Trust and Identity Gaps Threaten Agentic Commerce as AI Agents Face Infrastructure Barriers

Why agentic commerce could expose major weaknesses in merchant infrastructure: By Monica Eaton

Earlier this year, Worldpay surveyed 8,000 consumers across eight global markets and asked them a simple question: how comfortable would you feel allowing an AI shopping agent to make purchases on your behalf? The results were striking. Nearly one in three global shoppers said they would trust an agent to manage travel purchases of up to $500. Almost one in four would go up to $1,000. In digital goods and subscriptions, around half said they would trust an agent with purchases up to $50, with strong comfort extending further up the value scale. In retail, 30 to 34% would delegate purchases up to $50, with significant numbers comfortable beyond that. This is mainstream consumer appetite, already formed, for a model of commerce that most merchants have not yet built any infrastructure to support. I have spent more than a decade working in dispute resolution and chargeback prevention. What those Worldpay numbers tell me is that consumers will embrace agentic commerce faster than the payments industry expects and that the gap between consumer readiness and merchant readiness is going to be very expensive for the merchants who fail to close it. The infrastructure that does not exist yet When a consumer delegates a purchase to an AI agent, something fundamental changes about the transaction. The consumer is not present at the moment of execution. They set parameters beforehand, the agent acted within what it understood those parameters to be, and a charge appeared on their statement. If that charge is questioned, the merchant faces a dispute with an entirely new character. The traditional dispute resolution framework rests on one foundational assumption: a human being made a decision. Intent, authorisation, and liability are all determined by reference to what a cardholder chose to do at the point of purchase. In an agentic transaction, none of that applies cleanly. The cardholder did not choose at the point of purchase. They chose earlier, in a different context, with different information. Whether the agent's specific action fell within the scope of that earlier choice is the question. And right now, most merchants have no way of answering it. According to Mastercard's 2025 State of Chargebacks report, global chargeback volume is already forecast to grow 24% between 2025 and 2028, reaching 324 million transactions annually. That projection was made before the current wave of agentic commerce adoption. Visa has now expanded its Agentic Ready program globally. Mastercard and Santander have completed Europe's first live end-to-end AI agent payment within a regulated banking framework. The front end of agentic commerce is being built at speed. The back end, what happens when a dispute arises, when a consumer does not recognise a charge, when an agent acted on ambiguous instructions, is being left for later. And later is not a strategy. The false positive problem nobody is talking about The dispute risk runs in both directions. Much of the industry conversation has focused on what happens when an AI agent makes a purchase a consumer did not want. The reverse problem is equally significant and more immediate: merchants whose fraud systems were built for human behaviour are already blocking legitimate AI agent transactions, misclassifying them as malicious bot activity and declining revenue that should have converted. According to Imperva's 2025 Bad Bot Report, 51% of internet traffic is now generated by bots, of which 37% is considered malicious. Fraud systems calibrated to flag non-human behaviour are operating in an environment where not all non-human behaviour is fraudulent. A legitimate AI agent shopping on behalf of a real consumer looks, at the network level, very similar to a bad actor. If a merchant's system cannot tell the difference, it will decline both. That is lost revenue with no chargeback to show for it, no dispute to flag it, and no signal to prompt a review. What merchants need to build now The answer to both problems is the same: a clear, auditable record of what the agent was authorised to do and what it actually did. This is the consent and permission architecture that agentic transactions require, and it is almost entirely absent from current merchant infrastructure. We address this through its Unified Dispute Management System (UDMS) and ResolveLab, which use AI and machine learning to construct and analyse the evidence trail that agentic transactions generate. Rather than relying on point-of-transaction signals alone, UDMS captures what an agent was authorised to do, the scope and limits of that authorisation, and a timestamped record of each action taken. This gives merchants and financial institutions the visibility needed to classify disputes accurately, defend representments, and recover revenue lost to false declines or unwinnable chargebacks across global markets. Three things merchants should prioritise now. First, establish granular permission frameworks for any AI agent transacting on their platform, documented at the point of delegation, not reconstructed after a dispute. Second, invest in evidence capture infrastructure that logs agent behaviour continuously across the transaction journey. Third, review fraud detection thresholds to account for the behavioural differences between human and agent-initiated transactions. Systems calibrated for human behaviour will generate increasing numbers of false positives as agentic commerce scales. The window is narrowing The Worldpay data shows that consumer trust in AI agents is already at levels that will drive meaningful transaction volume. The card networks are building the rails and the regulatory frameworks are being drafted. What is not yet in place is the dispute and evidence infrastructure that makes agentic commerce sustainable at scale. Merchants who build that infrastructure now will not simply be protecting themselves from disputes. In a channel where AI agents evaluate merchants on the basis of transaction reliability and dispute performance before deciding where to spend, getting this right is a growth strategy. So, the consumers are ready but the question is whether the merchants are.

