5 hours ago
7
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
- Visa will secure agentic payments in OpenAI systems.
- AI-driven payments are a still-developing security landscape.
- Consumers and businesses alike face potential risks.
Agentic commerce is a rapidly growing frontier of AI for consumers and businesses, reiterated by Google's recent launch of Universal Cart at I/O in May. This week, Visa and OpenAI further solidified that infrastructure -- but how reliable are AI agents when it comes to making purchases?
On Wednesday, the two companies announced a partnership to provide Visa-protected agentic transactions within OpenAI and effectively "bring agentic commerce into the mainstream," as Visa said in its release. Visa's Trusted Agent Protocol, among its other authorization and security layers, will integrate with OpenAI interfaces, like Atlas and ChatGPT Shopping, and allow developers and merchants to accept payments from agents.
(Disclosure: Ziff Davis, ZDNET's parent company, filed an April 2025 lawsuit against OpenAI, alleging it infringed Ziff Davis copyrights in training and operating its AI systems.)
"Transactions operate inside guardrails that the consumer or business sets: spending limits, required approval thresholds, and other permission layers that keep the buyer in command even when an agent is executing the work," Visa explained.
For consumers, this looks like letting agents do your shopping research (complete with pre-set personalizations) and make routine purchases you feel comfortable enough to automate. For merchants, the idea is still that a more seamless buying experience across more AI-powered surfaces, where consumers increasingly are, appeals to new buyers.
Also: How small businesses can survive AI shopping: 7 essential steps
Visa's announcement also mentioned the partnership would apply to "OpenAI's expanding suite of AI-powered products," though it did not specify any involvement with the company's forthcoming "superapp" when ZDNET asked.
"The goal is to make agentic commerce more accessible, trusted, and secure for consumers and businesses worldwide," the company continued, citing its Intelligent Commerce platform as the foundation for the partnership.
A changing, risk-laden landscape
Major financial players embracing agentic commerce isn't new. OpenAI has been developing its agentic commerce arm in earnest since it launched Instant Checkout, which uses the company's Agentic Commerce Protocol, developed with Stripe, to allow merchants to securely approve transactions through ChatGPT.
At the time, ACP was joining Google's Agent Payments Protocol (AP2) and other similar launches that tried to make agentic commerce appear more secure and appealing. Also on Wednesday, Mastercard launched Agent Pay for Machines, which aims to scale and speed up transactions between agents.
Also: I let ChatGPT Atlas do my Walmart shopping for me - here's how the AI browser agent did
Still, many users are understandably skeptical of handing over any part of a purchasing process to AI agents, which have been known to go rogue.
ZDNET asked Visa what it would advise consumers who are nervous about handing payment controls over to an agent, even within Visa's environment, and whether the company has a policy in place for if (or when) an agent bypasses safeguards or initiates an unauthorized transaction.
"Visa's approach to agentic commerce is built around user control, transparency and security," the company said in response. "Transactions operate within user-defined permissions, including spending limits, merchant categories and approval requirements, and use tokenized credentials, real-time authorization and fraud monitoring."
But experts still have concerns.
"Even with strong traditional security controls like tokenization and fraud monitoring, agentic payments introduce new risks that existing systems weren't designed for -- shifting the challenge from authenticating users to governing whether agents act within intent and policy," Geoff Cairns, principal analyst at Forrester, said via email. "For consumers and businesses, the main concerns would be unauthorized or mistaken transactions, liability ambiguity, and fraud that scales faster than traditional dispute processes can respond."
Visa said that for financial institutions and enterprise clients with strict security standards, tracking agent credentials across interactions helps keep them from taking unauthorized action, creating workflow efficiencies without increasing risk.
Beyond that, the usual AI problems also plague agentic commerce. As the Guardian reported last week, AI shopping assistants can surface scam sites as legitimate retailers. Though the payment process itself isn't at fault here, the larger environment of AI-assisted shopping is still grappling with trust holes before a buyer even gets to checkout.
So are agentic payments worth it, at least at this stage?
"The convenience benefits of agentic payments don't inherently increase risk, but they shift authentication from explicit user interaction to continuous, risk-based validation, where delegated authorization and 'on behalf of' controls become central to trust," Cairns explained. "This is a technical area that is still evolving."
English (US) ·