Google has introduced the Agent Payments Protocol, an open framework designed to enable AI systems to conduct secure financial transactions on behalf of users across multiple platforms and payment methods.
The protocol addresses fundamental trust challenges that arise when autonomous agents initiate purchases without direct human oversight, establishing authentication and accountability mechanisms for AI-driven commerce.
More than 60 organisations are collaborating on the initiative, including major financial services companies such as Mastercard, American Express, PayPal, Coinbase, and Salesforce, alongside technology firms and payment processors.
The system operates through cryptographically-signed digital contracts called “mandates” that serve as verifiable proof of user instructions. These mandates create audit trails for two primary transaction scenarios: real-time purchases where users remain present, and delegated tasks where agents operate autonomously.
For immediate purchases, users provide initial intent instructions that agents capture in mandates, followed by cart approval that generates secure records of exact items and pricing. For autonomous operations, users sign detailed upfront mandates specifying price limits, timing conditions and other parameters that govern agent behaviour.
Stavan Parikh, vice president of payments at Google, and Rao Surapaneni, vice president of business applications platform at Google Cloud, emphasised the protocol’s role in preventing ecosystem fragmentation whilst supporting diverse payment types from traditional cards to cryptocurrencies and real-time bank transfers.
Google has collaborated with Coinbase, Ethereum Foundation and MetaMask to develop the A2A x402 extension specifically for cryptocurrency payments, demonstrating the protocol’s adaptability to emerging financial technologies.
The framework aims to enable advanced commerce applications, including automated price monitoring, personalised merchant offers, and coordinated multi-platform bookings where agents negotiate across different service providers simultaneously.
Alberto Martin, chief product officer at Lightspark, described the protocol as “a big step toward a future where trusted AI agents transact seamlessly on our behalf,” whilst Paolo Fourez, chief digital officer at Mastercard, emphasised the importance of maintaining “trust and safety at the core of every transaction.”
Technical specifications and reference implementations are available through Google’s public GitHub repository, with regular updates planned to incorporate community innovations.
