Definition
Agent Payments Protocol (AP2) is an open protocol for agent-led commerce. It was announced by Google on September 16, 2025, and is designed to let AI agents securely initiate and complete payments across platforms. AP2 is positioned as an extension to Agent2Agent (A2A) and works alongside Model Context Protocol (MCP), adding a payment layer for situations where an agent acts on a user’s behalf.
The protocol exists because conventional digital payments assume a human is directly clicking through a checkout flow. AP2 addresses the questions that arise when an autonomous agent is involved: how to verify user authorization, how to confirm that the agent reflects the user’s actual intent, and how to establish accountability if something goes wrong. The spec centers on cryptographically signed verifiable digital credentials, including Intent Mandates, Cart Mandates, and Payment Mandates, to create an auditable record of authorization and transaction context.
For marketing, AP2 matters because it points to a commerce environment where AI agents can become a new acquisition, conversion, and service channel. If customers use agents to research products, compare options, assemble carts, and complete purchases, marketers will need product data, offers, merchant endpoints, and consent flows that work in an agent-mediated journey rather than only in human-operated web and app experiences. That implication follows directly from AP2’s goal of enabling interoperable AI-driven commerce and from the spec’s description of agents managing product research, bundling, and purchasing across merchants.
How to calculate it
AP2 is a protocol, not a metric, so there is no standard formula to calculate it.
What organizations can measure instead are implementation and business outcomes around AP2-enabled commerce, such as agent-assisted conversion rate, mandate completion rate, payment authorization rate, dispute rate, step-up challenge rate, and revenue from agent-originated transactions. Those are operational KPIs built around AP2, not calculations of AP2 itself.
How to utilize it
Organizations would typically use AP2 when they want AI agents to participate in commerce without leaving trust, liability, and authorization to guesswork. In the current design, AP2 defines roles such as the user, user or shopping agent, credentials provider, merchant endpoint, merchant payment processor, and the network or issuer. It also distinguishes between human-present and human-not-present patterns, although the public roadmap shows the initial version is focused first on human-present scenarios and common pull payment methods such as cards.
Common use cases include agent-assisted retail checkout, comparison shopping, cart creation, price- or condition-based purchasing, and other delegated purchase flows where the merchant and payment ecosystem need verifiable proof of what the user approved. PayPal’s description of AP2 also highlights both real-time transactions and delayed transactions executed under pre-approved conditions.
For marketers, practical utilization falls into a few areas:
- preparing product, pricing, and offer data so merchant endpoints or merchant agents can present accurate information to shopping agents
- designing consent and checkout moments that clearly capture user intent
- aligning loyalty, promotions, and merchandising rules with agent-mediated shopping flows
- coordinating with commerce, payments, legal, and security teams on dispute handling, auditability, and data governance
- planning for agent-originated traffic and orders as a distinct acquisition and conversion source
Comparison to similar approaches
| Approach | Primary role | How it differs from AP2 |
|---|---|---|
| AP2 | Standardizes secure, auditable, agent-initiated payments using signed mandates and a role-based payments architecture. | It is the payment and trust layer for agent commerce. |
| A2A | Standardizes communication and collaboration between AI agents. | A2A handles agent-to-agent interaction broadly; AP2 adds the payment-specific authorization and accountability layer. |
| MCP | Standardizes how AI applications connect to tools, resources, prompts, and external systems. | MCP is about agent-to-tool and context integration; AP2 is about payment execution and trust in commerce scenarios. |
| x402 | Supports machine-native payments over HTTP and is described by AP2 documentation as complementary to AP2. | x402 is a payment method or mechanism AP2 can support; AP2 provides the broader interoperable trust framework around the transaction. |
Best practices
AP2 documentation emphasizes a set of practices that translate well into implementation guidance:
- Keep the user as the ultimate authority. The protocol is built around explicit, scoped authorization rather than inferred intent.
- Treat privacy as a design requirement. AP2’s role-based architecture is intended to limit unnecessary exposure of PCI and personal data.
- Use deterministic proof, not probabilistic interpretation, for payment authorization. In other words, do not let a model’s best guess impersonate consent. That tends to age poorly.
- Build for auditability and dispute resolution from the start, since accountability is one of AP2’s core goals.
- Start with bounded, human-present scenarios and trusted allowlists before expanding to broader delegated commerce. The public roadmap and trust model both point in that direction.
- Design commerce content and merchant endpoints for machine readability as well as human usability, since agents need to discover products, negotiate carts, and pass structured transaction context.
Future trends
The public AP2 roadmap shows an incremental path. Version 0.1 focuses on pull payments, human-present scenarios, and reference implementations. Future versions are expected to expand support to push payments, e-wallets, recurring payments, subscriptions, and human-not-present transactions. The longer-term vision also includes multi-merchant transaction topologies and real-time negotiation between buyer and seller agents.
For marketers, that suggests a gradual shift from optimizing only for human clicks and sessions toward optimizing for agent-mediated intent. As these standards mature, product discovery, comparison, offer eligibility, consent capture, and checkout orchestration may increasingly need to work across human and agent channels at the same time. The likely result is that structured commerce data, trustworthy merchant identity, and interoperable payment flows become more important parts of marketing operations. That is an inference from the published roadmap and architecture, but it is a fairly direct one.
Related Terms
- Agentic Commerce
- Agent2Agent (A2A)
- Model Context Protocol (MCP)
- Verifiable Digital Credentials (VDCs)
- Intent Mandate
- Cart Mandate
- Payment Mandate
- Credentials Provider
- Human-present transaction
- x402