The Trust Gap Holding Agentic Commerce Back | PYMNTS.com

Experian is moving to fix that. In April, the company announced Agent Trust, a framework that creates a verified link between consumers, their devices and the AI agents acting on their behalf. Visa, Cloudflare and Skyfire are part of the ecosystem. Skyfire CEO Amir Sarhangi told PYMNTS that the identity gap is what the industry needs to solve first. "Identity and trust are what we care the most about because at the end of the day, that's the trust layer that needs to be created between the human, agent and the merchant," he said. How the Stack Works The framework is built around a single problem. The internet was designed for humans, and its security infrastructure treats every non-human as a threat. At the center of Experian Agent Trust is Human-to-Agent Binding, a persistent, verifiable connection between a verified consumer, their device and their AI agent. Experian issues an Agent Trust Token for each interaction, validating identity and transaction fraud risk in real time. An Agent Registry runs alongside it, maintaining a dynamic trust score for each agent based on behavioral signals and transaction history over time. That token travels with the agent. When it reaches the network edge, Cloudflare, which handles roughly 20% of global internet traffic, can inspect the credential and decide whether to grant access. Skyfire, on the other hand, offers what it describes as an open, standardized way to package and exchange agent identity information across platforms, alongside a payment token that works within existing checkout flows. Sarhangi described Skyfire's role as interoperable. "We're not trying to compete with UCP, ACP," he said. "We're just talking about the identity layer and how a payment is made." The Stakes The gap between what agents can do and what they are allowed to complete is costing merchants real transactions. The infrastructure to close it is being assembled in pieces, by competing players, with no agreed finish line in sight. The stakes go beyond individual transactions. Agentic commerce demands approval precision, and network-level trust signals that existing infrastructure was not built to deliver. Tokenization, behavioral context and real-time identity signals are becoming the baseline for any system that wants to function at machine speed. According to the PYMNTS Intelligence report "Agents of Change: How Agentic AI Is Redefining Commerce," the agentic commerce market is projected to reach $1.7 trillion by 2030, but nearly half of consumers still cite fraud and identity concerns. Despite willingness to let AI complete purchases on their behalf, most consumers still harbor concerns about agentic AI controlling commerce, citing fraud from rogue agents, lack of data transparency and difficulty reversing unwanted purchases, the report showed. Just 5% of consumers worldwide reported having no concerns about agentic commerce at all. The PYMNTS Intelligence report "Where Payment Decisions Happen: How Issuer Data Is Powering the Next Era of Commerce" showed that issuer false declines contribute to roughly $430 billion in annual lost sales globally. That figure compounds the agentic commerce problem, as a blocked transaction may never surface to the consumer at all. The frameworks being assembled today will determine which players are positioned to handle that volume when it arrives. For all PYMNTS AI coverage, subscribe to the daily AI Newsletter.

