatible with Google’s Agent Payments Protocol.
7. What happened with Santander and Mastercard in March 2026?
On 2 March 2026 three days before the Verifiable Intent announcement Banco Santander and Mastercard completed Europe’s first live end-to-end payment executed by an AI agent within a regulated banking framework. The transaction was carried out using Mastercard Agent Pay, processed through Santander’s live payments infrastructure, with PayOS supporting end-to-end orchestration. It was the first agentic payment to meet the compliance, security, and consumer protection standards required of conventional regulated transactions.
8. Which other companies are part of the Mastercard agentic commerce ecosystem?
Mastercard has assembled a broad ecosystem of partners around Agent Pay and Verifiable Intent. The company is actively working with Microsoft to bring Agent Pay to Copilot Checkout, and continues to collaborate with OpenAI, PayPal, Cloudflare, and Fiserv. The open-source specification has also been published on GitHub and at verifiableintent.dev, inviting the wider industry including agent platforms, payment enablers, merchants, and developers to contribute and build on it.
9. What does Verifiable Intent mean for merchants?
For merchants, Verifiable Intent provides cryptographic proof of consumer authorisation for agent-initiated transactions, enabling them to approve these payments with confidence rather than defaulting to decline. It also provides the audit trail needed to defend against fraudulent chargeback claims. Without a framework like Verifiable Intent, merchants bear significant fraud and chargeback liability for agent-initiated transactions, since existing detection systems were not built to assess automated agent behaviour accurately.
10. How does Verifiable Intent benefit consumers?
Consumers benefit from knowing that when an AI agent acts on their behalf, there is a verifiable, tamper-resistant record of exactly what they authorised. This provides accountability and recourse if a payment goes wrong or an agent oversteps its instructions, the consumer has cryptographic evidence of what they actually authorised. Verifiable Intent ensures that delegating purchasing power to an AI agent does not mean surrendering the consumer protections established by decades of digital payment infrastructure.
11. Is Verifiable Intent specific to Mastercard’s network only?
No. Verifiable Intent is deliberately designed to be protocol-agnostic and network-agnostic. It is built on widely adopted open standards from the FIDO Alliance, EMVCo, IETF, and W3C, and is designed to work across different agentic protocols, wallets, platforms, and payment networks. Mastercard has open-sourced the full specification and reference implementation, inviting the entire payments industry to adopt, contribute to, and build upon the framework.
12. What should payment businesses do in response to the Verifiable Intent launch?
Payment businesses should begin reviewing the open-source specification immediately at verifiableintent.dev. Fraud systems need to be assessed for their ability to handle agent-initiated transactions as a distinct transaction type, separate from human-initiated payments. Permissioning and authentication frameworks should be evaluated for agentic readiness. Most importantly, businesses should recognise that this launch has begun a standards race for the trust infrastructure of agentic commerce; engaging now means shaping the outcome, while waiting means inheriting a standard defined by others.