Card Networks Use Trust and Identity to Build Agentic Commerce | PYMNTS.com

How can the payments landscape enable autonomous transactions without undermining trust, governance and accountability? It's a question that payment networks and acquirers are racing to figure out before artificial intelligence agents finish their maturation from digital novelty to foundational commerce infrastructure. "When I speak with the acquirer, I always encourage them to treat agentic-driven eCommerce the same way they treated eCommerce itself or mobile transactions when they came out," Olaseni Alabede, vice president of product at Visa, told PYMNTS. "Essentially, it is just another channel that plugs into their core stack." The transition is less revolutionary than many assume, he said. The underlying payment rails, tokenization systems and orchestration layers largely remain intact. The difference lies upstream, where autonomous agents, not humans, begin initiating transactions. "Instead of a consumer initiating the transaction, as you will with eComm or mobile, an agent will be doing that on behalf of the consumer," Alabede said. "Now that introduces new signals into the system. But all the payment rails, tokenization, orchestration layers, all those don't fundamentally change." Rather than constructing parallel systems for AI commerce, acquirers will likely need to adapt existing fraud, authorization and dispute infrastructure to recognize machine-initiated behavior patterns alongside human ones. See also: Acquirers Say Risk and Readiness Are Slowing Agentic Commerce The Infrastructure Challenge Behind Agentic Commerce While the concept of agentic commerce has generated considerable excitement across the payments ecosystem, the operational reality is forcing acquirers, networks and merchants to rethink the mechanics of identity, authorization and liability before autonomous commerce can scale. "Before building any system, before updating any fraud model or before updating even their dispute processing, the first thing acquirers need to do is really get clear internally on what qualifies as an agent-initiated transaction," Alabede said. That clarity extends beyond simple authentication. Acquirers must determine how agent identity is represented, how intent is documented, and what metadata accompanies autonomous purchases through the transaction lifecycle. The concept Alabede repeatedly returned to was what he called "minimum viable intent," a framework he described as foundational to any scalable agentic commerce environment. "What does that mean?" he asked. "It is being able to ask a couple of questions as an acquirer. Number one, who is the agent? Who authorized the agent to carry out whatever transaction it is carrying out? What is it allowed to do? How is it making the payment? And then lastly, can we trace the agent activity?" Without those controls, he warned, "fraud models would degrade" and "dispute resolution breaks." The emphasis on traceability reflects a broader concern emerging across financial services. Autonomous commerce systems introduce new ambiguity into liability chains that historically centered on identifiable human action. In traditional eCommerce, transaction intent is relatively straightforward. With AI agents, intent becomes delegated, conditional and potentially dynamic. Trust Becomes the Core Payments Product Alabede described future transactions in which consumers provide agents with parameters rather than direct checkout actions. "I tell an agent, 'Buy me a pair of shoes or this gift for my wife within this price range at this merchant,'" he said, adding that capturing those instructions and preserving them as transaction context becomes critical to validating consent later. That architecture places unusual pressure on identity frameworks. In agentic commerce, identity extends beyond verifying the consumer. The agent itself must also be trusted. Industry groups and payment networks are already moving toward those standards. Alabede pointed to initiatives including Visa's own Trusted Agent Protocol, frameworks emerging from the FIDO Alliance, and efforts underway through EMVCo. The common objective is interoperability around agent identity, authorization and transaction accountability. "Trust is the foundation when it comes to agent eCommerce transactions," Alabede said. "Because again, the consumer is not the one initiating the transaction directly. The consumer is delegating to an agent." "The agent needs to be trusted," he added. "Which means that the agent may be registered somewhere by some authority ... You want to avoid scenarios where the consumer says, 'Hey, I asked the agent to do A, and it did B.'" The Standards Race Before the Scale Race That trust challenge is not merely technical. It is behavioral and operational as well. Consumers will need confidence that AI agents act within defined boundaries, merchants will need assurance that autonomous buyers are legitimate, and, ultimately, acquirers and issuers will need visibility into machine behavior patterns that differ from traditional consumer activity. "Once we are all aligned on those basics, then we can start to ask the question around can the identity be trusted, how is the identity represented, how is the consent shared, and how is liability assigned?" Alabede said. At the same time, merchants are beginning to adapt their digital storefronts for machine discoverability as much as human browsing. Alabede referenced Visa Intelligent Commerce Connect, which aims to help merchants surface products more effectively within agent-driven shopping interfaces. Gift purchasing, travel planning, subscription management and other reversible transactions are likely candidates for early adoption. These environments provide enough structure for AI delegation while limiting exposure to complex disputes and regulatory risk. "Agent commerce, in my view, is a marathon. It's not a sprint," Alabede said. "So, it's better to be right and to ... actually cut your teeth with standard use cases -- use cases that are bounded, predictable, and you can trace." For all PYMNTS AI coverage, subscribe to the daily AI Newsletter.